SECURITY & COMPLIANCE

Built to be trusted with your business data

AIMarketOps is read-first, approval-gated and GDPR-aligned, with encryption, audit logging and EU-region hosting.

Read the privacy policy Data deletion

HOW WE PROTECT YOU

Security fundamentals

Encryption everywhere

TLS 1.2+ in transit and AES-256 at rest for sensitive credentials such as OAuth tokens.

Role-based access

Multi-tenant row-level isolation and role-based access control keep each account’s data separate.

Approval-gated actions

No destructive marketplace action — prices, listings, delisting — runs without explicit approval.

Full audit trail

Every mutating action is logged for accountability and rollback.

GDPR rights

Access, rectification, erasure, restriction, portability and objection are all supported.

EU-region hosting

Application and database hosted in the EU (London / Frankfurt) with documented sub-processors.

OUR COMMITMENTS

What we promise about your data

Customer identity and address fields are dropped before storage for the public Shopify app

Shopify-mandated deletion webhooks remove or anonymise affected records and revoke credentials

Sensitive credentials encrypted with AES-256; transport secured with TLS 1.2+

Annual third-party penetration test planned; SOC 2 Type II on the roadmap

Breach notification to the relevant authority within 72 hours where required

Full detail lives in our Privacy Policy, Terms and Data Processing Agreement.

Security questions?

We are happy to walk through our data handling, sub-processors and roadmap.

SECURITY & COMPLIANCE

Built to be trusted with your business data

AIMarketOps is read-first, approval-gated and GDPR-aligned, with encryption, audit logging and EU-region hosting.

Read the privacy policy Data deletion

HOW WE PROTECT YOU

Security fundamentals

Encryption everywhere

TLS 1.2+ in transit and AES-256 at rest for sensitive credentials such as OAuth tokens.

Role-based access

Multi-tenant row-level isolation and role-based access control keep each account’s data separate.

Approval-gated actions

No destructive marketplace action — prices, listings, delisting — runs without explicit approval.

Full audit trail

Every mutating action is logged for accountability and rollback.

GDPR rights

Access, rectification, erasure, restriction, portability and objection are all supported.

EU-region hosting

Application and database hosted in the EU (London / Frankfurt) with documented sub-processors.

OUR COMMITMENTS

What we promise about your data

Customer identity and address fields are dropped before storage for the public Shopify app

Shopify-mandated deletion webhooks remove or anonymise affected records and revoke credentials

Sensitive credentials encrypted with AES-256; transport secured with TLS 1.2+

Annual third-party penetration test planned; SOC 2 Type II on the roadmap

Breach notification to the relevant authority within 72 hours where required

Full detail lives in our Privacy Policy, Terms and Data Processing Agreement.

Security questions?

We are happy to walk through our data handling, sub-processors and roadmap.

SECURITY & COMPLIANCE

Built to be trusted with your business data

AIMarketOps is read-first, approval-gated and GDPR-aligned, with encryption, audit logging and EU-region hosting.

Read the privacy policy Data deletion

HOW WE PROTECT YOU

Security fundamentals

Encryption everywhere

TLS 1.2+ in transit and AES-256 at rest for sensitive credentials such as OAuth tokens.

Role-based access

Multi-tenant row-level isolation and role-based access control keep each account’s data separate.

Approval-gated actions

No destructive marketplace action — prices, listings, delisting — runs without explicit approval.

Full audit trail

Every mutating action is logged for accountability and rollback.

GDPR rights

Access, rectification, erasure, restriction, portability and objection are all supported.

EU-region hosting

Application and database hosted in the EU (London / Frankfurt) with documented sub-processors.

OUR COMMITMENTS

What we promise about your data

Customer identity and address fields are dropped before storage for the public Shopify app

Shopify-mandated deletion webhooks remove or anonymise affected records and revoke credentials

Sensitive credentials encrypted with AES-256; transport secured with TLS 1.2+

Annual third-party penetration test planned; SOC 2 Type II on the roadmap

Breach notification to the relevant authority within 72 hours where required

Full detail lives in our Privacy Policy, Terms and Data Processing Agreement.