Bulkedit ("the app", "we", "us") is a Shopify app that lets merchants edit products, variants, and collections in bulk, operated by Harun Ketenci / AI Saturn. Contact: support@aisaturn.co.
This policy describes what data we collect, how we store it, and how long we keep it. We comply with GDPR (EU), KVKK (Türkiye), and CCPA (California) requirements for data handling and merchant-initiated deletion.
From Shopify (on the merchant's behalf): when a task runs, Bulkedit reads and writes only merchant-owned catalog data:
We do not read or write customer data (names, emails, addresses, orders), payment information, or staff / user data.
Stored by the app, for every task the merchant runs:
Nothing about end customers of the merchant's store is ever stored.
@shopify/shopify-app-session-storage-prisma.We do not share stored data with any third party. The only external service the app talks to is the Shopify Admin GraphQL API, on behalf of the merchant.
app/uninstalled webhook.app/uninstalled webhook.We do not retain any shop data after uninstall.
Bulkedit implements the three Shopify mandatory compliance webhooks:
customers/data_request — returns "no data to report"; Bulkedit stores no customer PII.customers/redact — same; nothing to redact.shop/redact — deletes all per-shop data (tasks, task items, saved filters, sessions).All three verify the Shopify HMAC before doing anything and return HTTP 200.
A merchant may at any time:
HTTPS everywhere, HMAC-verified webhooks, multi-tenant data isolation (every query scoped by shop), encryption at rest, and no personal data in application logs.
We'll update the "Last updated" date above when material changes are made. Significant changes are also announced in-app via a banner.
For privacy questions, data requests, or concerns: support@aisaturn.co (response within 1 business day). To exercise any right above, please include your myshopify.com domain in the request.