Privacy Policy
Last updated: May 19, 2026 · xGeo: AI Product & LLM SEO AEO by Comercio Services
This Privacy Policy describes how Comercio Services (“we”, “our”, or “us”) collects, uses, and protects information when you install or use the xGeo: AI Product & LLM SEO AEO Shopify application (the “App”). By installing the App, you agree to this Policy.
1. Information we collect
From the merchant (you)
When you install the App, Shopify provides us with limited information about your store so the App can function. This includes:
- Shop domain (e.g. your-store.myshopify.com)
- Shop owner email and name (provided by Shopify)
- OAuth access token used to call Shopify APIs on your behalf
- Granted API scopes
From your storefront / catalog
The App reads and writes the following resources via Shopify’s Admin GraphQL API in order to provide its features:
- Products and their metadata (to link TL;DR content)
- Articles, Blog post, and pages (for content publishing)
- Metaobjects and metafields owned by the App
- Files / images you upload via the App
From your storefront visitors
The App does not collect personal information from your customers. We do not place cookies on your storefront, do not track visitors, and do not process customer profiles or order history.
2. How we use information
- To authenticate API requests made to your Shopify store
- To create, update, and delete the App’s content (metaobjects, metafields, and linked products/articles)
- To respond to support requests you send us
- To comply with legal obligations
We do not sell, rent, or share your data with third parties for advertising or marketing.
3. Where data is stored
OAuth session records (shop domain, access token, scopes) are stored in our application database. App content (such as TL;DR entries) is primarily stored inside your Shopify store as Shopify metaobjects and metafields and remains under your control.
4. Data retention
We retain the OAuth session record for as long as the App is installed. When you uninstall the App, Shopify sends an app/uninstalledwebhook and we delete the corresponding session record. Forty-eight (48) hours after uninstall, Shopify sends a shop/redactwebhook; on receipt we ensure all data associated with the shop has been removed from our systems. Content stored inside your Shopify store (metaobjects, metafields, files) remains in your store until you choose to delete it.
5. GDPR mandatory webhooks
The App implements the three GDPR webhooks required by Shopify:
customers/data_request— Acknowledged. The App does not store customer personal data, so there is no data to return.customers/redact— Acknowledged. The App does not store customer personal data, so no deletion is required.shop/redact— On receipt we delete all data associated with the shop from our systems.
6. Your rights
Depending on where you reside (e.g., the EU/UK under GDPR, California under CCPA/CPRA), you may have the right to access, correct, export, or delete personal information we hold about you, and to object to or restrict certain processing. To exercise these rights, contact us at the address below.
7. Security
We use industry-standard measures to protect data in transit and at rest, including HTTPS for all communication with Shopify, encrypted storage of OAuth tokens, and verified HMAC signatures on incoming Shopify webhooks. No system is perfectly secure; we cannot guarantee absolute security.
8. Sub-processors
The App is hosted on a cloud infrastructure provider and uses Shopify APIs to operate. We do not share your data with any other third parties.
9. Changes to this Policy
We may update this Policy from time to time. Material changes will be communicated by updating the “Last updated” date at the top of this page, and where appropriate by notifying you within the App. Continued use of the App after changes take effect constitutes acceptance of the updated Policy.
10. Contact us
For privacy questions or to exercise your rights, please contact:
- Comercio Services
- Nha Trang, VN
- Email: servicescomercio@gmail.com
- Website: https://apps.shopify.com/partners/comercio-services
© 2026 Comercio Services. All rights reserved.