SpecNgn

Privacy Policy

Last updated: March 1, 2026

This Privacy Policy describes how SpecNgn ("we", "us", or "our") collects, uses, and shares information when you install and use the SpecNgn Product Configurator application ("the App") on Shopify.

Information We Collect

Store Information

When you install the App, we access the following information from your Shopify store through Shopify's API:

  • Store profile: Store name, email address, domain, currency, and timezone.
  • Products: Product titles, descriptions, prices, variants, images, and handles. Used to display the configurator on your product pages.
  • Orders: Order data including configured product selections. Used to track configured product orders in your dashboard.
  • Themes: Theme information for deploying the configurator widget to your storefront.

Account Information

During signup, we collect your name, email address, and a password. This information is used to create your SpecNgn dashboard account.

Customer Information

SpecNgn does not collect, store, or process any personal information about your customers. The configurator widget runs on your Shopify storefront and communicates only product configuration data (material selections, pricing). Cart and checkout data is handled entirely by Shopify.

How We Use Your Information

  • To provide and operate the product configurator on your Shopify store.
  • To import and sync your product catalog for configuration management.
  • To deploy and update the configurator widget on your Shopify theme.
  • To register webhooks for order and product change notifications.
  • To send you service-related communications (setup confirmation, support responses).

Data Storage and Security

Your data is stored in a dedicated, isolated database provisioned exclusively for your store. We do not share database infrastructure between merchants.

  • Encryption at rest: All data is encrypted using AES-256 encryption at the database level.
  • Encryption in transit: All communications use TLS encryption.
  • Access tokens: Your Shopify API access token is encrypted with application-layer encryption before storage.
  • Infrastructure: Hosted on Neon (PostgreSQL) and Vercel with SOC 2 compliance.

Data Sharing

We do not sell, rent, or share your store data or customer data with any third parties. Your data is used exclusively to provide the SpecNgn service to you.

We use the following service providers to operate SpecNgn:

  • Neon: Database hosting (data storage).
  • Vercel: Application hosting (web server).
  • Cloudflare R2: Image storage (product images).
  • Resend: Transactional email (welcome email, support).

Data Retention and Deletion

We retain your data for as long as you have an active SpecNgn account. When you uninstall the App from Shopify:

  • Your Shopify access token is immediately invalidated.
  • Your account is deactivated.
  • Within 48 hours of uninstallation, Shopify sends a shop data erasure request. We process this by permanently deleting all store data associated with your account.

You can also request data deletion at any time by contacting us at privacy@specngn.com.

GDPR Compliance

SpecNgn complies with Shopify's GDPR requirements. We support all three mandatory GDPR webhooks:

  • Customer data request: We acknowledge and process requests for customer data access.
  • Customer data erasure: We acknowledge and process requests to delete customer data.
  • Shop data erasure: Upon app uninstallation, we delete all merchant data within 48 hours.

Your Rights

You have the right to access, correct, or delete your personal data at any time. You can export your product and configuration data from the SpecNgn dashboard, or contact us to request a full data export.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the SpecNgn dashboard.

Contact

For privacy-related inquiries, contact us at privacy@specngn.com.