How Meridian handles store information

Information Meridian processes

Meridian processes merchant and shop data needed to authenticate the app, connect to Shopify, and provide AI chat edit workflows for storefront blocks and app embeds.

When a merchant uses Meridian Chat, Meridian may process chat prompts, conversation history, optional reference images, customization previews, block and theme settings needed to apply changes, and related operational logs.

• Shop and installation metadata such as shop domain, access scopes, and app session state.
• AI chat inputs such as prompts, thread history, clarification answers, reference image context, and generated customization previews for blocks like bundles, buy buttons, announcement bars, sticky cart, and payment icons.
• Storefront configuration and implementation context needed to preview, apply, or undo supported AI edits within the merchant's Shopify environment.
• Aggregated reporting and analytics information retrieved from Shopify to power dashboard metrics and performance summaries.
• Support and troubleshooting context that merchants intentionally provide through support requests sent to getmeridian.app@gmail.com.

How Meridian uses information

Meridian uses processed information to authenticate merchants, run AI chat customization flows, generate and apply supported storefront edits, render reporting dashboards, monitor service health, and respond to support requests.

Meridian is designed to use the minimum personal data reasonably required for those workflows. Meridian does not sell customer data and does not request protected customer fields such as name, email, phone, or address for the dashboard flows described in the app today.

Sharing and subprocessors

Meridian may share data with infrastructure and service providers that help operate the app, such as hosting, database, queueing, analytics, AI, and Shopify platform services. Data is shared only as needed to provide the service, secure the product, or comply with legal obligations.

Where screenshots or files are created through Shopify-managed storage, those merchant-owned assets remain subject to the merchant's Shopify environment and controls.

Retention

Meridian applies defined retention windows to application data stored in Meridian's own database. Expired guide sessions are purged automatically, chat and customization records are kept only as long as needed for active workflows and support, and older terminal background job records are deleted on a rolling basis after 30 days.

Guide sessions used for theme-editor guidance are short-lived and expire automatically. The current default guide-session retention window is 7 days or less depending on the session expiry.

Security

Meridian is intended to encrypt data in transit using HTTPS/TLS and to rely on encrypted-at-rest controls provided by its production hosting and storage providers. Access to protected operational data should be limited to authorized personnel with a business need to know.

Meridian also uses access controls, scoped Shopify permissions, and operational logging to reduce unnecessary exposure of store and customer-related data.