Aganim AI Privacy Policy

Effective Date: March 28, 2026

1. Introduction

Aganim AI ("we", "us", "the App") provides AI-driven product localization, copywriting, SEO optimization, competitive pricing intelligence, marketing content generation, image refinement, and brand identity analysis for Shopify merchants expanding into global markets. This Privacy Policy explains what data we access, what we store, how we use it, and how we delete it.

2. Shopify permissions (API scopes)

When you install the App, we request the following Shopify API scopes:

  • read_products, write_products — Read product content; write localized titles, descriptions, SEO fields, and media
  • read_locales — Detect your store's published locales/markets
  • read_translations, write_translations — Read and write per-locale translations for products
  • read_files — Read media files (product images) for AI refinement
  • read_content, write_content — Create blog articles, collections, and content pages on your behalf

We use these scopes to read product content and shop locales, generate localized copy, create marketing content (blogs, collections), upload refined product images, and write updates/translations back to your Shopify store at your request.

3. Data we collect and store

We store only data needed to operate the App, authenticate requests, enforce usage limits, and support billing.

  • Merchant / Shop data (stored)
    • Shop domain (e.g., your-store.myshopify.com)
    • App plan information and usage counters (e.g., monthly rewrites, missions, image credits)
    • Shopify Admin access token for your shop (used to write translations/content back to Shopify)
    • Merchant email (optional, if provided during onboarding/billing)
  • Brand Soul data (stored)
    • Brand context text, pillars, and strategic intelligence (archetype, tone guardrails, power words, value propositions) generated by AI from merchant-provided URLs, text, or uploaded files
    • Brand logo URL (if uploaded by the merchant)
    • RAG (Retrieval-Augmented Generation) vector embeddings of brand context chunks, stored in our database for context retrieval during content generation
  • Mission data (stored)
    • Mission pipeline state, agent outputs, and product context for active and recent AI missions (multi-agent workflows)
    • User corrections and feedback submitted during mission execution, stored with embeddings for future content improvement
  • Meta integration credentials (stored, Pro plan)
    • Meta (Facebook/Instagram) Page access token and Page ID, if provided by the merchant for autonomous ad publishing
  • App session data (stored)
    • Shopify session records used to keep the embedded admin app authenticated (access token, scopes, expiry)
    • Shopify may include optional user profile fields for merchant/staff accounts (e.g., email, first/last name); if present, these may be stored as part of session storage.
  • Logs (stored)
    • Operational logs for troubleshooting and security auditing, including GDPR webhook audit logs (topic, shop domain, webhook id). Logs never contain access tokens, API keys, or customer personal data.

4. Data we process but do not store in our database

  • Product data (processed): product titles, descriptions, product type/category, tags, images, and localization settings are processed to generate rewritten/localized content. This content is typically fetched from Shopify, processed, and then written back into Shopify as product updates/translations.
  • Product images (processed): product images may be downloaded temporarily for AI background removal and refinement. Refined images are uploaded to Cloudflare R2 (temporary storage) and then published to your Shopify media library. Original images are never deleted or replaced.
  • Competitor data (processed): for SEO optimization and price scouting features, we fetch publicly available Google Search results and Google Shopping listings. This data is used in-session to inform content generation and pricing recommendations and is not persisted in our database.
  • Marketing outputs (stored in Shopify, not our DB): some generated marketing artifacts (social hooks, campaign captions) may be saved as Shopify metafields on your products to cache results and reduce repeated generation.
  • Blog articles and collections (created in Shopify): content templates (blog posts, hero sections, FAQs, collection descriptions) are published directly to your Shopify store. We do not retain copies in our database.

5. Customer personal data

We do not build the App to store customer personal information (such as customer names, addresses, or payment details) in our databases.

Shopify may send customer-related information in mandatory compliance webhooks (see Section 8). We use these requests only to fulfill compliance obligations and do not persist customer personal data from those requests in our database.

6. Use of AI and third-party processors

We use third-party services to power the App's AI features:

  • OpenAI (GPT-4o, GPT-4o-mini): product copy generation, SEO metadata, marketing content, brand intelligence extraction, pricing recommendations, and content templates.
  • fal.ai (Flux models): AI image generation for product refinement, marketing ad banners, and hero images.
  • SerpAPI: Google Search and Google Shopping data retrieval for SEO competitor analysis and pricing intelligence.
  • Cloudflare R2: temporary storage of generated images before they are published to your Shopify media library.
  • Amazon SES: transactional emails (welcome, plan upgrades, support communications).
  • Meta Graph API (Pro plan, optional): if you connect your Meta account, we use the Meta Graph API to publish ad content to your Facebook/Instagram page on your behalf.

Data sent to AI processors is used solely to generate outputs you request. We do not use your store data to train our own models. Third-party AI providers process data under their own terms and data processing agreements.

7. Image data handling

When you use Image Refinement or Visual Marketing features:

  • Your product image is downloaded from Shopify and processed through our background-removal pipeline (rembg, running on our servers).
  • The isolated product image is sent to fal.ai for AI-powered background regeneration or ad banner generation.
  • Generated images are temporarily stored on Cloudflare R2 and then uploaded to your Shopify product media library or Shopify Files.
  • Your original product images are never modified or deleted.
  • Image processing uses your plan's monthly image credits. No images are stored beyond what is published to your Shopify store.

