Privacy Policy & GDPR Compliance

Privacy Policy for Variant Image Guard

Last Updated: January 29, 2026

1. Introduction

Welcome to Variant Image Guard ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, and protect information when you use our Shopify app.

2. Information We Collect

We collect the following types of information:

• Store Information: Your Shopify store domain, store name, and contact email

• Product Data: Product titles, variant information, and image URLs (accessed temporarily during scans, not stored)

• Usage Data: App usage statistics including scan frequency, products scanned, and variants fixed

• Subscription Data: Current plan level and billing information (processed by Shopify)

• Technical Data: Error logs and performance metrics via Sentry (anonymized)

3. How We Use Your Information

We use your information to:

• Provide and maintain the app's core functionality

• Scan your products and assign variant images as requested

• Process subscription upgrades and billing

• Monitor app performance and fix bugs

• Provide customer support

• Comply with legal obligations

4. Data Storage and Security

Product Data: We do NOT permanently store your product images or variant data. Data is only accessed temporarily during scans and fixes.

Usage Metrics: Basic usage statistics are stored in-memory during your session

Security: All data transmission uses HTTPS encryption

Access: We use Shopify's OAuth for secure authentication

5. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have the following rights under GDPR:

• Right to Access: Request a copy of your personal data

• Right to Rectification: Request correction of inaccurate data

• Right to Erasure: Request deletion of your personal data

• Right to Data Portability: Request transfer of your data

• Right to Object: Object to processing of your data

• Right to Restrict Processing: Request restriction of data processing

• To exercise these rights, contact us at: support@bullmooseapps.com

6. Data Retention

We retain your data only as long as necessary to provide our services:

• Usage statistics: Retained while app is installed

• Error logs: Retained for 90 days via Sentry

• When you uninstall the app, all associated data is deleted within 48 hours

7. Third-Party Services

We use the following third-party services:

• Shopify: For app hosting, authentication, and billing (Shopify Privacy Policy applies)

• Sentry: For error tracking and performance monitoring (data is anonymized)

8. Cookies

We use essential cookies for authentication and session management. These are required for the app to function and cannot be disabled.

9. Your Rights

You have the right to:

• Uninstall the app at any time (this deletes all your data)

• Request a copy of data we've collected about you

• Request deletion of your data

• Opt-out of error tracking (contact support)

10. Children's Privacy

Our app is not directed at children under 13. We do not knowingly collect information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the app.

12. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights:

Email: support@bullmooseapps.com

Company: BullMoose Apps

For GDPR requests: Include "GDPR Request" in subject line

13. Data Processing Agreement (GDPR)

For EU merchants, we act as a Data Processor on your behalf. You remain the Data Controller. We:

• Process data only as instructed by you

• Implement appropriate security measures

• Do not transfer data outside the EEA without adequate safeguards

• Assist you with data subject requests

• Delete or return data upon request

This privacy policy is compliant with GDPR, CCPA, and Shopify's app requirements.

Last updated: January 29, 2026