Security is built in.
Your store's data is your most valuable asset. We protect it with enterprise-grade encryption, regular audits, and zero-trust architecture.
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. We utilize strictly enforced HSTS.
Infrastructure
Hosted on AWS/Supabase with SOC2 Type II compliance. We employ DDOS protection and WAF routing.
Compliance
Fully compliant with GDPR and CCPA requirements. See our DPA for details.
Vulnerability Disclosure
We take security researchers' reports seriously. If you have discovered a vulnerability in our application, please disclose it to us privately via our security.txt contact.
AI & Data Privacy
We use OpenAI's API to power our SEO generation features. We have opted out of data sharing for training purposes.Your product descriptions and store data are NEVER used by OpenAI to train their foundational models.
Shopify Permissions
ScribeSEO AI strictly follows the principle of least privilege. We only request the scopes absolutely necessary to read product data and write optimized SEO content back to your store upon your explicit approval.