Privacy Policy

Effective Date: March 6, 2026 | Last Updated: March 6, 2026

Guidecom Inc ("Guidecom," "we," "us," or "our") operates the Guidecom platform, a Shopify application that enables merchants to embed guided product configuration widgets on their online stores. This Privacy Policy describes how we collect, use, store, and protect information when you use our services.

This policy applies to two categories of users: Merchants (Shopify store owners who install and use our app) and Shoppers (customers who interact with the Guidecom widget on a merchant's storefront).

1. Information We Collect

1.1 Information from Merchants

When you install and use the Guidecom app, we collect:

Account information: Store name, contact email address, and Shopify domain (e.g., yourstore.myshopify.com).
User credentials: Email address and password (passwords are hashed using bcrypt and never stored in plain text).
Shopify access tokens: OAuth access tokens required to communicate with the Shopify Admin API on your behalf.
Product catalog data: Product titles, descriptions, prices, images, inventory levels, tags, variants, and metafields synced from your Shopify store.
Collection data: Shopify collection titles, types, and associated products.
Order financial data: Order totals, subtotals, tax amounts, currency, financial status, and fulfillment status. We do not collect customer names, email addresses, shipping addresses, or payment information from orders.
App configuration: Widget settings, product categories, compatibility rules, and categorization rules you create within the platform.
Billing information: Subscription plan and billing status, processed exclusively through the Shopify Billing API. We do not collect or store your payment method details.

1.2 Information from Shoppers

When shoppers interact with the Guidecom widget on a merchant's storefront, we collect limited, non-personally-identifiable information:

Configuration session data: Product selections, step progress, and cart totals within the widget. Sessions are identified by a randomly generated token (e.g., gcp_[timestamp]_[random]) and are not linked to any personal identity.
Widget interaction events: Actions such as opening the widget, viewing steps, selecting or deselecting products, applying filters, completing a configuration, and adding items to cart. These events include timestamps and product identifiers but no personal information.
Shopify cart token: When a shopper adds products to their Shopify cart through the widget, Shopify returns a cart token. We store this token to attribute subsequent orders to widget sessions for the merchant's analytics.
IP address (transient only): We process IP addresses solely for rate limiting to protect against abuse. IP addresses are stored in memory (Redis) with a maximum lifetime of one minute and are never written to our database.

1.3 Information We Do Not Collect

We want to be explicit about data we do not collect from shoppers:

Names, email addresses, phone numbers, or mailing addresses
Payment or credit card information
Precise geolocation data
Device fingerprints or cross-site tracking identifiers
Browsing history outside of widget interactions
Social media profiles or identifiers

2. How We Use Information

2.1 Merchant Data

Providing the service: Syncing your product catalog, evaluating compatibility rules, displaying the widget on your storefront, and processing billing.
Analytics: Generating usage reports including configuration completions, conversion rates, and revenue attribution.
Account management: Authenticating your access, managing team members, and communicating service updates.

2.2 Shopper Data

Widget functionality: Persisting configuration sessions so shoppers can resume their product selection if they navigate away.
Merchant analytics: Providing merchants with aggregated, non-identifying analytics about widget usage and conversion rates.
Revenue attribution: Linking Shopify cart tokens to widget sessions so merchants can measure the revenue impact of their guided commerce experience.
Rate limiting: Preventing abuse of our API endpoints.

3. Cookies and Local Storage

3.1 Merchant Dashboard

When merchants use the Guidecom dashboard, we set the following cookies:

Session cookie (__Secure-next-auth.session-token): An encrypted JWT containing your user ID, email, name, retailer ID, and role. Expires after 30 days. HttpOnly, Secure, SameSite=None.
CSRF token (__Host-next-auth.csrf-token): Protects against cross-site request forgery. HttpOnly, Secure.

3.2 Shopper Widget

The widget does not set any cookies on shoppers' browsers. It uses a single localStorage entry:

Session token (gcp_session_[retailerId]): Stores an opaque session identifier so shoppers can resume their configuration if they navigate away. This is automatically cleared when the shopper adds items to their cart, and can be cleared by the shopper at any time by clearing their browser storage.

