← Back to Antigency

Privacy Policy

Last updated: March 2026

1. Information We Collect

We collect information you provide when creating an account (name, email), information from connected platforms (Shopify store data, Google Ads campaign data, Meta ad account data, Klaviyo data), and usage data generated while using the platform.

We do not collect payment card details directly — payments are processed by Stripe and governed by their privacy policy.

2. How We Use Your Information

We use your information to provide AI-powered audits and execution services, improve our models and recommendations, send transactional emails (audit complete, execution complete), and comply with legal obligations.

We do not sell your data to third parties. We do not use your store or ad account data to train publicly shared AI models.

3. Platform Credentials

Credentials for connected platforms (Shopify access tokens, Google Ads OAuth tokens, Meta access tokens) are encrypted with AES-256-GCM before storage. Encryption keys are stored separately in Vercel environment variables and are never written to our database.

We access your connected platforms only to perform the audit or execution you have requested.

4. Data Sharing

We share data with the following service providers who process it on our behalf:

  • Vercel — hosting and serverless compute
  • Supabase — database and authentication
  • Stripe — payment processing
  • Resend — transactional email delivery
  • Anthropic — AI content generation (your product/ad data is sent to generate recommendations)

5. Data Retention

Audit reports and execution plans are retained for 12 months. Rollback snapshots expire after 90 days. You can request deletion of your account and associated data at any time by contacting us.

6. Your Rights

You may request access to, correction of, or deletion of your personal data. You may disconnect any connected platform at any time from your dashboard. You may unsubscribe from emails using the link in any email we send.

7. Cookies

We use essential cookies for authentication (session management via Supabase Auth). We do not use advertising cookies or third-party tracking pixels.

8. Security

We implement industry-standard security practices including encrypted credential storage, row-level security on all database tables, webhook signature verification, and HTTPS-only communication.

9. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes by email. Continued use of the platform after changes constitutes acceptance.

10. Contact

For privacy questions or data requests, contact us at privacy@antigency.com