8. GDPR / Shopify mandatory privacy webhooks

We support Shopify's mandatory data protection webhooks:

  • customers/data_request — We acknowledge the request. We do not store customer personal data, so there is no customer data to export.
  • customers/redact — We acknowledge the request. We do not store customer-linked records, so no deletion is necessary.
  • shop/redact — We delete all merchant-related records for the shop from our backend database, including authentication tokens, usage records, brand context, mission data, and billing linkage.

We verify webhook authenticity using the X-Shopify-Hmac-Sha256 header (HMAC SHA-256 computed over the raw request body) before processing. All compliance webhook events are logged to a dedicated security audit log.

9. Data retention and deletion

  • Upon shop/redact, we delete merchant-related records for that shop from our backend systems after receiving the webhook (Shopify typically triggers this within 48 hours after uninstall).
  • Brand Soul data (brand context, strategic intelligence, RAG embeddings) is deleted as part of the shop/redact process.
  • Mission history and agent correction data is deleted as part of the shop/redact process.
  • Temporarily stored images on Cloudflare R2 are not linked to merchant identity and expire automatically.
  • Security/audit logs may be retained for a limited period for App Store review and security auditing.

10. Sharing and disclosures

We share data only with:

  • Shopify (authentication, billing, APIs for reading/writing product content, translations, media, blogs, and collections)
  • OpenAI (AI text generation for rewrites, SEO, marketing, and brand analysis)
  • fal.ai (AI image generation and refinement)
  • SerpAPI (Google Search/Shopping data for SEO and pricing features)
  • Cloudflare (R2 object storage for temporary image hosting)
  • Amazon Web Services (SES for transactional email delivery)
  • Meta Platforms (only if you connect your Meta account for autonomous ad publishing)
  • Infrastructure providers (Render for hosting, PostgreSQL for database)

We do not sell your data to third parties.

Fair Use Policy

1. Purpose and Scope

To ensure consistent performance and priority access for all merchants, Aganim AI employs a Fair Use Policy. Each plan includes specific resource allocations. Features labelled "Unlimited" (such as product rewrites on Standard and Pro plans) are intended for the normal business operations of a single Shopify store.

2. Plan Limits

Resource allocations vary by plan. The following limits are enforced by the App and reset on a 30-day rolling billing cycle unless otherwise noted:

  • Free: 10 product rewrites (lifetime, non-renewing), 3 missions (lifetime), 5 image credits (lifetime). Access expires after a 7-day trial window.
  • Basic ($29/month): 50 product rewrites per month, 1 mission per month. No image generation or SEO features.
  • Standard ($79/month): Unlimited product rewrites, 3 missions per month. Full SEO and pricing intelligence. No image generation.
  • Pro ($199/month): Unlimited product rewrites, unlimited missions, 150 image credits per month. Full feature access including autonomous publishing, bulk upload (up to 10 products per batch), multi-locale generation, and Meta integration.

3. What "Unlimited" Means

"Unlimited" product rewrites and missions (on applicable plans) are subject to the condition that your usage reflects normal merchant activity and does not significantly exceed the patterns of other merchants on the same tier. Prohibited usage includes:

  • Automated Scripting: Using third-party scripts, bots, browser automation, or API scrapers to trigger mass-generation beyond what a merchant would do manually in the normal course of managing their store.
  • Excessive AI Cost: Generating content at a rate or volume that causes the AI processing cost for your store to significantly exceed the value of your monthly subscription.
  • Multi-Store Abuse: Using a single subscription to serve multiple Shopify stores, or reselling generated content to third parties.

4. Monitoring and Intervention

We track monthly AI processing cost per store purely for cost-stability and system integrity. This data is never shared with merchants or third parties. If your store's usage is flagged as extraordinary, we may take one or more of the following actions:

  • Model Adjustment: Temporarily route your AI requests to a faster, cost-efficient model (e.g., GPT-4o-mini instead of GPT-4o) for the remainder of the billing cycle. Output quality remains high; response times may improve.
  • Account Review: Contact you via email to discuss your usage and, if appropriate, offer a custom Enterprise tier tailored to your volume.
  • Suspension: In cases of clear automated abuse, we reserve the right to suspend generation access immediately to protect platform stability for all merchants. Access to existing Shopify data is never affected.

5. Image Credit Policy

Image credits (used for product refinement, ad generation, and hero banners) are a metered resource:

  • Free plan: 5 lifetime credits (non-renewing).
  • Pro plan: 150 credits per month, resetting on your billing date.
  • Basic and Standard plans do not include image credits.
  • Each image operation (refinement, ad, or hero) consumes 1 credit.
  • Unused credits do not carry over to the next billing cycle.

6. Billing Cycle and Resets

Paid plans operate on a 30-day rolling billing cycle starting from your subscription date. Monthly product rewrites, mission credits, and image credits reset automatically at the start of each new cycle. If you upgrade mid-cycle, limits are reset immediately. If you downgrade, the change takes effect at the end of your current billing cycle (grace period).

7. Our Commitment

We will never block a merchant for selling too much or growing too fast. If you are a high-volume merchant experiencing genuine growth, we will work with you to ensure your service remains uninterrupted. Our goal is to help you scale globally, not to penalize success.

11. Contact

For privacy inquiries or deletion requests, contact: support@aganim.com