Security
Plain security for a practical catalog tool.
Storeshift keeps the surface area small: public storefront data and uploaded Shopify CSVs in, reviewable output out, Stripe for payments, and authenticated access to sensitive run artifacts.
We don't ask for marketplace credentials.
Storeshift works from public storefront and listing pages. We do not log in to your eBay, Etsy, or Shopify Admin account.
Your CSV downloads are account-gated.
Generated CSVs and internal run artifacts are served through authenticated download routes. Product image URLs stay public because Shopify must fetch them during CSV import.
Uploaded CSVs are treated as sensitive.
Rewrite and image-only runs validate Shopify CSV uploads, cap per-cell size, strip spreadsheet formula prefixes, and keep uploaded catalog data scoped to your account.
Customer-supplied image URLs pass SSRF checks.
When the worker fetches image URLs for rewrite or cleanup, it rejects private networks, loopback hosts, link-local addresses, and unsafe redirect targets.
API keys and webhooks use one-way controls.
API keys are stored as hashes with visible prefixes. Webhook deliveries are HMAC-signed and logged so integrations can verify origin and handle retries safely.
Stripe handles payment details.
Checkout runs through Stripe. Storeshift never sees or stores your card number.
We don't sell your data.
Your listing data is used to run your conversion, generate your catalog, and help diagnose support issues. It is not sold or shared with advertisers.
Questions or reports can go to hello@storeshift.app.