Privacy Policy

Last updated: June 2026

1. Who we are

SchemaRank ("we", "our", "us") is a Shopify app that scores and improves a store's AI-shopping readiness by analysing product data and injecting Product JSON-LD. The app is operated by The Gateway Digital.

2. Data we collect

When you install SchemaRank we receive:

  • Shop data — your Shopify store domain and the OAuth access token Shopify issues to us.
  • Product data — product titles, descriptions, images, variants, prices, barcodes, SKUs, and metafields, fetched via the Shopify Admin GraphQL API.
  • Audit results — per-product JSON-LD completeness scores we compute and store so you can review them.
  • Rewrite drafts — AI-generated description drafts stored until you approve or discard them.
  • Session tokens — short-lived tokens used to keep you authenticated inside the app.

We do not collect personal data about your customers, order history, payment details, or any data not listed above.

3. How we use it

  • Compute and display AI-readiness scores for your products.
  • Generate and inject Product JSON-LD via a Shopify theme app extension.
  • Produce AI-generated description rewrites using Google's Generative AI API.
  • Enforce plan quotas and billing via Shopify's native subscription API.

We do not sell, share, or rent your data to any third party.

4. Third-party services

  • Shopify — OAuth authentication and billing. Shopify Privacy Policy
  • Google — Google's Generative AI API is used only for description rewrite features (Pro/Agency plans). Product descriptions are sent to Google's Generative AI API. Google AI Terms & Privacy
  • Render — Application hosting for the SchemaRank admin app (US region).
  • Neon — Managed PostgreSQL database where your audit data is stored (US region).
  • Cloudflare — Hosting and CDN for the marketing site and public scanner.
  • Resend — Transactional email delivery, used only if you enable weekly email digests.

5. Data retention

We retain your data for as long as the app is installed. When you uninstall SchemaRank:

  • We receive a shop/redact webhook from Shopify and delete your shop record, all product audits, applied fixes, and rewrite drafts within 48 hours.
  • Anonymised aggregate statistics (e.g. total products scanned) may be retained indefinitely.

6. Your rights (GDPR / CCPA)

As a merchant you have the right to access, correct, or delete your data. Email us at [email protected] and we will respond within 30 days.

7. Security

Access tokens are encrypted at rest. All data is transmitted over HTTPS. We follow Shopify's security requirements for embedded apps.

8. Contact

Questions about this policy? Email [email protected].