Your store data is handled with care.
Data encryption
All data transmitted to and from Merchantsage is encrypted in transit using TLS. Data at rest is encrypted by our database provider, Supabase.
Authentication
Merchantsage uses Supabase Auth for account authentication. Passwords are hashed and never stored in plain text. Shopify stores connect via OAuth — we never see or store your Shopify admin password. WooCommerce stores connect via API key with read-only permissions where possible.
AI and your data
We use Anthropic's Claude to generate merchandising recommendations. Your store data is sent to Anthropic's API solely to generate recommendations. It is not used to train AI models. We do not store prompts or responses beyond what is needed to display results in your dashboard.
Billing security
Payment processing is handled entirely by Stripe. Merchantsage never sees or stores your credit card details.
Access controls
Access to production data is restricted to essential team members only. We do not sell, share, or rent your store data to third parties.
Responsible disclosure
If you discover a security vulnerability in Merchantsage, please email hello@merchantsage.com with details. We take all reports seriously and will respond promptly.