Last updated: March 2026
RevPilot collects anonymous storefront events (page views, product views, cart actions, checkout events) through Shopify's Web Pixel API. We do not collect personally identifiable information (PII) from your customers.
Event data is used exclusively to generate analytics, conversion insights, AI recommendations, and experiment results for your store. Your data is never shared with other merchants or third parties.
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Data is stored in AWS infrastructure in the US West (Oregon) region. Each tenant's data is logically isolated.
Event data is retained for the duration of your subscription. When you uninstall RevPilot, all associated data is permanently deleted within 30 days in compliance with Shopify's GDPR requirements.
RevPilot supports Shopify's mandatory GDPR webhooks: customer data requests, customer data erasure, and shop data erasure. We process all requests within the required timeframes.
For privacy questions, contact us at support@rev-pilot.org.