Privacy Policy

CatalogWise is operated by the CatalogWise service operator. Privacy requests can be sent to privacy@catalogwise.com. We use that channel for access, deletion, correction, portability, objection and consent questions.

• Account and profile data such as name, email, company, role and authentication metadata.
• Store information such as store URL, public storefront signals, sitemap data, scan results and report history.
• Crawler evidence such as compact snippets, normalized public URLs, robots/sitemap status, structured data indicators and evidence hashes.
• Chat messages, AI agent prompts, support context and product education interactions.
• Billing identifiers and checkout status processed by a secure payment provider. CatalogWise does not store full card details.
• Cookie preferences, consent records, analytics events and feature usage events.
• Review requests and review submissions when a merchant chooses to provide feedback.

We process data to create accounts, run public storefront scans, prepare optional connected catalog diagnostics, generate reports, enforce quotas, provide AI guidance, manage subscriptions, deliver support, prevent abuse and improve product reliability.

For B2B users in the EU/EEA, processing may rely on contract necessity for account, scan, billing and report delivery; legitimate interests for security, abuse prevention and product operations; consent for optional cookies, marketing and AI session personalization; and legal obligation where records are required for accounting or compliance.

Public scans use visible storefront signals such as metadata, structured data, product URLs, policy links and page content. CatalogWise is designed to respect robots.txt and access controls, use an identifiable crawler user-agent and avoid storing full raw HTML when compact evidence is enough. When configured, extracted scan signals may be processed through OpenAI-compatible structured analysis. CatalogWise instructs the system not to invent unavailable data and marks unknown fields when evidence is missing.

Necessary cookies support authentication, security, scan gating, checkout state and consent records. Analytics, marketing and AI session personalization cookies are only used after consent. Users can change preferences from the footer at any time.

Account, scan, report, quota, credit ledger and billing records are retained while the account is active and for a reasonable period after cancellation for security, accounting, dispute handling and product continuity. Optional marketing consent and cookie consent records are retained until withdrawn or expired by policy. Public crawler evidence should be minimized to evidence snippets, hashes and score inputs unless a future debug feature explicitly requires short-lived raw captures.

Some processors may process data outside the EU/EEA. Where applicable, CatalogWise relies on appropriate safeguards such as contractual protections, regional configuration, standard contractual clauses or processor-specific transfer mechanisms.

Eligible users may request access, correction, deletion, restriction, portability or objection. Users may also withdraw consent for optional cookies and marketing. Send privacy requests to privacy@catalogwise.com.

CatalogWise is designed to use server-side API keys, environment variables, role-based database access, RLS policies, secure connected-access flows and safe fallback behavior when credentials are missing. Optional Shopify Deep Access should be revocable by the merchant.