VantageDash
Sign InGet Started

Privacy Policy

Last updated: March 22, 2026

1. Introduction

VantageDash ("we", "us", or "our") operates the vantagedash.io website and the VantageDash application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect your email address and password. Passwords are hashed and never stored in plaintext. Authentication is managed by Supabase.

Business Information

You may provide your brand name, website URL, industry, and related business details to configure your workspace.

Shopify Store Data

If you install VantageDash from the Shopify App Store, we access your store's product catalog (titles, prices, images, variants, SKUs) using the read_products scope. We do not access customer data, orders, or payment information. We store an encrypted OAuth access token to maintain the connection.

Competitor Data

We collect publicly available product information (names, prices, images, URLs) from competitor websites that you add to your workspace. This data is sourced from public storefronts and product pages.

Usage Data

We collect anonymous usage analytics (page views, feature usage) to improve the Service. We do not sell or share this data with third parties.

3. How We Use Your Information

  • Provide and maintain the Service
  • Sync your product catalog from Shopify
  • Match your products against competitor products
  • Generate price comparison analytics and alerts
  • Send transactional emails (account confirmation, password reset)
  • Send optional product update emails (you can unsubscribe anytime)
  • Improve the Service based on aggregated usage patterns

4. Data Storage and Security

Your data is stored in Supabase (hosted on AWS us-east-1) with row-level security (RLS) enforced on all tables. Each tenant's data is isolated — you can only access your own workspace data.

  • Shopify credentials are encrypted at rest using Fernet symmetric encryption
  • All API communication uses HTTPS/TLS
  • Authentication tokens are validated on every request
  • Security headers (CSP, HSTS, X-Frame-Options) are applied to all responses
  • Rate limiting protects against abuse

5. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share data with:

  • Service providers — Supabase (database), Vercel (hosting), Stripe (payments), OpenAI (product matching AI) — only as needed to operate the Service
  • Legal requirements — if required by law, regulation, or legal process

6. Data Retention

We retain your data for as long as your account is active. You can request data export or deletion at any time via Settings. If you uninstall the Shopify app, we delete all associated shop data within 48 hours per Shopify's GDPR requirements.

7. Your Rights

  • Access — request a copy of your stored data
  • Correction — update your account information via Settings
  • Deletion — delete your account and all associated data
  • Export — export your data in CSV/PDF format
  • Opt-out — unsubscribe from non-essential emails

8. Cookies

We use essential cookies for authentication session management. We do not use third-party advertising cookies.

9. Children's Privacy

The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.

11. Contact

For privacy-related questions or requests, contact us at privacy@vantagedash.io.