Privacy Policy

UnlockMerchantCenter.com ("we", "us", "our") is an independent compliance audit tool for Google Merchant Center. We are not affiliated with, endorsed by, or sponsored by Google LLC. Our registered contact email is support@unlockmerchantcenter.com.

Account information: When you create an account, we collect your name and email address.

Store data: When you run an audit, we temporarily process publicly accessible pages of the store URL you submit. We do not store raw page content — only the audit results (scores, issues found).

Payment information: Payments are processed by Stripe. We do not store credit card numbers or full payment details. We receive confirmation of subscription status from Stripe.

Google OAuth tokens: If you connect a Google Merchant Center account, we store OAuth access and refresh tokens encrypted in our database to enable ongoing scans on your behalf. You may revoke this access at any time from your Google account settings.

Usage data: We collect basic usage information (pages visited, features used) via server logs to improve the service.

• To provide audit results and compliance reports
• To manage your account and subscription
• To communicate with you about your account, billing, and service updates
• To improve our audit engine and detection capabilities
• To comply with legal obligations

We do not sell your personal data to third parties. We do not use your store data to train AI models or share it with advertisers.

We use a single session cookie (umc_session) to keep you logged in. We do not use advertising or tracking cookies. We do not use Google Analytics or Facebook Pixel.

Audit reports are retained as long as your account is active. If you delete your account, all associated data (audit records, GMC connection tokens) is permanently deleted within 30 days. You may request deletion at any time by emailing support@unlockmerchantcenter.com.

We use the following third-party services to operate our platform:

• Stripe — payment processing (stripe.com/privacy)
• Resend — transactional email (resend.com/privacy)
• Google APIs — Merchant Center data via Content API for Shopping (only when you explicitly connect your GMC account)

Depending on your location, you may have the right to: access your personal data, correct inaccurate data, request deletion, restrict or object to processing, and data portability. To exercise any of these rights, contact support@unlockmerchantcenter.com.

We use industry-standard measures including HTTPS encryption, hashed passwords (bcrypt), and httpOnly secure cookies. OAuth tokens are stored encrypted. However, no method of transmission over the internet is 100% secure.

We may update this policy from time to time. We will notify you of material changes by email or a prominent notice on the site. Continued use of the service after changes constitutes acceptance.

Questions about this policy? Email support@unlockmerchantcenter.com or visit our Contact page.