Privacy Policy

Last updated: March 4, 2026

Sunforce ("we", "us", "our") operates the Sunforce application (the "Service"), a Shopify app that provides AI-powered financial intelligence for e-commerce merchants. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

1. Information We Collect

1.1 Shopify Store Data

When you install Sunforce, we access the following data from your Shopify store through Shopify's API:

Orders – order totals, line items, discounts, refunds, and fulfillment status
Products – product names, variants, SKUs, prices, and cost-of-goods data
Inventory – stock levels and inventory costs
Shop information – store name, currency, Shopify plan, and domain

We do not access customer personal data (names, emails, addresses, payment details) from your Shopify store.

1.2 Data You Provide

Business expenses – costs you track through Sun (e.g., "I spent $500 on Facebook ads")
Chat messages – questions and instructions you send to Sun
Financial goals – revenue/profit targets you set
Settings – alert thresholds, ad spend figures, and Shopify plan selection

1.3 Automatically Collected

Shopify session tokens (for authentication)
Basic usage data (feature usage, error logs)

2. How We Use Your Data

We use your data solely to provide the Service:

Calculate profitability, P&L statements, and financial metrics
Power AI chat responses from Sun (your questions + store data are sent to our AI provider to generate answers)
Generate automated alerts, financial briefings, and reports
Track expenses and financial goals you set
Improve the Service and fix bugs

3. AI Processing

When you chat with Sun, your message and relevant store data are sent to Anthropic (Claude) for processing. Anthropic does not use your data to train their models. We only send the minimum data needed to answer your specific question. No customer personal data is ever sent to the AI.

4. Data Storage & Security

Your data is stored in a PostgreSQL database hosted by Supabase (cloud infrastructure)
Shopify access tokens are encrypted at rest using AES-256
All data transmission uses HTTPS/TLS encryption
We do not store credit card or payment information
Database access is restricted to authenticated application services only

5. Data Sharing

We do not sell, rent, or share your data with third parties, except:

Anthropic – to process AI chat requests (as described in Section 3)
Infrastructure providers – Supabase (database), Vercel (hosting), Render (background processing) – who act as data processors under our instruction
Legal requirements – if required by law, regulation, or legal process

6. Data Retention

Your data is retained as long as you have Sunforce installed
When you uninstall, we mark your account as inactive. Data is permanently deleted within 30 days of uninstallation
You can request immediate deletion at any time by contacting us

7. Your Rights

You have the right to:

Access – request a copy of the data we hold about your store
Correct – update or correct inaccurate data
Delete – request deletion of your data
Export – download your financial data (available via Sun's export feature)
Withdraw consent – uninstall the app at any time through Shopify

8. GDPR & International

If you are in the European Economic Area (EEA), UK, or other regions with data protection laws, our legal basis for processing your data is the performance of our contract with you (providing the Service). Data may be processed in the United States where our infrastructure providers operate. We rely on standard contractual clauses for international data transfers.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes through the app or via the email associated with your Shopify account. Continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related questions, data requests, or concerns:

Email: privacy@sunforce.finance
Website: https://sunforce.finance