← SupportLift

Privacy Policy

Last updated: 2026-04-19

Who we are

SupportLift ("we", "our") operates an AI customer support platform for Shopify merchants at supportlift.app.

What data we collect

From merchants (Shopify stores): shop domain, access token, store metadata (name, timezone, currency, plan), published products, pages, articles, collections, and policies. We do not read customer PII at rest from Shopify. Customer records are queried on-demand to answer the customer themselves.

From shoppers (visitors): anonymous session token, current page URL, browser user agent, country, and the messages they send. When a shopper identifies with an email, we link the session to a contact record.

How we use it

To provide AI support: answering questions, looking up orders, recommending products, escalating to the merchant's team. AI requests are routed through OpenRouter to models from Anthropic, OpenAI, and other providers. Provider terms prohibit training on our data.

Subprocessors

Supabase (Postgres hosting), Upstash (Redis queues), Fly.io (compute), Vercel (dashboard hosting), OpenRouter (LLM gateway), Resend (transactional email). All are SOC 2–compliant.

Your rights (GDPR / CCPA)

Shoppers can request their data or request deletion at any time via the merchant. Merchants can trigger a full data deletion by uninstalling SupportLift. We redact all shop data within 48 hours of receiving Shopify's shop/redact webhook.

Contact

Questions: privacy@supportlift.app