Privacy Policy

My Woo Stores ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. Please also review our Terms of Service, which govern your use of the Service.

Information You Provide

• WooCommerce store credentials (store URL, API consumer key, and consumer secret) to connect your stores
• Product content you create or edit through the app (descriptions, prices, images, attributes)
• Audio recorded during Voice Input sessions, processed for speech-to-text and AI extraction of product fields
• Photos you choose to upload as product images (only files you explicitly select are accessed)
• Support requests and communications you send to us

Information Collected Automatically

• Device information (device type, operating system, language, unique device identifiers)
• Push notification tokens (APNs / FCM) needed to deliver order and store alerts
• Subscription and purchase state from Apple App Store or Google Play, processed through RevenueCat
• Advertising identifiers used by Google AdMob to serve banner and app-open ads on the Free plan
• Usage data (features accessed, actions taken, timestamps)
• Crash reports and performance data

• To provide, maintain, and improve the Service
• To connect to and retrieve data from your WooCommerce stores
• To send you notifications related to your stores (orders, stock alerts) via Apple Push Notification Service (APNs), Firebase Cloud Messaging (FCM), and OneSignal
• To process Voice Input and AI Rewrite requests by sending the audio transcript or text to our AI provider (Groq) and returning structured product fields or rewritten copy
• To verify subscription status and process in-app purchases via RevenueCat, the App Store, and Google Play
• To display advertising to Free-plan users via Google AdMob
• To respond to your support requests and communications
• To detect, prevent, and address technical issues and security threats
• To analyze anonymous usage patterns and improve UX

Your WooCommerce API credentials are stored locally on your device using the platform's secure storage mechanisms (iOS Keychain / Android Keystore). Certain credentials may also be transmitted to and stored on our servers in encrypted form to enable push notifications, webhooks, and other server-side features.

We use industry-standard security measures including TLS encryption, secure server infrastructure, and encryption at rest to protect your data. We do not store your WooCommerce store passwords — only the API keys necessary to communicate with your stores via the WooCommerce REST API.

However, no method of electronic storage or transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security. You acknowledge that you provide your credentials at your own risk.

The security of locally stored credentials depends on your device's security measures (passcode, biometrics, device encryption). We strongly recommend against using the Service on jailbroken or rooted devices, as this significantly reduces the security of stored credentials.

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service providers: trusted third-party services that assist us in operating the Service (hosting, analytics, crash reporting)
• Legal requirements: when required by law, regulation, or legal process
• Safety: to protect the rights, property, or safety of our users or the public

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Withdraw consent for data processing
• Export your data in a portable format
• Disconnect your WooCommerce stores at any time from within the app

To exercise any of these rights, please contact us at mywoostores@gmail.com.

The Service integrates with the following third-party services. Each has its own privacy policy, and we encourage you to review them:

• WooCommerce / WordPress: the platforms your stores run on. The app connects to them via the WooCommerce REST API.
• Apple Push Notification Service (APNs) and Firebase Cloud Messaging (FCM): used to deliver push notifications.
• OneSignal: used to manage push notification audiences and delivery.
• RevenueCat: used to process and validate App Store and Google Play subscription purchases.
• Google AdMob: used to serve banner and app-open advertisements to Free-plan users. AdMob may collect advertising identifiers and device data per its own policy.
• Groq (AI provider): used to process AI Rewrite text and Voice Input transcripts. Audio is converted to text on-device or via the platform speech recognition service; only the resulting text is sent to Groq.
• Apple and Google speech recognition: used to transcribe Voice Input. Audio may be processed by the device or by the platform's servers per the manufacturer's policy.
• Umami analytics: used on our website for privacy-friendly, cookie-free analytics.

We are not responsible for the privacy practices, security measures, or data handling of any third-party service. Data shared with or processed by third-party services is subject to their respective privacy policies and terms of service.

The app requests certain operating-system permissions only when a feature requires them:

• Microphone: required for Voice Input. Audio is used solely to transcribe spoken descriptions and is not stored once transcription completes.
• Speech recognition: required to convert recorded audio into text via the platform's speech service.
• Photo library and camera: required to attach product images. We only access the specific photos you select; we do not scan or read the rest of your library.
• Notifications: required to deliver order and store-event alerts. You can revoke this permission at any time in your device settings.

All permissions can be revoked at any time through your device's system settings.

In the event of a data breach that affects your personal information or stored credentials, we will make reasonable efforts to notify affected users within 72 hours of becoming aware of the breach. Notification may be made via email, push notification, or in-app notice.

In such an event, we strongly recommend that you immediately revoke and regenerate all WooCommerce API keys that were connected through the Service, and review your store activity for any unauthorized access.

The Service is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.

We retain your personal information and store connection data for as long as your account is active or as needed to provide the Service. When you disconnect a store or delete your account, we will delete the associated credentials and personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing our agreements).

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the app and updating the "Last updated" date at the top of this page.

If you have any questions or concerns about this Privacy Policy, please contact us at:

mywoostores@gmail.com