Privacy Policy

What we collect

When you install ShelfMerge we collect: your Shopify shop domain, the OAuth access token Shopify issues to us, product catalog data we read to find duplicates (titles, tags, vendor, SKU, barcode, image URLs), and merge history (which products you merged and when). We collect your email when you create a ShelfMerge account so we can email you about scan results and account changes.

How we use it

We use catalog data only to detect duplicates and present them to you for review. We never sell or rent your data. We do not share your catalog with any third party except Supabase (our hosting provider) and Shopify (when you confirm a merge). We send transactional email through SendGrid.

GDPR / data deletion

ShelfMerge implements Shopify's mandatory GDPR webhooks:customers/data_request, customers/redact, and shop/redact. When you uninstall ShelfMerge from your Shopify admin, we schedule deletion of your catalog data within 30 days and respond to redaction webhooks within 48 hours.

How to reach us

For privacy questions, email privacy@shelfmerge.com. Mailing address: Prompt Critical, LLC, PO Box 524133, Bronx, NY 10452.

Independence from Shopify

ShelfMerge is an independent app and is not endorsed by, sponsored by, or affiliated with Shopify Inc.