Privacy Policy

ShopShot by GrowthGPT · Last updated June 12, 2026

We at GrowthGPT (“LEAPMIND GROWTH PTE. LTD.”, referred to here as “we”, “us” or “our”) respect and protect the privacy of those who explore our services (“Users”) and Users who install and use ShopShot (the “App”) on their Shopify store (“Customers”; together with Users referred to throughout this policy as “you” and “your”). This Privacy Policy explains how we collect, use, and protect information when you install and use the App, a Shopify embedded application that scores your product photos for conversion. By installing the App you agree to this policy.

1. Information we access

ShopShot operates on your Shopify store through the Shopify Admin API. With your authorization (granted during installation) we access:

Store information — your store domain and the basic store/account details Shopify provides when the App is installed.
Product data and images — product titles, categories, and the image URLs in your product galleries, so you can select an image to score. This uses the read_product_listings and read_products scopes (read-only).
Images you upload — if you upload an image directly for scoring, we process that image to generate a diagnosis.
Session/authentication tokens — issued by Shopify to keep the App securely connected to your store.

ShopShot does not request, collect, or store the personal data of your customers (such as buyer names, emails, or orders). The App works with product photos and store-level data only.

2. How we use information

To generate a photo diagnosis: an image (as a hosted URL or uploaded file) is sent to our AI scoring provider to produce a conversion score, a role classification, and improvement recommendations.
To operate and secure the App (authentication, keeping you signed in) and to enforce usage limits on free scoring.
To respond to your support requests.

We do not sell your data or use it for advertising, and we do not use your images to train AI models.

3. Service providers (sub-processors)

We share the minimum data necessary with the following providers, who process it only to deliver the App:

MiniMax — our AI model provider. Receives the product image (or its URL) to generate the photo score and recommendations.
Cloudflare — hosting and database infrastructure (the App runs on Cloudflare Workers with a Cloudflare D1 database).
Shopify — the platform the App is embedded in and the source of product/store data you authorize.

4. Data retention and storage

Product images are not permanently stored. They are processed transiently to produce a score and are not retained on our servers after the diagnosis is returned.
Session tokens are stored while the App is installed and are deleted when you uninstall the App.
Usage counts (the number of scores per store per month) are stored to enforce free-tier limits.

5. GDPR / CCPA compliance

We comply with Shopify’s mandatory data-protection webhooks. When Shopify notifies us of a data request or deletion:

customers/data_request and customers/redact — ShopShot does not store customer personal data, so there is typically no customer data to return or delete.
shop/redact — when a store uninstalls the App, we delete the store’s session and associated records.

You may request access to, or deletion of, data associated with your store by contacting us at the address below.

6. Security

All data is transmitted over encrypted connections (HTTPS/TLS). Authentication secrets are stored as encrypted secrets in our hosting environment and are never exposed in client-side code or source control.

7. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date at the top of this page.

8. Contact us

For any questions or requests regarding this policy or your data, contact us at support@growthgpt.app.