Privacy Policy for ShopAgent AI

Last updated: June 21, 2025

1. Information We Collect

• From Shopify APIs: Product catalog and order metadata—only data needed to power our chatbot.
• From merchants: We do not collect personal data directly.
• From end‑customers: We do not track visitors and set no cookies or analytics.

2. How We Use Data

• To answer product questions in real time.
• To provide relevant product suggestions during chat sessions.
• We never use data for advertising, profiling, or share it with third parties.

3. Data Storage & Retention

• Data is encrypted in transit (TLS) and at rest.
• Information is retained only while the merchant uses ShopAgent AI.
• All data is deleted automatically within 30 days of app uninstallation.

4. International Data Transfers

Our servers are located in the European Union. Transfers outside the EU leverage Standard Contractual Clauses (SCCs) to ensure GDPR compliance.

5. Merchant & Customer Rights

Merchants and their customers may:

• Request access, correction, or deletion of their data.
• Opt out of automated features by contacting us.

6. Security Measures

• All traffic is served over HTTPS.
• API tokens are rotated regularly and stored using environment secrets.
• Internal staff access is restricted and logged.

7. Compliance & Legal Basis

We subscribe to Shopify’s mandatory privacy webhooks (customers/data_request, customers/redact, shop/redact) and respond per Shopify’s guidelines. Our processing of personal data is based on the merchant’s consent and contractual necessity.

8. Contact & Further Resources

If you have questions about this policy, email us at [email protected].

• FAQ
• Tutorials & Docs
• Contact Support