Drophero is a software service operated by Drophero, registered in the Netherlands with the Dutch Chamber of Commerce. Drophero provides tools that help merchants create original Shopify-ready product drafts and ad creative drafts from product information they are authorized to use.
Drophero is a software service operated by Drophero, registered in the Netherlands with the Dutch Chamber of Commerce. Drophero provides tools that help merchants create original Shopify-ready product drafts and ad creative drafts from product information they are authorized to use.
Public contact email: info@drophero.app
Privacy and data request email: info@drophero.app
Support and refund email: info@drophero.app
We do not publish the private residential address of the business owner on this website. Where a formal address is legally required by a competent authority, platform reviewer, payment provider, or regulator, it can be provided through the appropriate private channel.
This Privacy Policy applies to drophero.app, the Drophero web application, Drophero Shopify app functionality, optional Chrome Extension functionality, and related support services.
This policy explains what data we collect, why we collect it, how we use it, how long we keep it, and how users can request access, correction, deletion, or other privacy rights.
Drophero is designed for merchant-controlled and rights-safe product workflows. Users may only use product information, URLs, media, advertising references, and other source materials that they own, are licensed to use, or are authorized to use for officially licensed or dropshipped products.
Public ads or third-party pages may only be used as creative inspiration for structure, hooks, benefits, and formatting. Drophero does not permit users to copy third-party product text, images, videos, logos, trademarks, brand assets, or other protected content without permission.
Before publishing, users must review and approve generated content and confirm that they have the necessary rights to use the product information and selected media.
When a user creates or uses an account, we may collect and process:
When a merchant connects Drophero to Shopify, we may process Shopify data necessary to install, authenticate, operate, and publish approved product drafts. This may include:
Drophero does not request Shopify API access to store customer, order, payment, or checkout data for the core product publishing flow. Unless a future feature explicitly requires it and the required access is approved and disclosed, we do not collect or store Shopify store buyer (end-customer) data, including:
Data we store relates to the merchant's Drophero account and connected shop operations (for example shop domain, OAuth tokens, product drafts, and publishing logs), not to individual buyers who purchase from the merchant's Shopify store.
When users generate product drafts or ad creative drafts, we may process:
If a user chooses to use the Drophero Chrome Extension, the extension may collect only the data needed to send selected source or inspiration information to the user's Drophero account. This may include user-selected public text snippets, page metadata, source URLs, and image URLs.
The Chrome Extension is optional for the Shopify flow. It should not read passwords, private messages, payment card data, checkout data, or private account areas. Data is sent to Drophero only when the user actively uses the extension or related feature.
If a user connects a Meta/Facebook account, Drophero may process the data needed to create, review, publish, or analyze advertising workflows. This may include connected business assets, page IDs, ad account IDs, campaign IDs, ad set IDs, ad IDs, ad creative data, access tokens, and performance insights such as spend, impressions, clicks, CTR, CPC, CPM, and conversion-related metrics, depending on enabled features and granted permissions.
Users can disconnect Meta/Facebook access where this functionality is available. After disconnecting, Drophero will stop using the disconnected access token for future actions and will delete or anonymize connected tokens according to the retention rules below.
Drophero may send user-provided product information, source information, prompts, images, image URLs, or generated drafts to AI service providers to create original drafts, rewrite content, translate content, edit media, or perform OCR, depending on the feature used.
Drophero uses AI to generate draft outputs for user review. Users remain responsible for checking accuracy, rights, claims, translations, and suitability before publishing.
For merchants using Drophero through the Shopify App Store, any paid app features made available inside the Shopify app are handled through Shopify Billing or Shopify App Pricing, unless Shopify expressly permits another billing method. Drophero does not store full payment card details for Shopify App Store billing.
Drophero may store subscription status, plan information, billing identifiers, usage status, and related administrative records needed to manage access to paid or free features. Publishing approved product drafts to Shopify does not require Paddle or any external checkout flow for Shopify App Store users.
If Drophero later offers the Shopify app or Shopify publishing functionality free of charge, Drophero will not collect charges for those free Shopify app features. Any future billing changes will be reflected in this Privacy Policy and in the live app flow before they apply.
When users contact us, we may process emails, support messages, issue descriptions, screenshots or attachments supplied by the user, and related support history. We use this data to respond to requests, debug issues, and maintain the service.
We process data for the following purposes:
Where the GDPR applies, we rely on the following legal bases:
We may share data with service providers and platforms only as needed to operate Drophero, provide the requested features, and comply with legal or platform obligations. These may include:
We do not sell personal data. We do not permit service providers to use personal data for their own unrelated marketing purposes.
Drophero is operated from the Netherlands, but some service providers may process data in other countries. Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards where required, such as adequacy decisions, standard contractual clauses, processor agreements, or other lawful transfer mechanisms.
We keep personal data only for as long as needed for the purposes described in this Privacy Policy, unless a longer period is required for legal, tax, accounting, security, or platform compliance reasons.
In general:
Drophero supports Shopify mandatory privacy webhooks for Shopify-connected merchants: customers/data_request, customers/redact, and shop/redact. Compliance webhook payloads are not saved to our database because they may contain Shopify buyer identifiers.
customers/data_request: Drophero acknowledges the request with a successful HTTP response only. We do not export buyer data to the merchant because we do not store Shopify store customer PII.customers/redact: Drophero deletes any legacy internal logs that may reference the Shopify customer identifier provided in the webhook, if such records exist.shop/redact and app uninstall: Drophero deletes or invalidates shop-related data that is no longer needed, including OAuth access tokens, connected shop records, and associated webhook logs, subject to legal or security retention obligations.Depending on applicable law, users may have the right to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent. Users can submit privacy and data requests by emailing info@drophero.app.
We may need to verify the request before acting on it. We will respond within the timeframe required by applicable law. If we cannot fully comply with a request, we will explain the reason where legally permitted.
Drophero uses technical and organizational measures designed to protect data against unauthorized access, misuse, loss, or alteration. These measures may include access controls, encrypted transport, server-side token handling, limited employee or contractor access, logging, and secure development practices.
No online service can guarantee absolute security. Users are responsible for maintaining the confidentiality of their login credentials and for using strong, unique passwords where applicable.
Drophero may use cookies and similar technologies for essential login/session functions, security, preferences, analytics, affiliate attribution, and service improvement. Non-essential analytics or marketing cookies should be used in accordance with applicable consent requirements.
Users can control cookies through their browser settings. Blocking essential cookies may prevent parts of the service from working correctly.
Drophero is intended for business users and is not intended for children. Users must be at least 18 years old or the age of majority in their jurisdiction to use the service.
We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and, where appropriate, notify users through the service or by email.
For privacy, data protection, support, refund, or legal questions, contact Drophero at: info@drophero.app