top of page

Privacy Policy for AI Blog Post Generator

Effective Date: October 10, 2025
Last Updated: October 10, 2025

 

Introduction

AI Blog Post Generator ("we," "our," "us," or "the App") is committed to protecting the privacy and security of our merchants and their customers. This Privacy Policy explains how we collect, use, store, share, and protect your data when you use our Shopify app.

By installing and using our app, you agree to the terms of this Privacy Policy.

1. Who We Are

App Name: AI Blog Post Generator
Data Controller: eyweb
Contact Email: eywebinfo@gmail.com
Website: eywebapp.com

2. Data We Collect

We collect only the minimum data necessary to provide our app’s functionality.

2.1 Shop Information

  • Shop domain and name

  • Shopify access tokens

  • Shop owner email address

  • Shop owner first and last name

  • Shopify user ID

  • Locale and account settings

2.2 Product Data (Temporary Processing Only)

  • Product titles, descriptions, types, vendors, tags, prices, and images

  • Purpose: Generate relevant blog content about your products

  • Retention: Not stored; processed in real-time only

2.3 Usage and Subscription Data

  • Subscription plan and billing status

  • Token usage counts (number of blog posts generated)

  • Payment and billing records (processed by Shopify)

  • Feature usage patterns (anonymous aggregated data only)

2.4 Technical Data

  • Session data (authentication state, session expiration)

  • Error logs and app performance metrics

  • API request logs (IP addresses, timestamps)

2.5 Generated Content

  • Blog post headlines and content created by the AI

  • Blog post metadata (creation dates, publishing status)

  • Images selected for blog posts

2.6 Data We Do NOT Collect

❌ Customer personal information
❌ Customer purchase history
❌ Payment card details
❌ Browsing behavior or analytics tracking
❌ Social media data
❌ Biometric or sensitive personal data

 

 

3. How We Collect Your Data

3.1 Directly From You

  • When you install the app and grant permissions

  • When you input blog topics, keywords, and select products

  • When you subscribe to a paid plan

  • When you contact our support team

3.2 Automatically From Shopify

  • Via Shopify Admin API during installation

  • Through OAuth authentication

  • From your Shopify store’s product catalog (on-demand only)

3.3 From Your Use of the App

  • Session data while logged in

  • Usage statistics

  • Error logs for troubleshooting

3.4 What We Don’t Collect

We minimize tracking and use only the tools necessary to provide and improve our service.

We do not use:

  • Browser fingerprinting

  • Biometric or sensitive personal data

  • Unnecessary cookies beyond those listed in this policy

  • Third-party ad networks unrelated to our app

We do use:

  • Google Analytics (to measure app performance and usage trends)

  • Meta (Facebook/Instagram) Pixel (to measure marketing performance and conversions)

For more details, see Section 6: Cookies and Tracking Technologies.

4. Legal Basis for Data Processing (GDPR)

We process data under several legal bases. When we provide our app’s services and process payments, it is based on contractual necessity. When we improve the app or ensure security, we rely on legitimate interest. When we comply with tax, accounting, or regulatory laws, we do so based on legal obligations. Marketing communications are based on your consent, which you can withdraw at any time.

 

5. How We Use Your Data

We use your data to authenticate your shop, generate AI-powered blog posts, publish content to your Shopify store, manage your subscription, and process billing.

We also use it to provide customer support, send service notifications, troubleshoot issues, prevent fraud, comply with legal requirements, and improve app performance based on aggregated analytics.

We never sell your data, share it without authorization, or process it for unrelated marketing purposes.

6. Cookies and Tracking Technologies

We use cookies and tracking technologies to make the app work correctly and to help us understand how it is used.

Essential cookies are required to maintain your login state and authenticate with Shopify. These cookies are strictly necessary for the app to function and cannot be disabled.

In addition, we use analytics and marketing cookies.
Google Analytics (Google LLC) helps us analyze traffic, understand feature usage, and improve performance. Data collected includes general usage information such as device type, page views, and session duration. You can opt out using the Google Analytics opt-out tool.

Meta Pixel (Meta Platforms, Inc.) helps us measure conversions and ad performance on Facebook and Instagram. It collects event data such as page visits and button clicks. You can manage your preferences in your Facebook ad settings.

We do not use fingerprinting, biometric tracking, or unrelated advertising networks.

7. Data Sharing and Third Parties

We share data only with essential service providers that enable our app to function.

We share information with:

  • Google Gemini AI (Google LLC) – to generate blog content using AI.

  • Pexels API (Canva Pty Ltd) – to provide stock images for your blog posts.

  • Google Analytics (Google LLC) – to analyze traffic and app performance.

  • Meta Pixel (Meta Platforms, Inc.) – to measure marketing conversions.

  • Netlify (Netlify Inc.) – to host and run the app infrastructure.

