Security & data handling

Your store data stays protected.

ResolveCart AI only uses the data needed to answer support questions. Your customer data is never used to train public AI models, and you stay in control of what the agent can do.

Encryption in transit & at rest

All traffic is encrypted with TLS 1.2+. Data at rest is encrypted with AES-256 on managed infrastructure.

Least-privilege Shopify access

We request only the Shopify scopes required to read orders, fulfillment, and customer support data — nothing more.

Never trained on your data

Your store and customer data is never used to train public AI models. Period.

Data isolation

Each store's data is logically isolated. Row-level security rules prevent cross-tenant access.

Audit trail

Every AI resolution, escalation, and policy change is logged so your team can review what happened and when.

Responsible AI

The AI agent is restricted to your policies and Shopify data. It will escalate to a human when confidence is low or the request is sensitive.

What we access from Shopify

• Orders, fulfillment, and tracking
• Customer profile (name, email, order history)
• Products and inventory metadata
• Your store's return and shipping policies

We never access payment card data, request write access to payouts, or modify orders without an explicit workflow you turn on.

Questions about how we handle data? Email security@resolvecartai.com.

This page is a general overview and is not a substitute for our full Privacy Policy and Terms of Service.