The widget also sets a Shopify cart attribute (_gcp_bundle) on the shopper's Shopify cart when items are added. This attribute is stored by Shopify (not by Guidecom) and is used by the discount function to validate bundle eligibility.

4. Data Sharing and Third-Party Services

We do not sell, rent, or trade your information to third parties. We share data only with the following service providers who process data on our behalf:

Service	Purpose	Data Processed
Vercel	Application hosting and CDN	HTTP request logs (IP addresses, request paths, user agents)
Supabase	PostgreSQL database hosting	All persistent application data (encrypted at rest)
Upstash	Redis for rate limiting	IP addresses and request counters (transient, 1-minute lifetime)
Shopify	E-commerce platform integration	Product data, order data, billing, OAuth authentication

We do not use any third-party analytics services, advertising networks, or tracking pixels. All analytics are first-party and stored in our own database.

5. Data Retention

5.1 Analytics Data

Widget analytics events are retained based on the merchant's subscription plan:

Standard plan: 30 days
Pro plan: 90 days
Enterprise plan: 365 days

5.2 Configuration Sessions

Widget configuration sessions are available for restoration for 7 days. Session records are retained for analytics purposes within the plan's retention period.

5.3 Account Data

Merchant account data is retained for the duration of the subscription. Upon app uninstallation, access tokens are immediately revoked. All merchant data is permanently deleted within 48 hours of uninstallation, in accordance with Shopify's data protection requirements.

5.4 Rate Limiting Data

IP addresses used for rate limiting are stored in Redis with a maximum lifetime of one minute and are automatically purged.

6. Data Security

We implement the following security measures to protect your data:

Encryption in transit: All data is transmitted over HTTPS/TLS.
Encryption at rest: Our database provider (Supabase) encrypts all data at rest.
Password hashing: Merchant passwords are hashed using bcrypt with a cost factor of 12.
API key hashing: Widget API keys are hashed using SHA-256.
Webhook verification: All Shopify webhooks are verified using HMAC-SHA256 with timing-safe comparison to prevent tampering.
Content Security Policy: The embedded app restricts framing to Shopify admin domains only.
Rate limiting: API endpoints are protected against abuse with per-visitor and global rate limits.

7. Your Rights (GDPR and Global Privacy)

We provide the same privacy rights to all users regardless of location. You have the right to:

Access: Request a copy of the data we hold about you.
Rectification: Request correction of inaccurate data.
Erasure: Request deletion of your data.
Data portability: Request your data in a structured, machine-readable format.
Objection: Object to certain types of data processing.
Restriction: Request restricted processing of your data.

7.1 For Merchants

You can access and update your account information at any time through the Guidecom dashboard. To request data export or account deletion, contact us at support@guidecom.io. We will respond within 30 days.

7.2 For Shoppers

Because we do not collect personally identifiable information from shoppers, we generally cannot identify individual shopper records. If you are a shopper and wish to exercise your rights, please contact the merchant whose store you visited. Merchants can request data deletion on your behalf through Shopify's privacy tools, which triggers our automated data redaction process.

7.3 GDPR Compliance

We comply with Shopify's mandatory GDPR webhooks:

Customer data request: When a customer requests their data through a Shopify merchant, we compile and provide all associated session and order data within 30 days.
Customer data erasure: When a customer requests data deletion, we anonymize all associated configuration sessions and delete linked analytics events.
Shop data erasure: When a merchant uninstalls the app, we permanently delete all associated data within 48 hours.

8. International Data Transfers

Our services are hosted in the United States. If you are accessing our services from outside the United States, your data may be transferred to, stored, and processed in the United States. By using our services, you consent to this transfer. We ensure that our service providers maintain appropriate safeguards for data protection.

9. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify merchants through the Guidecom dashboard at least 30 days before the changes take effect. The "Last Updated" date at the top of this page indicates when this policy was last revised.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: support@guidecom.io
Company: Guidecom Inc