Privacy Policy

Last updated: March 5, 2026

This Privacy Policy explains how Max AI Google Feed Ascend ("we", "us", "our") collects, uses, and protects data when merchants install and use the app.

Scope

This policy applies to data processed through:

Shopify APIs (Admin API and mandatory compliance webhooks)
Google OAuth and Google Merchant APIs
our infrastructure used to generate and host feed outputs

Data We Process

We process the minimum data needed to provide app features.

From Shopify

shop identifier and app session data
product and variant data required to build product feeds
market and locale configuration used for feed targeting
app lifecycle/compliance webhook payloads (customers/data_request, customers/redact, shop/redact)

From Google (when you connect)

OAuth access and refresh tokens
Google account profile basics returned by OAuth (such as email/name/picture, if provided)
Merchant Center account and feed status/performance data required by app features

Generated by the app

feed configuration and mapping rules
generated feed files and feed processing metadata
operational logs needed for reliability, troubleshooting, and abuse prevention

How We Use Data

We use data only to:

authenticate shops and run the embedded app
generate, update, and host merchant feed files
connect and interact with Google Merchant Center APIs requested by the merchant
provide diagnostics, monitoring, fraud/rate-limit protection, and customer support
meet legal and platform obligations (including Shopify compliance webhooks)

We do not sell merchant personal data.

Legal Bases (where applicable)

Depending on jurisdiction, we rely on one or more of:

contract performance (to deliver app functions)
legitimate interests (service reliability/security/support)
legal obligations (privacy/compliance requests)
consent where required by law

We share data only with subprocessors and platforms required to operate the app, such as:

Shopify (platform APIs and webhook delivery)
Google (OAuth and Merchant APIs)
cloud infrastructure/storage providers (for application hosting and feed file delivery)
AI providers used to generate content where enabled by merchant configuration

Each provider processes data under its own terms and security obligations.

Retention and Deletion

App data is retained only as long as needed to provide service, satisfy legal obligations, and resolve disputes.
On disconnect/uninstall and Shopify redaction events, deletion workflows are executed according to Shopify requirements.
For shop/redact, app records for the shop are deleted from primary storage.
For customers/redact and customers/data_request, requests are handled according to Shopify mandatory compliance webhook obligations.

Security Controls

We implement reasonable technical and organizational safeguards, including:

transport security (HTTPS/TLS)
authentication and authorization controls
bounded retries/timeouts for external API calls
operational logging and monitoring for incident response

No system can be guaranteed 100% secure.

International Transfers

Data may be processed in jurisdictions different from the merchant's location. Where required, we use contractual and organizational safeguards for cross-border processing.

Your Rights

Depending on local law, you may request access, correction, deletion, portability, or objection to processing. You may also disconnect Google at any time from the app.

To submit requests, contact: [email protected]

Changes to This Policy

We may update this policy from time to time. Material changes will be posted in documentation and reflected by the "Last updated" date.

Contact

Email: [email protected]
Website: selofy.com

Privacy Policy

On this page