Alchemy Recipes collects data needed to authenticate your store, store recipe records, synchronize content with Shopify, and power optional analytics and AI features aligned with our access scopes.

Merchant and store data

• Your Shopify store domain plus OAuth credentials (access token stored for API access consistent with Shopify session handling)
• Embedded app session details provided by Shopify (for example name, email, and locale where Shopify supplies them)
• Billing and subscription identifiers and status synced from Shopify’s billing APIs where applicable
• Recipe content you save in the app: titles, descriptions, URLs/slugs, images and media URLs, timings, servings, difficulty, nutrition fields, instructional steps, and tags
• Ingredient lines: free-text ingredients, quantities, mapped Shopify product and variant identifiers when you link catalog items
• Mappings and linkage between recipes and products maintained for merchandising surfaces (within granted scopes)
• Published representations written to Shopify (for example blogs, metaobjects and metafields, product metafields) as you publish or configure the app
• Administrative and operational preferences such as onboarding flags and embedding index processing status on supported plans

Analytics and embeddings (supported plans)

• Aggregated recipe analytics keyed by calendar day (for example view, cart, order, and revenue counters tied to recipes in our reporting model — not stored by customer identifier in our application database)
• Product-side text derived from your catalog (such as titles, descriptions, and tags) used for ingredient mapping and optional vector embeddings cached per product for your shop; global embedding vectors may also be reused when the same canonical text hashes appear across installs
• Usage counters relating to embedding or mapping operations for rate-limiting purposes

We do not use Alchemy Recipes to collect storefront customer names, mailing addresses, or payment card data. Checkout and payments are handled by Shopify and your payment providers.

We use the data we collect to operate Alchemy Recipes:

• Authenticate admins and securely call Shopify’s Admin API within the scopes your store grants
• Create, update, and remove recipe records and related Shopify content according to your actions in the app
• Expose recipe experiences on your storefront where you enable them (including app proxy paths and storefront-readable metafields as configured)
• Support optional AI-assisted linking of ingredient lines to catalog products via embeddings where that feature is available on your plan
• Provide in-app dashboards and aggregated analytics summaries
• Enforce subscription or plan gates and reflect billing status
• Honor Shopify mandatory webhooks and maintain service reliability

We do not sell, rent, share, or trade merchant or storefront-shopper personal data with third parties for advertising, marketing, or unrelated commercial purposes.

Alchemy Recipes does not send promotional email to your customers. Subscription and billing-related communications from Shopify appear according to Shopify’s policies.

Support

If you email us for help, we use your message and address only to reply. We do not add you to marketing lists solely because you contacted support.

Application data is stored in PostgreSQL on secure cloud infrastructure. We implement common safeguards including:

• Encrypted connections (HTTPS/TLS) between clients and our servers
• Secure OAuth flows and API usage through Shopify
• Secrets and credentials handled via deployment environment controls
• Database access constrained to components that require it

We do not store customer payment card information; app billing is processed through Shopify where applicable.

We retain merchant configuration, recipe content, embeddings, and analytics for your shop for as long as Alchemy Recipes remains installed and your shop record exists in our system. When you uninstall the app, we remove sessions and delete shop-scoped application data in line with our implementation. When Shopify sends the mandatory shop/redact webhook, we delete sessions and purge the shop’s application database record (and related rows through our data model). Our recipe analytics are aggregated by recipe and day and are not keyed by storefront customer or order identifier in the application database; mandatory customers/redact deliveries are acknowledged accordingly. You may request assistance with deletion or privacy questions by contacting us at [email protected]

Alchemy Recipes is designed to meet Shopify’s mandatory privacy expectations. We subscribe to compliance webhooks, including:

• customers/data_request — we acknowledge requests; we do not maintain per-customer personal data stores in our application database for Alchemy Recipes features beyond the merchant and aggregated analytics described above
• customers/redact — we acknowledge customer redaction events; our recipe analytics are not stored keyed by customer or order ID in the app database
• shop/redact — we delete sessions and remove the shop and associated application data as required after uninstall or erasure

Where the GDPR applies, merchants remain the controller for their end-customers’ personal data; Alchemy Recipes processes merchant and store data as needed to deliver the application on your instructions.

Alchemy Recipes relies on:

• Shopify APIs and platform services — to read and write products, files, blogs, themes or content, metaobject definitions and entries, billing, app proxy routing, and other store assets within granted scopes
• Cloud hosting — to run the application and databases
• Embedding or language-model providers — only when you use AI-assisted features that generate or query vector embeddings configured in the product

Subprocessors host and operate infrastructure only as needed to run the service.

The embedded Alchemy Recipes admin runs inside Shopify; session and security cookies follow Shopify’s practices described in Shopify’s documentation. This standalone policy page does not set marketing cookies or third-party advertising scripts.

As a merchant, you can:

• Edit or remove recipes and related Shopify-published content from the app subject to how you have linked those resources in your store
• Uninstall Alchemy Recipes to stop future processing associated with the app (Shopify and our compliance handlers perform additional erasure steps as described above)
• Contact us for privacy questions or assistance related to our records

We may update this privacy policy to reflect changes in our practices, technology, or legal requirements. We will revise the “Last updated” date on this page when we do. Continued use of the app after updates constitutes acceptance of the revised policy where permitted by law. We may notify you of material changes through the app or by email when appropriate.

If you have questions about this privacy policy or Alchemy Recipes data practices, contact:

Apps Alchemy
[email protected]

We aim to respond to privacy-related inquiries promptly.