Privacy Policy
Effective: 2026-05-27
App: StoreDoctor
Operator: all expathub
Contact: info@expathub-all.com
1. What we collect
StoreDoctor accesses your store's product catalog through Shopify's Admin API to detect quality issues. Specifically, we read:
- Product titles, handles, IDs, descriptions, images, and SKUs
- Product status (active/draft) and inventory levels
- SEO title and SEO description fields
We do not access customer personal data, orders, payments, or storefront analytics.
2. Why we collect it
To run automated checks against rules such as "missing image", "zero inventory", "SEO title missing", and present the results back to you in the StoreDoctor dashboard.
3. Where it's stored
Scan results (which products have which issues) are stored in our database hosted on Neon (PostgreSQL, AWS US East). Only your store's authenticated session can read your scan results. We do not share your data with third parties.
4. How long we keep it
Scan results are retained while the app is installed. When you uninstall StoreDoctor, all scan data tied to your shop is deleted within 30 days, in accordance with Shopify's GDPR webhooks (shop/redact).
5. GDPR / data subject rights
StoreDoctor implements Shopify's mandatory GDPR webhooks:
customers/data_request— fulfilled (we hold no customer PII, so the response is empty)customers/redact— fulfilled (no-op, same reason)shop/redact— deletes all scan data for the shop
If you wish to request data export or deletion outside these channels, email info@expathub-all.com.
6. Security
All connections are HTTPS. Shopify access tokens are stored encrypted in our database. We follow Shopify's recommended security practices for embedded apps.
7. Changes to this policy
We will update this page if our practices change and update the "Effective" date above.