Privacy Policy

Last Updated: April 2026

Introduction

SyncLyst AI ("we", "our", or "us") operates the Synclyst application and Synclyst.app. This Privacy Policy explains how we collect, use, and protect your information when you use our service, including when you install or use SyncLyst as a Shopify merchant.

1. Information We Collect

  • Merchant Account Information: When you install the app via Shopify OAuth, we collect your name, email address, and shop domain to manage your account and billing.
  • Product Data & Photos: Images you upload to generate listings. These are processed by our AI and deleted from our servers within 24 hours.
  • Usage Data: Information about scans performed, listings created, and features accessed to improve app performance.
  • Payment: Billing is handled via Shopify's Billing API or a secure third-party processor. We do not store your credit card details.

2. How We Use Your Information

We use your data to provide core services: generating product listings from photos and syncing them to your connected platforms (Shopify, Etsy, eBay, etc.). We use anonymized, aggregated data to improve our AI models. We do not sell your personal data to third parties.

3. Shopify Mandatory Webhooks & GDPR Compliance

Synclyst is fully compliant with Shopify's mandatory privacy requirements. We have implemented the following webhooks to protect your data:

  • customers/data_request: Although Synclyst does not store customer personal data, we provide a structured response to any request from Shopify on behalf of a customer.
  • customers/redact: We automatically fulfill requests to delete customer personal data if any were transiently processed.
  • shop/redact: Within 48 hours of you uninstalling the app, we purge all shop-related data and access tokens from our database.

4. Third-Party Integrations

When you connect SyncLyst to a third-party platform (e.g., eBay), you authorize us to access and write to that platform on your behalf. We only request the minimum permissions necessary. You can disconnect integrations at any time from your dashboard.

5. Data Security

We use industry-standard TLS/HTTPS encryption. Access to user data is restricted to authorized personnel only.

6. Your Rights (UK/EEA/US State Laws)

Under GDPR and evolving US state privacy laws (CCPA/Indiana/Kentucky/Rhode Island), you have the right to access, correct, or delete your data. To exercise these rights, contact us at: synclyst@gmail.com

7. Changes & Contact

We may update this policy. Significant changes will be notified via email.

Contact: synclyst@gmail.com