  • PostgreSQL Database Hosting – to store encrypted usage and subscription data.

We also integrate with Shopify as part of the ecosystem. Shopify’s privacy policy applies to all data shared through its platform.

We may disclose data when required by law, in case of legal processes, or during mergers and acquisitions, with proper notice provided.

 

**Image Sources and Copyright Responsibility

Our app integrates with the Pexels API to automatically provide free stock images for generated blog posts.
All images supplied by Pexels are licensed under the Pexels License, which allows free use for commercial and personal purposes without requiring attribution. While credit to the photographer or to Pexels is not legally required, it is always appreciated.

We do not own or control the images provided by Pexels. These images are made available under Pexels’ license terms, and we rely on their representations that the content is free to use. However, we cannot guarantee that all images are free from third-party rights, such as trademarks, logos, or recognizable individuals.

By using images provided by our app, you acknowledge that you are responsible for how those images are used. eyweb is not liable for any claims, disputes, or copyright issues raised by third parties regarding the use of such images. If a photographer, model, or rights holder requests attribution, removal, or other action related to a specific image, we recommend complying with such requests directly or replacing the image.

8. International Data Transfers

Your data may be processed outside your country of residence, primarily in the United States and Australia.

We implement safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, encryption, and strict access controls to ensure compliance with international privacy standards.

9. Your Rights and Consent

You have the right to access, correct, delete, or restrict the processing of your personal data. You may also request a copy of your data or object to certain processing activities.

To exercise your rights, email eywebinfo@gmail.com with the subject line “Data Privacy Request – [Your Shop Domain].” We respond within 30 days as required by law.

If you withdraw consent, we will stop processing your data for that purpose.

Our AI system is used only as a content-generation tool. You always retain full control over the content created, and no significant or legal decisions are made automatically.

10. Data Retention

We keep your data only as long as necessary for the purposes described.

Active subscription data is retained for the duration of your plan plus 30 days. Session data is stored for up to 30 days, usage logs for 90 days, and token usage records for one year. Billing data is retained for seven years as required by law.

When you uninstall the app, we immediately revoke API access tokens and permanently delete your data within 30 days, except for billing records, which are retained as required by legal and tax regulations.

11. Data Security

We apply strict security measures to protect your data, including encryption in transit (TLS 1.3) and at rest (AES-256).

We maintain access controls, secure APIs, multi-factor authentication for team access, and regular security audits and penetration tests.

All infrastructure is protected by firewalls, DDoS protection, intrusion detection, and continuous monitoring.

12. Data Breach Notification

If a data breach occurs, we will notify affected merchants and regulatory authorities within 72 hours, as required by law. We will provide details about the nature of the breach, potential risks, steps taken, and any recommended protective measures.

13. Data Protection Roles and Responsibilities

You, the merchant, act as the Data Controller for your Shopify store data.
We, eyweb, act as a Data Processor on your behalf.

We process data only according to your instructions, maintain confidentiality and security, assist with compliance, and delete or return data when no longer needed.

14. Children’s Privacy

Our app is intended for business use only and is not designed for individuals under 16 years old. We do not knowingly collect any data from minors. If such data is found, it will be deleted immediately.

15. Compliance with Privacy Laws

We comply with all major international privacy regulations, including:

  • GDPR (European Union)

  • CCPA/CPRA (California)

  • PIPEDA (Canada)

  • UK GDPR (United Kingdom)

  • LGPD (Brazil)

Residents in these regions have rights to access, delete, or limit data processing and can contact their local data protection authorities if they believe their rights have been violated.

16. Changes to This Privacy Policy

We may update this policy from time to time to reflect legal changes, new features, or improved privacy practices.

When changes are material, we will update the “Last Updated” date, notify you by email, show an in-app message, and post a notice on eywebapp.com.

Continued use of the app after updates means you accept the revised policy.

17. Data Processing Agreement (DPA)

If you require a formal Data Processing Agreement, contact eywebinfo@gmail.com.
Our DPA defines the scope, duration, and security obligations of data processing and includes information on sub-processors and audit rights.

18. Contact Us

For any privacy-related questions or requests, contact us at:
Email: eywebinfo@gmail.com
Subject: “Privacy Inquiry – [Your Shop Domain]”
Response time: within 10 business days

Website: eywebapp.com

19. Supervisory Authorities

If you are not satisfied with our response, you may contact your regional privacy authority.

For EU/EEA residents: visit edpb.europa.eu/about-edpb/board/members_en
For UK residents: visit ico.org.uk/make-a-complaint
For California residents: visit oag.ca.gov/privacy
For Canadian residents: visit priv.gc.ca

✅ Content fully aligned with your actual data practices
✅ No tables — clean paragraph formatting
✅ Includes Google Analytics and Meta Pixel usage

bottom of page