Effective date: March 13, 2026 · Last updated: March 15, 2026
DriftVane (“we”, “our”, or “us”) operates AgentPulse, an AI-attributed commerce tracking application for Shopify merchants. This Privacy Policy explains what data we collect, how we use it, and your rights.
AgentPulse is a Shopify application operated by DriftVane at www.driftvane.com. For privacy inquiries contact privacy@driftvane.com.
Merchant data. When you install AgentPulse we collect your shop domain, shop name, primary storefront domain, currency, timezone, and Shopify plan name. We store an encrypted session token for authentication.
Product data. We sync your product catalog (titles, handles, descriptions, tags, image count, variant count, and pricing) to power AI-readiness scoring and competitive analysis. Product content may be sent to OpenAI for readiness assessment and content scoring. Only product data (never customer data) is transmitted to OpenAI.
Storefront behavioral data. Via a Shopify Web Pixel and an optional theme extension, we collect anonymized storefront events including page views, product views, add-to-cart events, and purchases. We also collect the HTTP referrer header, UTM parameters, user-agent string, and a randomly generated anonymous session identifier. This data is used to attribute traffic to AI sources such as ChatGPT, Perplexity, Claude, or Gemini. We do not collect customer names, email addresses, phone numbers, IP addresses, or any personally identifiable information (PII).
Billing data. We store your subscription status and plan tier. Payment processing is handled entirely by Shopify. We never see or store credit card information.
AgentPulse does not collect, store, or process end-customer personally identifiable information. The anonymous session identifiers used for attribution are randomly generated tokens not linked to any customer identity in our database or in Shopify.
We do not sell merchant or customer data. We share data only with sub-processors necessary to operate the service:
We retain shop and product data for the duration of the app installation. Raw tracking events are retained for 90 days. Attribution sessions are retained for 12 months. Upon app uninstall, we deactivate the shop record. Upon receiving a Shopify GDPR shop-deletion request, we permanently delete all shop-associated data within 30 days.
If you are a merchant in the EU, UK, or California, you may request access to or deletion of your data by emailing privacy@driftvane.com. We will respond within 30 days. Because AgentPulse stores no end-customer PII, customer data-request and deletion requests are automatically acknowledged with an empty dataset.
Session tokens and sensitive fields are encrypted at rest using AES-256-GCM field-level encryption. All data is transmitted over TLS 1.2+. Webhook payloads are verified using HMAC-SHA256 with timing-safe comparison.
We will post changes to this page and update the effective date. Continued use of AgentPulse after changes constitutes acceptance.
Email: privacy@driftvane.com