TrendSmart — AI-powered POD autopilot now liveEasyFlip — List once, sell on 8 marketplacesStoreGuard — Real-time Shopify fraud detectionRaffleBattle — Catch every fake entry instantlyShipSense — AI shipping optimizer for ShopifyReturnShield — AI return fraud detectionPriceWolf — Dynamic competitor price trackingBookified — AI storybooks from your photosFree Strategy Call consultation availableBuilt with research-grade AI — 10+ shipped productsTrendSmart — AI-powered POD autopilot now liveEasyFlip — List once, sell on 8 marketplacesStoreGuard — Real-time Shopify fraud detectionRaffleBattle — Catch every fake entry instantlyShipSense — AI shipping optimizer for ShopifyReturnShield — AI return fraud detectionPriceWolf — Dynamic competitor price trackingBookified — AI storybooks from your photosFree Strategy Call consultation availableBuilt with research-grade AI — 10+ shipped products

Legal

Privacy Policy

Effective April 1, 2026

AISpec Technologies ("AISpec", "we", "us") operates aispec.tech, aispec.shop, and all associated products. This policy explains what data we collect, how we use it, and your rights.

1. Products Covered

This policy covers all AISpec products and services:

  • StoreGuard — Shopify security monitoring app (storeguard.aispec.tech)
  • TrendSmart — AI-powered POD design finder
  • EasyFlip — Cross-platform listing automation
  • RaffleBattle — Raffle fraud detection
  • Shopsense — Chrome extension for store trust-checking (aispec.tech/shopsense)
  • Coupon Hunter — Chrome extension for AI-verified coupon codes (aispec.tech/coupon-hunter)
  • Bookified — AI storybook generator
  • Strategy Calls & System Audits — Consulting services

2. Data We Collect

2a. Account & Payment Data

When you purchase a product, payment is processed by Shopify Payments or Stripe. We receive your name, email, and transaction details. We never see or store your full credit card number.

2b. StoreGuard (Shopify App)

StoreGuard accesses the following Shopify data via OAuth:

DataScopePurpose
Order data (totals, IPs, status, addresses)read_ordersFraud pattern detection
Theme filesread_themesCode injection monitoring
Script tagsread_script_tagsThird-party script audit
Store content (policies)read_contentCompliance checks

StoreGuard does not collect customer names, emails, phone numbers, payment card details, or personal browsing history. Our optional bot detection beacon collects anonymous behavioral signals (mouse entropy, scroll patterns) without cookies or cross-site tracking.

2c. Shopsense (Chrome Extension)

When you click the Shopsense icon on a tab and run a trust check, the extension reads that tab's publicly-visible content and sends it to our backend for AI analysis:

DataWhyRetention
Page URL, title, meta descriptionIdentify the store being checkedNot stored server-side; cached 24h in your browser only
Product titles, prices, footer textScam-signal analysisNot stored server-side
Policy/contact/social links found on the pageLegitimacy signalsNot stored server-side
Domain RDAP metadata (age, registrar, nameservers)Fraud-pattern detectionNot stored server-side
Anonymous installation ID (UUID)Aggregate usage countsUntil uninstall

Shopsense never reads other tabs, browser history, cookies, localStorage, credentials, or form data. It only runs when you explicitly click the icon and click "Run trust check." All trust-check results are cached in your browser (chrome.storage.local) for 24 hours and can be cleared at any time from the History tab. No account is required.

2d. Coupon Hunter (Chrome Extension)

When you open the Coupon Hunter panel on a store or click "Find a discount," the extension reads that tab's domain and visible text and sends it to our backend so Claude can research coupon codes and generate page-specific tips:

DataWhyRetention
Active tab domain (e.g. gymshark.com)Identify the store to research on Reddit + webNot stored server-side; cached 6h in your browser only
Visible checkout/cart textGenerate Checkout IQ tips (free shipping thresholds, stackable promos)Not retained — sent to Claude only for the current request
Product page title + price (when present)Cross-retailer price comparisonNot stored server-side
Watchlist domains you addRe-run code research every 6 hoursStored in your browser sync storage until you remove
Anonymous API token (issued on opt-in)Quota accounting on the hosted backendStored in your browser; revoked on uninstall or upgrade to local mode
Hashed coupon codes you confirmed worked (optional, off by default)Community freshness signals for other usersHash-only; original code not recoverable; can be disabled in Settings
Stripe customer ID + subscription ID (Pro users only)Manage your subscription and process renewalsUntil you cancel and delete the account

Coupon Hunter never reads other tabs, browser history, cookies, localStorage, credentials, or form data. It only sends data when you click the icon, click "Find a discount," or when a watchlist re-check fires on its 6-hour schedule. We do notinject affiliate tags at your checkout, and we do not read your email. Pro subscriptions are processed by Stripe; card numbers never touch the extension or our backend.

2e. Website Analytics

We use privacy-respecting analytics. No personal data is sold to advertisers or data brokers.

3. How We Use Your Data

  • Deliver and operate the products you purchased
  • Detect fraud patterns and security threats (StoreGuard)
  • Generate security scores, reports, and alerts
  • Process payments and manage subscriptions
  • Respond to support requests
  • Comply with legal obligations

We do not sell, rent, or share your data with advertisers or data brokers.

4. Data Retention

DataRetention
StoreGuard security events90 days (Sentinel) / 30 days (Guardian)
StoreGuard fraud IP tracking30-minute sliding window, auto-purged
StoreGuard scan resultsLast 100 scans
StoreGuard OAuth tokensUntil uninstall (encrypted AES-256-GCM)
Purchase/order recordsAs required by law (typically 7 years)
Support emailsUntil resolved + 12 months

5. Data Deletion & GDPR

StoreGuard supports all 3 mandatory Shopify GDPR webhooks:

  • Customer data request — we export all data associated with a customer
  • Customer data erasure — we delete all data linked to a customer's orders
  • Shop data erasure — on uninstall or store closure, we delete all store data

For all products: you may request data export or deletion at any time by emailing privacy@aispec.tech. Uninstalling StoreGuard triggers automatic full data deletion.

If you are in the EU/EEA, you have the right to access, correct, delete, or restrict processing of your data, and to lodge a complaint with your local supervisory authority.

6. Security

  • Access tokens encrypted at rest (AES-256-GCM)
  • Webhooks verified via HMAC-SHA256 with timing-safe comparison
  • HTTPS enforced on all endpoints
  • No customer PII stored in event logs
  • Replay prevention on all webhook ingestion

7. Third-Party Services

  • Shopify — Platform APIs, billing, OAuth
  • Have I Been Pwned — Domain-only breach checks (no customer data sent)
  • Stripe / Shopify Payments — Payment processing
  • Vercel — Website hosting

Alert delivery (Slack, email) uses your configured channels. PII is redacted from alert payloads.

8. Cookies

aispec.tech uses only essential cookies for site functionality. StoreGuard's bot detection beacon does not use cookies. We do not use tracking cookies or third-party advertising cookies.

9. Children

Our products are designed for business use and are not directed at children under 16.

10. Changes

We may update this policy. Material changes will be communicated via email or product dashboard.

11. Contact

AISpec Technologies
Email: privacy@aispec.tech
StoreGuard support: support@storeguard.aispec.tech