Accessora

Legal

Privacy Policy

How we collect, use, and protect your information when you use Accessora.

Updated March 2026

Last updated: March 5, 2026

This Privacy Policy describes how Accessora (“we”, “us”, or “our”) collects, uses, and protects information when you use our accessibility widget, Shopify app, dashboard, and website (collectively, the “Service”).

Data Controller and Processor Roles

  • Data Controller: Accessora acts as the data controller for merchant (Subscriber) account data collected directly through our Service.
  • Data Processor: Accessora acts as a data processor for End User widget interaction data, processing it on behalf of the Subscriber.

Information We Collect

Merchant (Subscriber) Data

When you install and use the Accessora Shopify app, we collect:

  • Shop Information: Shopify shop domain, shop name, email address, and timezone.
  • Subscription Data: Selected plan tier, billing status, and quota usage.
  • Widget Configuration: Your widget settings including enabled features, theme, position, language, branding, and customization preferences.
  • Authentication Data: OAuth session tokens required for Shopify app functionality.

End User Data

Accessora is designed to minimize End User data collection:

  • Widget Analytics: We collect anonymous, aggregated analytics about widget usage including widget opens/closes, feature activations, profile selections, and language preferences. This data is aggregated daily and contains no personally identifiable information (PII).
  • Browser Preferences: End User accessibility preferences (such as font size or contrast settings) are stored exclusively in the End User’s browser localStorage. This data never leaves the End User’s device and is not transmitted to Accessora.

We do not collect End User names, email addresses, IP addresses, device fingerprints, or any other PII through the widget.

Processed Data

In the course of providing the Service, we process:

  • Product Image Data: Product image URLs and existing alt text from your Shopify store, used to generate AI captions.
  • AI-Generated Captions: Image descriptions generated by computer vision, stored alongside the original image reference with confidence scores.
  • Accessibility Audit Results: WCAG audit findings including violation type, severity, affected elements, and compliance scores for pages you submit for auditing.

How We Use Your Information

We use the information collected to:

  • Provide, operate, and maintain the Service.
  • Process subscriptions and manage billing through Shopify.
  • Generate AI image captions and accessibility audit reports.
  • Apply automated accessibility fixes to your website via the widget.
  • Display aggregated analytics in your dashboard.
  • Communicate with you about your account, updates, and support.
  • Improve and develop the Service.

Third-Party Service Providers

We share data with the following third-party providers, solely for the purpose of operating the Service:

ProviderPurposeData Shared
ShopifyApp platform, billing, shop dataShop info, OAuth tokens, billing
Azure Computer VisionAI image caption generationProduct image URLs
Neon (PostgreSQL)Database hostingAll stored Service data
Upstash (Redis)Caching and rate limitingSession tokens, temporary data
Trigger.devBackground job processingImage URLs, page URLs for audits

All third-party providers are bound by their respective data processing agreements. We do not sell your data to any third party.

Data Retention

  • Merchant Data: Retained for the duration of your subscription. Upon app uninstall, your account data, widget configuration, and associated records are deleted.
  • Analytics Data: Aggregated daily. Raw event data is not retained beyond aggregation.
  • AI Captions: Stored for as long as your subscription is active. Captions may have configurable expiry periods.
  • Audit Results: Retained for the duration of your subscription for historical reference.
  • Session Data: Temporary authentication tokens expire according to standard session timeouts.

Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS/HTTPS) for all data transfers.
  • Database-level encryption at rest via our hosting providers.
  • OAuth 2.0 for Shopify authentication.
  • Role-based access controls for internal systems.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure.

Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate personal data.
  • Right to Erasure: Request deletion of your personal data (subject to legal obligations).
  • Right to Data Portability: Request your data in a structured, machine-readable format.
  • Right to Object: Object to processing of your personal data for specific purposes.
  • Right to Restrict Processing: Request that we limit how we process your data.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Cookies

For information about how we use cookies on the Accessora website, please see our Cookie Policy.

The Accessora widget itself does not set cookies. End User preferences are stored in browser localStorage only.

Children’s Privacy

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to remove it.

International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including within the European Union and the United States (via our third-party providers). Where such transfers occur, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. For significant changes, we will provide additional notice via email or the Service.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, you can contact us: