Privacy Policy
Last updated: 27 May 2026
We are committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we use it — in plain English.
1. Who We Are
e-comProfitAgent is operated by Shaun Sadiq. For privacy queries contact: shaun@e-comprofitagent.com
2. What Data We Collect
Website visitors
- Pages visited and time spent on each page
- Referring website or search query
- Browser type, device type, and operating system
- IP address (anonymised where possible)
- Cookie data — see our Cookie Policy
Platform users (Shopify merchants)
- Account information: name, email address, business name
- Shopify store data: orders, products, variants, pricing, COGS, inventory
- Advertising data: Meta Ads campaign performance, spend, ROAS (where connected)
- Financial data: revenue, costs, margins, fulfilment fees, returns
- Customer cohort data: anonymised customer behaviour and lifetime value segments
- Attribution data: collected via our first-party tracking pixel
What we do NOT collect
- Payment card details — all payments processed by Stripe
- Your customers' personal data beyond anonymised cohort behaviour
- Passwords — managed by Supabase authentication
3. How We Use Your Data
- Provide and improve the e-comProfitAgent platform and AI agents
- Generate daily profit briefings and agent recommendations
- Calculate true net margin per SKU and identify profit leaks
- Build anonymised cross-merchant benchmarks by vertical (minimum 5 merchants per vertical)
- Send platform notifications and product updates
- Respond to support enquiries
- Comply with legal obligations
We do not sell your data to third parties.
4. Legal Basis (UK GDPR)
- Contract: processing necessary to provide the services you signed up for
- Legitimate interests: improving the platform, fraud prevention, security
- Consent: optional cookies and marketing communications
5. Data Sharing
We share data only with these third parties, strictly to provide our services:
- Supabase — database and authentication (EU West, Ireland)
- Railway — backend infrastructure (EU West)
- Netlify — website and frontend hosting
- Anthropic — AI processing (data not used to train models)
- Stripe — payment processing
- Resend — transactional email delivery
6. Data Retention
- Account data: duration of account plus 2 years after closure
- Shopify store data: duration of active subscription
- Website analytics: 13 months
- Email correspondence: 3 years
7. Your Rights
Under UK GDPR you have the right to access, correct, delete, restrict, or port your data. To exercise any right, email shaun@e-comprofitagent.com. We will respond within 30 days.
8. Security
- All data encrypted in transit via HTTPS
- Database access restricted to server-side keys only
- Rate limiting on all authentication endpoints
- Input sanitisation on all data inputs
- Regular security reviews
9. Complaints
If you are unhappy with how we handle your data, you can lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk | 0303 123 1113