Last updated: March 27, 2026
Privacy Policy
This privacy policy explains how Connector handles merchant and shop data when the app is installed and used through Shopify.
What we collect
- Shop information provided by Shopify during authentication, such as the shop domain and installation context.
- Access tokens and session data required to call Shopify APIs on behalf of the merchant.
- MCP connection metadata generated to let the merchant connect the app to supported MCP clients.
- Operational logs and basic diagnostic data needed to secure, monitor, and troubleshoot the service.
How we use data
- To authenticate merchants and maintain secure app sessions.
- To execute Shopify API requests initiated by the merchant through the app or connected MCP clients.
- To generate and manage MCP connection URLs and secrets.
- To maintain service reliability, prevent abuse, and investigate incidents.
How data is stored
App data is stored in infrastructure used to operate the service, including Cloudflare-hosted databases, key-value storage, and worker runtime secrets. We retain data only for as long as it is needed to operate the app, satisfy security requirements, and comply with legal obligations.
Sharing
We do not sell merchant data. Data is shared only with service providers and infrastructure platforms required to run the app, or when required by law.
Requests
For privacy or data access requests related to Connector, use the support channel associated with the app installation or the Shopify Partner contact path for the app publisher.