Simply SEO Agent
Legal · Privacy

Your data, your control.

How Simply SEO Agent (Lucent Innovation) collects, uses, stores, and protects merchant data on the Shopify platform.

Last updated: April 27, 2026

We don't read customer data

No read_customers, read_orders, or payment scopes. We never see your buyer PII.

Encrypted at rest

Shopify access tokens stored with AES-256. Passwords hashed with bcrypt.

Auto-delete on uninstall

Shop data is queued for permanent deletion within 48 hours of uninstall.

GDPR & CCPA compliant

Full data access, correction, and erasure rights. We respond within 30 days.

1

Overview

Simply SEO Agent("the App", "we", "us") is a Shopify app published by Lucent Innovation that provides AI-assisted SEO analysis, automated fixes, and blog content generation for Shopify merchants. This Privacy Policy explains what information we collect when you install or use the App, how we use it, and the rights you have over your data.

By installing or using the App, you agree to this policy. If you do not agree, please uninstall the App. This policy applies to data processed through https://ai-seo-optimizer.lucentinnovation.com.

2

Data we collect

We collect only the data necessary to operate the App. Specifically:

Shop & merchant account data

  • Shop domain (myshopify.com URL) and Shopify shop ID
  • Shop owner name, email, country, currency, and time zone
  • OAuth access tokens used to access the Shopify Admin API on your behalf
  • App user accounts (email, hashed password, login history) for non-Shopify logins

Store content data (read & write)

  • Products, collections, variants, vendors, tags, descriptions, and images
  • Blog articles, blog handles, and article metafields
  • Theme metadata (read only) and metaobjects required for SEO improvements
  • Page metadata: titles, meta descriptions, alt text, URL handles, structured data

Usage & telemetry

  • SEO scan history, scan results, and AI fix logs
  • Blog generation jobs, prompts, and resulting content versions
  • AI token usage, billing events, and Shopify usage charges per shop
  • Application logs (timestamps, IP, user-agent) used for security and debugging

We do not collect customer (buyer) PII

The App does not request read_customers, read_orders, or any payment-related scopes. Customer data is never read or transmitted.

3

How we use data

  • Run SEO audits, generate fixes, and write back optimized metadata to your store.
  • Generate AI blog drafts and (optionally) publish them to your Shopify blog.
  • Track AI token usage for fair billing through Shopify's usage-charge API.
  • Send service emails (e.g., scan complete, billing alerts, security notices).
  • Detect abuse, debug issues, and improve the product. We do not sell data.
4

AI processing

The App uses Anthropic's Claude models to analyze pages and generate content. When you trigger a scan or generate a blog post, the relevant page text, product metadata, or prompt context is sent to Anthropic's API for processing. Anthropic does not train its models on data submitted via the API, and data is retained only for the period required by their service terms.

For details, see Anthropic's Privacy Policy.

5

Sub-processors

We use the following sub-processors to operate the App:

ProviderPurposeRegion
Shopify, Inc.Source of merchant data and billingGlobal
Anthropic, PBCAI inference (Claude models)USA
Amazon Web ServicesApplication hosting & storageap-south-1 / us-east-1
Resend / SMTPTransactional email deliveryUSA / EU
6

Retention & deletion

We retain shop data only while the App is installed plus a short grace period to support reinstalls and billing reconciliation:

Immediately

On uninstall

We receive Shopify's app/uninstalled webhook, immediately revoke the access token, and mark the shop as inactive.

48 hours

Data deletion

Shop data (scans, jobs, content, logs) is queued for permanent deletion.

30 days

Compliance webhooks

We honor Shopify's shop/redact and customers/redact webhooks within 30 days.

7 years

Billing records

We retain anonymized billing transaction logs to comply with tax and accounting obligations.

7

Your rights (GDPR / CCPA)

If you are a merchant in the EU, UK, California, or another jurisdiction with data protection laws, you have the right to:

  • Access the personal data we hold about you and your shop.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data (right to erasure).
  • Object to or restrict certain processing.
  • Receive a portable copy of your data.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, email support@lucentcommerce.com. We respond within 30 days.

8

Security

  • All traffic served over HTTPS (TLS 1.2+).
  • Shopify access tokens encrypted at rest using AES-256.
  • Passwords hashed with bcrypt; we never store plaintext credentials.
  • Webhook payloads verified with HMAC-SHA256 against the shared secret.
  • Production database is in a private subnet with restricted IAM access.
  • Regular dependency scanning, security patching, and access reviews.
9

Cookies

Our admin interface uses first-party cookies and localStorageonly to keep merchants signed in (access & refresh tokens) and remember UI preferences (theme, active shop). We do not use third-party advertising or tracking cookies.

10

Changes to this policy

We may update this policy from time to time. Material changes will be announced via email to the shop owner and via an in-app notice at least 14 days before they take effect. Continued use of the App after the effective date constitutes acceptance.

11

Contact

Lucent Innovation

Privacy & data protection enquiries

support@lucentcommerce.com
Email us