1. Who We Are

Bulkedit ("the app", "we", "us") is a Shopify app that lets merchants edit products, variants, and collections in bulk, operated by Harun Ketenci / AI Saturn. Contact: support@aisaturn.co.

This policy describes what data we collect, how we store it, and how long we keep it. We comply with GDPR (EU), KVKK (Türkiye), and CCPA (California) requirements for data handling and merchant-initiated deletion.

2. Data We Collect

From Shopify (on the merchant's behalf): when a task runs, Bulkedit reads and writes only merchant-owned catalog data:

• Products (title, description, vendor, type, status, tags, SEO, category, options).
• Product variants (price, compare-at price, inventory, SKU, barcode, weight, unit price).
• Collections (title, description, SEO, products sort order).
• Shopify saved search views (to populate the "saved search" scope mode).

We do not read or write customer data (names, emails, addresses, orders), payment information, or staff / user data.

Stored by the app, for every task the merchant runs:

• Task configuration (entity type, filter, action, value, schedule, repeat rule).
• Per-item audit log: Shopify GID, field name, old value, new value, status, any error message.
• Merchant OAuth session token (required to talk to Shopify).

Nothing about end customers of the merchant's store is ever stored.

3. Where It's Stored

• PostgreSQL database, encrypted at rest, single region.
• Session tokens stored via @shopify/shopify-app-session-storage-prisma.
• All traffic to and from the app is over HTTPS.

We do not share stored data with any third party. The only external service the app talks to is the Shopify Admin GraphQL API, on behalf of the merchant.

4. Retention

• Session tokens: until the app is uninstalled, then purged on the app/uninstalled webhook.
• Task records & per-item audit log: kept for the lifetime of the shop's install, for rollback and compliance.
• All per-shop data on uninstall: deleted within 1 hour of the app/uninstalled webhook.
• Shop redact: a second defensive cleanup pass runs ~48 hours after uninstall, per Shopify's compliance requirement.

We do not retain any shop data after uninstall.

5. Customer-Data Compliance Webhooks

Bulkedit implements the three Shopify mandatory compliance webhooks:

• customers/data_request — returns "no data to report"; Bulkedit stores no customer PII.
• customers/redact — same; nothing to redact.
• shop/redact — deletes all per-shop data (tasks, task items, saved filters, sessions).

All three verify the Shopify HMAC before doing anything and return HTTP 200.

6. Merchant Rights (GDPR Art. 15–17 / KVKK Art. 11)

A merchant may at any time:

• Access their data — Task History is fully visible in-app, and every row can be exported to CSV via "Download changes" on a task's detail page.
• Correct errors — via the "Edit as new" or "Revert" actions on any task.
• Delete all of their data — by uninstalling the app; all per-shop data is purged within 1 hour.
• Port their data — via the CSV export on each task's detail page.

7. Security

HTTPS everywhere, HMAC-verified webhooks, multi-tenant data isolation (every query scoped by shop), encryption at rest, and no personal data in application logs.

8. Changes to This Policy

We'll update the "Last updated" date above when material changes are made. Significant changes are also announced in-app via a banner.

9. Contact

For privacy questions, data requests, or concerns: support@aisaturn.co (response within 1 business day). To exercise any right above, please include your myshopify.com domain in the request.