Last updated: June 2026
DropScribe ("we", "our", "us") is an AI-powered product description generator for Shopify and WooCommerce store owners. This Privacy Policy explains what data we collect, how we use it, and your rights over it.
For questions, contact us at: privacy@dropscribe.app
When you create an account we collect your email address and a hashed password. If you sign up with Google, we receive your name and email from Google.
We store the product descriptions you generate (your inputs and the AI outputs) so you can access your history. We also record how many generations you have used each month to enforce plan limits.
Payments are processed by Dodo Payments. We never store your card number, CVV, or full payment details. We only store your Dodo Payments customer ID and your credit balance (number of generations purchased and remaining).
We collect standard server logs including IP address, browser type, and pages visited. These are used for security monitoring and debugging only.
We do not sell your data. We do not use your product descriptions to train AI models. We do not share your data with advertisers.
We use the following third-party services to operate DropScribe:
Database and user authentication
Store integration. When you install the DropScribe Shopify app, we read aggregate store analytics (product views, sessions, and net sales) via Shopify’s read_reports / ShopifyQL APIs to measure description performance. We do not access individual customer personal data. See Section 10.
AI generation (Claude API). Your product inputs are sent to Anthropic for processing. Anthropic does not use API inputs to train models.
Payment processing and credit pack management
Frontend hosting
Transactional email delivery
Free accounts: Generation history is retained for 30 days.
Paid accounts (credit pack holders): Generation history is retained for 90 days while your account is active.
Shopify aggregate analytics metrics: The aggregate store metrics we read for performance and lift measurement (product views, sessions, net sales, and the conversion and lift figures computed from them — see Section 10) are retained for up to 13 months. This window lets us compare performance year-over-year and across seasons; after it, the metrics are deleted or further aggregated so no per-period detail remains. These metrics contain no individual customer personal data.
If you delete your account, or a merchant uninstalls the DropScribe Shopify app, all associated data — profile, history, preferences, and stored Shopify analytics metrics — is permanently deleted within 30 days.
Depending on your location, you may have the following rights:
To exercise any of these rights, email privacy@dropscribe.app. We will respond within 30 days.
We use a single authentication cookie set by Supabase to keep you logged in. We do not use advertising cookies or third-party tracking cookies. You can clear cookies at any time through your browser settings, which will log you out.
All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text. We use Row Level Security in our database so users can only access their own data. API keys are stored as environment variables and never exposed to the frontend.
The DropScribe Chrome extension operates only on AliExpress product pages (*.aliexpress.com/*). This section explains what the extension accesses, stores, and transmits.
When you click the "Generate Description" button, the extension reads the following data from the AliExpress product page currently open in your browser: product title, product price, and product description text visible on the page. This data is already visible to you in your browser. The extension does not scrape AliExpress servers directly, does not run in the background, and does not read pages you have not explicitly opened.
The product data read from the page is sent over HTTPS to the DropScribe backend to generate an AI-powered product description. It is processed by Anthropic's Claude API and returned to you. The product input is stored alongside the generated output in your generation history, subject to the retention periods in Section 5.
The extension does not collect your browsing history, track pages you visit outside of AliExpress, monitor clicks or keystrokes, or transmit any data without your explicit action.
To use the extension you must be signed in to your DropScribe account. Your JWT authentication token is stored locally in chrome.storage.local on your device only. It is sent with each generation request to verify your identity and is never shared with third parties.
The use of data accessed by the DropScribe Chrome extension is limited to providing the AI product description generation service. Data is not used for advertising, sold to third parties, or used to build user profiles beyond what is necessary to operate the service. The use of information received from the extension complies with the Chrome Web Store User Data Policy, including the Limited Use requirements.
When you install the DropScribe app on your Shopify store, you grant DropScribe limited, read-only access to your store's aggregate analytics so we can measure how generated and enhanced product descriptions affect store performance. This section discloses exactly what we access, why, and how long we keep it, in line with Shopify's Protected Customer Data requirements.
We read aggregate store analytics only, through Shopify's read_reports scope and the ShopifyQL analytics API. Specifically, per product and per time period, we read:
These are aggregate, store-level metrics. DropScribe does not access, request, or store any individual customer personal data — no customer name, email address, phone number, billing or shipping address, payment details, or order-level identifiers. We cannot identify any individual shopper from the data we read. The read_reports scope returns aggregated reports, not customer records.
The sole purpose is performance and conversion-lift measurement: showing you whether a DropScribe-generated description improved a product's views, conversion rate, and net sales versus a control. We process only the minimum data needed for this purpose and use it for nothing else. We do not sell this data, share it with advertisers, or use it to train AI models.
Stored aggregate metrics are retained for up to 13 months to support year-over-year and seasonal comparison, then deleted or further aggregated (see Section 5). If you uninstall the DropScribe app or delete your account, all stored Shopify analytics metrics are permanently deleted within 30 days.
Stored metrics and your Shopify access token are encrypted at rest and in transit. Access is protected by Row Level Security so each store can only access its own data, and the access token is never exposed to the frontend.
By installing the DropScribe app on your Shopify store, you (the merchant) accept this Privacy Policy and our Terms of Service, which together form the privacy and data protection agreement governing this access. You may withdraw this access at any time by uninstalling the app from your Shopify admin.
We may update this policy from time to time. We will notify you by email and update the "Last updated" date at the top of this page. Continued use of DropScribe after changes constitutes acceptance of the new policy.