Back to Home

Privacy Policy

Last updated: February 8, 2026

1. Introduction

BloatBuster AI ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect information when you use our Shopify application. We comply with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the ePrivacy Directive 2002/58/EC.

2. Data Controller

BloatBuster AI
Contact: [email protected]
We respond to all data protection inquiries within 30 days.

3. What Data We Collect

  • Store Information: Your Shopify store domain name and subscription plan status.
  • Theme Data: Theme file contents are read for analysis. For cleanup, specific files are modified.
  • Script Tags: Registered ScriptTag information associated with your store.
  • Audit Results: Scan findings, app detections, recommendations, and confidence scores.
  • Theme Backups: Copies of individual file contents created before modifications.
  • Performance Data: Health Scores, PageSpeed results, Core Web Vitals metrics.
  • Theme Snapshots: SHA-256 hashes of critical theme files (NOT actual file contents).
  • Hibernation Data: Records of hibernated app scripts, activation status.
  • User Preferences: Settings such as auto-scan and monitoring preferences.

4. What We Do NOT Collect

We explicitly do NOT collect: customer personal data, order information, payment details, product data, marketing data, social media data, or store credentials. We have zero access to your customers' information.

5. AI Data Anonymization

When sending theme code to our AI provider (OpenAI) for analysis, we anonymize all URLs and file paths. Only code patterns are analyzed — no identifiable store information is sent to the AI.

6. Third-Party Processors

  • Shopify: Platform provider (Canada)
  • OpenAI: AI analysis with anonymized data (USA)
  • Fly.io: Application hosting (Frankfurt, EU)
  • Google: PageSpeed Insights API (USA)

7. Your GDPR Rights

Under GDPR Articles 15-22, you have the right to:

  • Access your personal data (Art. 15)
  • Rectification of inaccurate data (Art. 16)
  • Erasure / "right to be forgotten" (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21)

You can delete all your data at any time from the Settings page within the app, or by contacting us.

8. Cookies & Tracking

BloatBuster AI does NOT use cookies, analytics trackers, fingerprinting, or any form of user tracking on your storefront or within the app.

9. Data Retention

  • Theme Backups: 30 days (Growth) / 90 days (Pro/Ultra)
  • Scan Results & Performance History: Duration of active subscription
  • Server Logs: Automatically deleted within 14 days
  • All data: Deleted upon app uninstallation or data deletion request

10. Contact

For any privacy-related questions or to exercise your GDPR rights:
[email protected]