Updated on December 10, 2025
Updated on December 10, 2025
Privacy policy
At Auma | AI Marketing (“Auma”, “we”, “us”), your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your information when you use our Shopify app.
At Auma | AI Marketing (“Auma”, “we”, “us”), your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your information when you use our Shopify app.
Information we collect
When you install and use Auma, we collect the information needed to power our marketing features, including:
Store details – shop domain, primary contact email, plan type.
Products and collections – titles, descriptions, media URLs, and inventory data.
Content and media – blog posts, pages, files, and other media assets used in campaigns.
Customers and orders – customer names, email addresses, order history, and fulfillment status (as provided by Shopify).
Metaobjects and custom data – definitions and records used to populate your marketing templates and automations.
Instagram data (optional) – if you connect an Instagram Business account, we receive access tokens, your business account ID and username, and basic posting history (such as which posts were published through the app).
App usage data – login timestamps, settings you change, campaign approvals, webhook statuses, and similar configuration actions.
Support and log data – the email address and details you provide when contacting support, plus short-lived logs such as IP address, user agent, and error messages for troubleshooting and security.
We do not collect your payment-card numbers or your personal banking details.
When you install and use Auma, we collect the information needed to power our marketing features, including:
Store details – shop domain, primary contact email, plan type.
Products and collections – titles, descriptions, media URLs, and inventory data.
Content and media – blog posts, pages, files, and other media assets used in campaigns.
Customers and orders – customer names, email addresses, order history, and fulfillment status (as provided by Shopify).
Metaobjects and custom data – definitions and records used to populate your marketing templates and automations.
Instagram data (optional) – if you connect an Instagram Business account, we receive access tokens, your business account ID and username, and basic posting history (such as which posts were published through the app).
App usage data – login timestamps, settings you change, campaign approvals, webhook statuses, and similar configuration actions.
Support and log data – the email address and details you provide when contacting support, plus short-lived logs such as IP address, user agent, and error messages for troubleshooting and security.
We do not collect your payment-card numbers or your personal banking details.
How we use your information
We use your information to:
Generate and suggest marketing campaigns across email, on-site content, push notifications, and Instagram.
Publish Instagram posts you approve to your connected Instagram Business account.
Fill your marketing templates with up-to-date products, collections, and brand settings.
Sync marketing data to services you choose to connect (for example, Make.com webhooks).
Provide dashboards, analytics, and campaign history so you can track performance.
Maintain security, debug issues, and improve the reliability and usability of the app.
Send you relevant product updates, onboarding guidance, and support responses.
We do not use your store data for unrelated advertising, and we never sell your data.
We use your information to:
Generate and suggest marketing campaigns across email, on-site content, push notifications, and Instagram.
Publish Instagram posts you approve to your connected Instagram Business account.
Fill your marketing templates with up-to-date products, collections, and brand settings.
Sync marketing data to services you choose to connect (for example, Make.com webhooks).
Provide dashboards, analytics, and campaign history so you can track performance.
Maintain security, debug issues, and improve the reliability and usability of the app.
Send you relevant product updates, onboarding guidance, and support responses.
We do not use your store data for unrelated advertising, and we never sell your data.
How we share your information
We only share your information with:
Shopify – as required to operate as an embedded Shopify app and comply with their terms.
Facebook/Instagram – when you enable Instagram features, we send post content and scheduling information to the Instagram Graph API to publish on your behalf.
Connected services – such as Make.com, when you enable webhooks or integrations that require us to send campaign or product data.
Service providers – trusted infrastructure and support providers (for example, hosting, databases, email support tools) who help us run the app and are bound by confidentiality and security obligations.
Law enforcement or regulators – if we are legally required to do so.
We only share your information with:
Shopify – as required to operate as an embedded Shopify app and comply with their terms.
Facebook/Instagram – when you enable Instagram features, we send post content and scheduling information to the Instagram Graph API to publish on your behalf.
Connected services – such as Make.com, when you enable webhooks or integrations that require us to send campaign or product data.
Service providers – trusted infrastructure and support providers (for example, hosting, databases, email support tools) who help us run the app and are bound by confidentiality and security obligations.
Law enforcement or regulators – if we are legally required to do so.
Data security
We take appropriate technical and organisational measures to protect your information, including:
Encrypted connections (HTTPS/TLS) for all data in transit.
Secure databases with access controls and encryption at rest.
Strict handling of tokens (including Instagram access tokens), which are stored securely and never logged in plain text.
Principle of least privilege for internal access to production systems.
Monitoring and regular updates to keep infrastructure and dependencies secure.
No method of transmission or storage is completely risk-free, but we work continuously to safeguard your data.
We take appropriate technical and organisational measures to protect your information, including:
Encrypted connections (HTTPS/TLS) for all data in transit.
Secure databases with access controls and encryption at rest.
Strict handling of tokens (including Instagram access tokens), which are stored securely and never logged in plain text.
Principle of least privilege for internal access to production systems.
Monitoring and regular updates to keep infrastructure and dependencies secure.
No method of transmission or storage is completely risk-free, but we work continuously to safeguard your data.
Your rights
As a Shopify merchant using Auma, you may:
Access and update settings – manage campaign settings, channels, and schedules from within the app.
Connect or disconnect Instagram – control your Instagram Business connection and revoke access at any time from the app settings.
Request deletion or export – contact us to request deletion or export of your store-specific data from Auma (subject to our legal obligations and Shopify’s requirements).
Restrict processing – pause or disable certain campaign channels or automations using the in-app controls.
For your end customers (shoppers), privacy rights requests (such as access or deletion) must be initiated through Shopify’s privacy tools. We assist the merchant of record (you) in fulfilling those requests where Auma is involved.
As a Shopify merchant using Auma, you may:
Access and update settings – manage campaign settings, channels, and schedules from within the app.
Connect or disconnect Instagram – control your Instagram Business connection and revoke access at any time from the app settings.
Request deletion or export – contact us to request deletion or export of your store-specific data from Auma (subject to our legal obligations and Shopify’s requirements).
Restrict processing – pause or disable certain campaign channels or automations using the in-app controls.
For your end customers (shoppers), privacy rights requests (such as access or deletion) must be initiated through Shopify’s privacy tools. We assist the merchant of record (you) in fulfilling those requests where Auma is involved.
Changes to this policy
We may update this policy to reflect changes in our services or the law. We will notify you of significant changes.
We may update this policy to reflect changes in our services or the law. We will notify you of significant changes.
Contact us
If you have questions or concerns, please email us at auma@aiauma.com.
If you have questions or concerns, please email us at auma@aiauma.com.