Privacy Policy
Last updated: April 12, 2026
1. What we collect
When you install Citelix on your Shopify store, we access the following data through the Shopify API:
- Store information: Store name, email address, domain, and Shopify plan
- Product data: Product titles, descriptions, images, and tags (read-only, used for generating AI visibility recommendations)
- Content data: Blog posts, pages, and collection descriptions (read-only, used for content analysis)
- Theme data: Theme file structure (read-only, used to check for schema markup)
We do not access customer data, orders, payment information, or any personally identifiable information about your customers.
2. How we use your data
We use your store data to:
- Detect your market, industry, and competitors
- Generate relevant AI visibility tracking prompts
- Analyze how AI search engines see your brand vs competitors
- Generate personalized, store-specific recommendations to improve visibility
- Send you email reports and alerts about changes in your AI visibility
3. Third-party services
We use the following third-party services to operate Citelix:
- AI providers: OpenAI (ChatGPT), Google (Gemini), Perplexity, Anthropic (Claude), xAI (Grok). We send tracking prompts to these services. We do not send your customer data or personal information.
- MongoDB Atlas: Database hosting for storing your visibility data and scan history
- Vercel: Application hosting
- Inngest: Background job processing for daily scans
- Loops: Transactional email delivery
- Mixpanel: Product analytics (usage patterns, not personal data)
4. Data retention
We retain your scan history based on your plan (30 days to 1 year). When you uninstall the app, your data is preserved for 90 days in case you reinstall. After 90 days, all data is permanently deleted.
5. Data security
All data is encrypted in transit (TLS) and at rest. We use MongoDB Atlas with encryption at rest enabled. API keys and secrets are stored in encrypted environment variables, never in source code.
6. GDPR and data rights
We comply with GDPR and Shopify's data protection requirements. You can:
- Request a copy of all data we hold about your store
- Request deletion of all your data
- Uninstall the app at any time from your Shopify admin
We respond to all Shopify-mandated GDPR webhooks (data request, data erasure, shop redact) automatically.
7. Customer data
Citelix does not access, collect, store, or process any of your customers' personal data. We do not access orders, customer profiles, payment information, or browsing behavior.
8. Contact
For privacy-related questions, contact us at drew@citelix.com.