Privacy Policy

What we collect

• Your Shopify shop domain and a Shopify-issued access token.
• Public storefront HTML during accessibility scans, with end-customer attributes redacted before storage.
• Configuration you enter (widget colour, scan schedule, plan tier).
• Subscription metadata returned by Shopify Billing.

What we never collect

• Your end customers' personal data. Customer-bound HTML attributes are redacted before any persistence or AI call.
• Payment card or bank data. Shopify handles all payment instruments.
• Cross-site tracking or analytics on your storefront.

Public website scanner

This website offers a free scanner that checks a publicly reachable store URL for accessibility issues, without an account and without installing the app. When you use it we collect the store URL you submit, the scan findings derived from the public HTML of that page, and a hashed (SHA-256) form of your IP address used solely for rate limiting. We never store the raw IP. If you request the full report, we additionally store the e-mail address you provide, your language preference, and a timestamp of your consent. Scan data (findings and hashed IP) is deleted after 30 days; e-mail and consent records are deleted after at most 12 months. You can request earlier deletion at any time via contact@ensomedia.pl.

How AI processing works

Pro-tier AI suggestions are produced by sending a redacted accessibility issue payload to Groq, our AI inference provider. We send only the WCAG criterion, a CSS selector, and a short HTML snippet after PII scrubbing. Groq's own privacy and retention terms apply to that processing, see groq.com/privacy-policy. AI-generated content is labelled as such in the admin UI and you preview a unified diff before any code is written to your theme.

Data retention

We retain scan data, issue lists, AI fix suggestions, and audit logs for as long as the app is installed, plus 30 days after uninstall to allow re-install without data loss. After 30 days post-uninstall the data is permanently deleted. Pro plan merchants can configure a shorter retention window in app settings, enforced by a weekly automated purge.

Where data is stored

Application and database run on Google Cloud (europe-central2), located in the EU. International transfers to Groq are covered by the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914).

Your rights

Under GDPR you have rights of access, rectification, erasure, portability, restriction of processing, and to object. Under the CCPA (California residents) you have rights to know, delete, correct, and opt out of any sale of personal information (we do not sell or share for cross-context behavioural advertising).

To exercise any of these rights, email contact@ensomedia.pl from the email associated with your Shopify shop owner account. We respond within 30 days as required by GDPR Art. 12(3).

Cookies

AccessifyAI uses only essential cookies necessary for app operation inside the Shopify admin. We do not use tracking, advertising, or cross-site analytics cookies on storefronts.

Children's privacy

AccessifyAI is a B2B service for Shopify merchants. It is not directed to children. We do not knowingly collect personal information from children under 13 (or under 16 where local law applies a higher digital-consent age).

Contact

Ensomedia (sole proprietorship, Poland) is the data controller.