Security, Privacy & Compliance
Is ShopIQ secure?
Summary
ShopIQ is designed to support secure ecommerce operations through managed platform infrastructure, controlled workflows, account access, team permissions, and supported integrations. Security also depends on merchant practices, third-party app security, account access management, and responsible handling of customer and business data.
Who this is for: Merchants who want to understand platform security, account security, connected app security, and merchant responsibilities.
Is ShopIQ secure?
ShopIQ is designed to provide secure ecommerce platform workflows for merchants. This includes managed infrastructure, dashboard access, store management, hosted websites, and integration workflows. However, security is a shared responsibility between ShopIQ, the merchant, team members, Implementation Partners where involved, third-party providers, payment gateways, logistics providers, WhatsApp providers, and analytics and ad platforms. Merchants should follow safe account and data practices.
What does ShopIQ manage?
- ShopIQ Cloud hosting
- Server infrastructure
- Database infrastructure
- Cloud storage
- Website deployment
- Development and production environments
- Platform workflows
- Dashboard access systems
Standard merchants do not need to manage servers or cloud infrastructure.
What does the merchant need to manage?
- Keeping login access secure
- Inviting only trusted team members
- Assigning correct permissions
- Protecting customer data
- Protecting third-party app accounts
- Managing payment gateway, logistics, and WhatsApp provider access
- Reviewing connected apps and removing unused integrations
- Avoiding unsafe credential sharing
- Reviewing AI-generated content before publishing
How does account verification work?
ShopIQ signup account verification uses Email OTP. Once the email is verified, the merchant can start building. ShopIQ does not require GST, PAN, business registration, or bank verification to create a ShopIQ account. However, third-party apps such as payment gateways or logistics providers may require KYC, business documents, bank verification, GST, PAN, or other provider-specific verification.
Can team access be controlled?
Yes. ShopIQ supports permission-based access for team members. A merchant can invite team members using their email and assign permissions according to what each team member needs. Permission groups may include areas such as catalog, sales, discounts, content, store, blogs, contacts, compliance, users, overview, and related modules.
How can merchants improve security?
- Keep account access limited to trusted people
- Apply least-privilege permissions
- Review and remove team access regularly
- Keep third-party accounts secure
- Disconnect unused apps
- Avoid sharing API keys casually
- Protect exported data
- Use official provider dashboards
- Contact support if suspicious activity is noticed
Does AI affect security?
AI-generated content should be reviewed before publishing. Merchants should avoid entering unnecessary sensitive information into AI prompts unless required for the task. AI can help create content and analysis, but the merchant remains responsible for what is published and how data is used.
ShopIQ manages platform infrastructure and workflows, but merchants must manage access, permissions, third-party apps, customer data, and business operations responsibly.
