Privacy Policy
Last updated: 2026-05-07
DRAFT — this privacy policy is a working draft. Final lawyer-reviewed version will replace it before HYGO Shop's first paying merchant signs up.
Who we are
HYGO Shop is operated by HYGO Inc., a U.S. corporation. This privacy policy describes what data HYGO Shop processes when you use our service as a merchant, operator, or customer of a HYGO Shop-using merchant.
Data we process
From merchants:
- Account profile (email, name, business details)
- Catalog data synced from connected channels (products, offers, inventory)
- Order history (for analytics + reorder prediction)
- Customer records from connected channels (in hashed form when possible)
- OAuth tokens for connected platforms (encrypted at rest)
From operators:
- SuperTokens user id + email (via mify3, our authentication subprocessor)
- Profile (display name, declared skills, payout account id)
- Task history (which tasks you've claimed, completed, escalated)
From customers of HYGO Shop-using merchants:
- Order history flowing in via merchant's connected commerce channel
- Public engagement data (likes, comments, shares) on posts the merchant published via HYGO Shop
- Email (hashed where retrievable from the merchant's source system)
Connected platforms
When a merchant connects a third-party platform to HYGO Shop, we receive data from that platform. The platforms we integrate with:
- Meta (Facebook + Instagram) — Page management, IG Business publishing, engagement metrics
- TikTok — Login Kit, Content Posting
- Google (YouTube) — Channel management, video uploads
- Shopify, Amazon SP-API, WooCommerce, BigCommerce — Catalog + orders + inventory
- Stripe — Payment processing, Stripe Connect for operator payouts
- EasyPost — Shipping label generation
- Ayrshare — Default social media publishing aggregator
- Resend — Transactional email delivery (operator invites, recovery emails)
For the full list including locations and DPAs, see /subprocessors.
Cost-attribution + AI processing
HYGO Shop generates marketing content via AI models (currently Anthropic and OpenAI). When we make a model call, we tag it with a cost-attribution header containing the merchant id + campaign id + intent template id. We do NOT send personally identifying data, secrets, or platform credentials in prompts. Generated content is stored locally with full provenance (model, version, prompt hash, source product references).
Cookies + sessions
HYGO Shop uses session cookies for authentication. We do not use third-party tracking cookies or behavioral advertising cookies. Cloudflare may set technical cookies for security and performance.
Data deletion
You can request deletion of your data at any time. See /data-deletion for the full procedure (Meta + TikTok require this exact disclosure URL for app review).
Retention
Active merchant data is retained for the life of the subscription. Cancelled accounts are deleted within 30 days unless legal retention applies (e.g. tax records). Anonymized aggregate data may be retained longer for product analytics.
Security
Detailed security disclosures live at /security. Briefly: TLS 1.3 in transit, AES-256 at rest, Postgres row-level security for multi-tenant isolation, HMAC verification on every webhook.
Your rights (GDPR + CCPA)
You have the right to access, correct, or delete your data; to receive an export of your data; to opt out of any non-essential processing; and to lodge a complaint with a supervisory authority. Contact privacy@hygoshop.com to exercise any of these rights.
International transfers
HYGO Shop's primary infrastructure is in the United States (Cloudflare's edge + R2 storage + Postgres). For EU + UK merchants, data residency in EU/UK regions is available on the Migrate tier.
Changes to this policy
Material changes are notified to merchants by email at least 30 days before they take effect.
Contact
Privacy questions: privacy@hygoshop.com
Security disclosures: security@hygoshop.com
General: hello@hygoshop.com
HYGO Shop