Privacy Policy
Last updated: April 2026
Who we are
Anton is operated by Antonis Consulting. This policy explains what data we collect when you install and use the Anton app, how we use it, and your rights regarding that data. If you have questions, contact us at sam@antonis-consulting.be.
Data we collect
When you install Anton, we collect and store the following merchant data:
- Your store domain and Shopify access token (to communicate with your store)
- Your merchant email address (to create your Anton account)
- Store branding assets such as your logo and brand colours
- Order and product data accessed via the Shopify API to power automations
- Monthly usage metrics (AI requests, emails sent) to enforce plan limits
For merchants using the loyalty programme, we additionally store:
- Customer IDs (Shopify numeric IDs — no names or contact details)
- Points balance, lifetime earned and spent
For merchants using back-in-stock notifications or wishlists, we additionally store:
- Customer email address (required to send the notification)
- Customer name (optional, used to personalise the notification email)
This data is collected with the customer's explicit opt-in and is used solely to send the notification they requested. It is not used for any other purpose and is deleted when the merchant uninstalls the app.
How we use your data
- To provide and operate the Anton app features you have enabled
- To authenticate your merchant account and maintain your session
- To enforce plan limits and process subscription billing
- To send transactional emails on your behalf (e.g. review requests, restock alerts)
- To respond to support requests
We do not sell your data or use it for advertising purposes.
Third-party services
Anton uses the following sub-processors to deliver its service:
- Supabase — database and authentication (EU region)
- Stripe — subscription billing and payment processing
- Resend — transactional email delivery
- n8n — workflow automation processing (self-hosted, EU)
- Anthropic — AI assistant (Claude) for natural language queries
Each sub-processor is bound by their own privacy and data processing agreements. Data is processed in the EU where possible.
Security and encryption
Anton is built so that sensitive data is never stored in a readable form — not even by us. Specifically:
- Passwords are hashed using industry-standard algorithms by our authentication provider (Supabase). No one — including Anton staff — can read or recover your password. If you forget it, it must be reset, not retrieved.
- Payment information (card numbers, bank details) is never transmitted to or stored by Anton. All billing is handled entirely by Stripe, who are PCI DSS Level 1 certified.
- API credentials and access tokens required to connect your store are stored encrypted at rest and are never exposed in logs, support tools, or the Anton interface.
- Customer data stored by Anton is limited to what each feature strictly requires. Loyalty data uses only anonymous numeric IDs and point balances. Back-in-stock notifications store a customer's email and optionally their name, collected with explicit opt-in and used solely to send the requested notification. No customer data is used for any purpose beyond the feature that collected it.
All data is transmitted over HTTPS. Databases are encrypted at rest. Access to production data is restricted and audited. Support staff cannot view passwords, payment details, or raw credentials under any circumstances.
Data retention and deletion
Merchant and store data is retained for as long as your Anton account is active. When you uninstall the app, your store data is scheduled for deletion within 48 hours in accordance with Shopify's GDPR compliance requirements.
Customer loyalty data is deleted upon receiving a customer erasure request from Shopify, as required by GDPR.
To request early deletion of your data, contact us at sam@antonis-consulting.be.
Your rights
Under GDPR you have the right to access, correct, or delete personal data we hold about you. To exercise any of these rights, email us at sam@antonis-consulting.be and we will respond within 30 days.
Loyalty points
Anton provides merchants with the technical infrastructure to run a loyalty points programme. In this capacity, Anton's role is limited to recording and displaying point balances as instructed by the merchant.
- Loyalty points are a merchant-defined reward mechanism. Anton records point balances on behalf of the merchant but has no control over, and accepts no liability for, the monetary value, redeemability, or fulfilment of any reward those points represent.
- The rules governing how points are earned, redeemed, and expired are set entirely by the merchant, not by Anton.
- Anton is not a party to any agreement between a merchant and their customers regarding loyalty rewards, and accepts no liability for the value, availability, or fulfilment of any reward.
- Point balances recorded by Anton are provided for informational purposes only. Merchants are solely responsible for honouring their loyalty programme terms.
Changes to this policy
We may update this policy from time to time. When we do, we will update the date at the top of this page. Continued use of Anton after changes are posted constitutes acceptance of the updated policy.