StoreCraft

Privacy Policy

Last updated: January 2026

1. Introduction

StoreCraft Pty Ltd (ABN to be registered) ("StoreCraft", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our Service, you consent to the collection and use of information in accordance with this policy. If you do not agree with our policies, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

  • Account Information: Email address, name, password (hashed), and profile picture
  • Store Information: Store name, description, logo, product listings, and pricing
  • Payment Information: Billing details processed through Stripe (we do not store full card numbers)
  • Communications: Support requests, feedback, and correspondence with us
  • Business Information: ABN, business name, and tax details if provided

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: Pages visited, features used, time spent, and interactions
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, and referring URLs
  • Cookies and Tracking: See Section 8 for details on cookies

2.3 Information from Third Parties

We may receive information from third parties, including:

  • Stripe: Payment processing status and customer verification
  • Social Media: If you connect social accounts for AI posting features
  • Analytics Providers: Aggregated usage statistics

3. How We Use Your Information

We use your personal information for the following purposes:

  • Provide the Service: Create and manage your account and stores
  • Process Payments: Manage subscriptions and billing through Stripe
  • AI Features: Generate content, images, and social media posts
  • Improve the Service: Analyze usage patterns and optimize features
  • Communications: Send service updates, newsletters (with consent), and support responses
  • Security: Detect, prevent, and address fraud and security issues
  • Legal Compliance: Comply with legal obligations and resolve disputes
  • Gamification: Track achievements, levels, and progress for platform engagement

4. Disclosure of Your Information

We may share your personal information with:

  • Service Providers: Third parties who assist us in operating our Service, including:
    • Stripe (payment processing)
    • Turso (database hosting)
    • Vercel (web hosting)
    • AI providers (content generation)
    • Email service providers
  • Your Customers: Information necessary to fulfill orders through your store
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: For any other purpose with your explicit consent

We do not sell your personal information to third parties for their marketing purposes.

5. International Data Transfers

Your information may be transferred to and processed in countries outside Australia, including the United States, where our service providers are located. We ensure that any such transfers comply with the APPs and that appropriate safeguards are in place to protect your information.

Our service providers are contractually obligated to handle your data in accordance with privacy standards equivalent to Australian law.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication using magic links (passwordless)
  • Regular security assessments and monitoring
  • Access controls and employee training
  • Secure cloud infrastructure with reputable providers

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as:

  • Your account is active
  • Necessary to provide you with our Service
  • Required to comply with legal obligations (e.g., tax records for 7 years)
  • Needed to resolve disputes and enforce agreements

After account deletion, we retain your data for 30 days to allow for account recovery, after which it is permanently deleted, except where retention is required by law.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Understand how you use our Service to improve it

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our Service.

9. Your Rights Under Australian Privacy Law

Under the Australian Privacy Principles, you have the right to:

  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Complaint: Lodge a complaint about our handling of your information
  • Opt-out: Opt out of receiving marketing communications
  • Anonymity: Where practical, interact with us without identification

To exercise these rights, contact us at privacy@storecraft.app. We will respond to your request within 30 days.

10. Your Store Customers' Privacy

When you operate a store on StoreCraft, you become a data controller for your customers' personal information. You are responsible for:

  • Having your own privacy policy that complies with applicable laws
  • Obtaining necessary consents from your customers
  • Handling customer data in accordance with privacy laws
  • Responding to customer data requests

StoreCraft acts as a data processor on your behalf for customer order data.

11. AI and Automated Decision Making

Our Service uses AI to generate product descriptions, images, and social media content. This AI processing:

  • Is based on inputs you provide (product details, preferences)
  • Does not make automated decisions that significantly affect you without human review
  • May be processed by third-party AI providers under strict data processing agreements
  • Does not use your data to train AI models without your explicit consent

12. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

14. Contact Us and Complaints

If you have questions about this Privacy Policy or wish to make a complaint about our handling of your personal information, please contact us:

  • Privacy Officer Email: privacy@storecraft.app
  • General Support: support@storecraft.app

We will investigate your complaint and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
← Back to StoreCraft