Privacy Policy
Effective date: 2026-06-07
This Privacy Policy explains how Shoesy AI ("Shoesy", "we", "our") collects, uses, stores, and shares information when a merchant installs the Shoesy app on their store and when a shopper interacts with the Shoesy chat widget on that store.
We serve merchants and shoppers worldwide. This policy is structured with primary attention to United States privacy law (CCPA / CPRA and the state-privacy laws that follow it), with regional addenda for the United Kingdom, Canada, Australia, Germany, and the rest of the European Economic Area.
1. Who we are
Shoesy AI is operated by Grzegorz Zięba, sole proprietor, registered in the Republic of Poland. This entity is the "business" under California law and the "data controller" under UK GDPR and EU GDPR. You can reach us at privacy@shoesy.ai.
2. Data we collect
2.1 From shoppers (via the chat widget)
- Chat messages — the questions a shopper types into the assistant and the assistant's replies.
- Anonymous session ids — a per-browser identifier we use to keep a single conversation coherent. We do not link this id to a named individual.
- Page-context metadata — the URL, product handle, product title, currency, and locale of the page on which the widget was opened, so the assistant can answer in context.
- Order-lookup inputs — when a shopper voluntarily provides an order number and email address (or zip / post code) to ask "where is my order?", we send that pair to the merchant's storefront to fetch the order. We do not retain the email or order number after the lookup completes other than in the session's chat log.
We do not collect names, addresses, payment details, IP addresses for tracking, browser fingerprints, government identifiers, biometric data, precise geolocation, or any cookie that would identify a shopper across sites. We do not collect "sensitive personal information" as that term is defined under the CPRA, and we do not knowingly collect "special category data" as defined under the UK / EU GDPR.
2.2 From merchants (via the Shoesy app)
- Shop configuration — store domain, support email, FAQ entries, assistant tone, widget on/off state.
- Product catalog metadata — product titles, descriptions, variants, inventory levels, images, and tags, fetched via the read-only access scopes the app requests on install.
- Order metadata — used only at lookup time as described above; not bulk-synced.
We do not request or store payment instruments, customer PII beyond what a shopper voluntarily types into the widget, or any access scope outside of read-only catalog, content, legal-policies, orders, and theme reads.
3. How we use the data
- Generate AI assistant replies on the merchant's storefront.
- Look up an order at the shopper's request.
- Train, evaluate, and debug Shoesy's retrieval and sizing engines on aggregated, deidentified logs.
- Generate aggregate analytics for the merchant (question categories, deflection rate).
We do not sell shopper or merchant data to anyone, ever. We do not "share" personal information for cross-context behavioral advertising as those terms are defined under the CCPA / CPRA. We do not use shopper chat content to train any third-party AI models (see §4).
4. Third parties processing data on our behalf
We use a small set of sub-processors to deliver the Service. Each is bound by the processor's standard data-processing terms, and each is engaged as a "service provider" under the CCPA / CPRA and as a "processor" under the UK / EU GDPR — the contracts forbid the sub-processor from selling, sharing, or using the data for its own purposes.
| Category | Purpose | Data shared |
|---|---|---|
| Edge delivery | Global edge computing network in front of our origin. | Encrypted HTTP traffic transits the edge network before reaching our servers. |
| AI model inference | Generates assistant replies on our behalf. | Prompt + retrieved context per request. Configured for no training on inputs. |
| Request tracing + analytics | Helps us measure quality, latency, and cost of each request. | Trace id, prompt, response, model, latency, cost. PII scrubbed where present. |
| Error monitoring | Captures runtime errors so we can fix them. | Stack traces, scrubbed request metadata. |
| Encrypted offsite backups | Stores encrypted backups outside our primary servers. | Encrypted database, search-index, and vector-index snapshots. |
| E-commerce platform | The merchant's own storefront platform that the app integrates with. | Order lookups; deletion / data-request signals from the platform on the merchant's behalf. |
We will provide the current list of named sub-processors on request to privacy@shoesy.ai, and we do not move data to a category of sub-processor not listed above without updating this policy first.
5. Retention
| Data | Retention |
|---|---|
| Chat logs (shopper messages + assistant replies) | 90 days, then deleted. |
| Order-lookup pairs (email + order #) | Stored only inside the chat log of the originating session, and deleted with that log. |
| Merchant shop configuration (FAQ, tone, support email) | For the lifetime of the install. |
| Product catalog snapshots | Refreshed continuously; previous versions discarded. |
| Backups | Encrypted, retained 30 days, then rotated out. |
When a merchant uninstalls the app, or when a shop or shopper exercises a deletion right (see §6), the e-commerce platform notifies us. In all such cases we delete the relevant data within 30 days.
6. Your privacy rights
We honor the rights granted by the law of your residence. We do not require you to create an account to exercise them, and we do not discriminate against you for exercising them.
6.1 United States — California (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what personal information we collect, the categories of sources and recipients, and the business purpose.
- Delete personal information we hold about you.
- Correct inaccurate personal information.
- Opt out of "sale" or "sharing" of personal information. We do not sell or share — see §3.
- Limit the use and disclosure of sensitive personal information. We do not collect sensitive personal information as defined by the CPRA.
- Non-discrimination for exercising any of the above.
- Designate an authorized agent to act on your behalf.
- File a complaint with the California Attorney General or the California Privacy Protection Agency (CPPA).
We have not received any verifiable consumer requests in the prior 12 months that would require numerical disclosure under CCPA §1798.130(a)(5)(B); when that changes we will publish the metrics here.
6.2 United States — other states
Comprehensive consumer-privacy laws in Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and other states that follow them grant residents access, deletion, correction, portability, and opt-out rights similar to those in §6.1, with appeal procedures and complaint channels through the relevant state attorney general. To exercise any of these rights, email privacy@shoesy.ai.
6.3 United Kingdom (UK GDPR + Data Protection Act 2018)
If you are in the United Kingdom, you have the right to:
- Access, rectify, erase, restrict, port, or object to processing of your data, and withdraw consent at any time.
- Lodge a complaint with the UK Information Commissioner's Office (ICO).
6.4 Canada (PIPEDA + provincial laws including Quebec Law 25, Alberta PIPA, BC PIPA)
You have the right to access and correct your personal information, withdraw consent, and complain to the Office of the Privacy Commissioner of Canada (OPC) or your provincial commissioner.
6.5 Australia (Privacy Act 1988 + Australian Privacy Principles)
You have the right to access and correct your personal information and to complain to the Office of the Australian Information Commissioner (OAIC).
6.6 Germany and the rest of the European Economic Area (EU GDPR + BDSG / national implementations)
If you are in Germany or another EEA country, you have the right to:
- Access, rectify, erase, restrict, port, or object to processing of your data, and withdraw consent at any time.
- Lodge a complaint with your member-state supervisory authority — for example, the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) or the relevant Land authority.
6.7 How to exercise these rights
Email privacy@shoesy.ai. Shoppers: route requests via the merchant whose store you used the widget on; the platform will forward the data-request signal to us, and we respond within 30 days (or the period your local law requires, whichever is shorter). Merchants: contact us directly. We may need to verify your identity or your authorized agent's authority before disclosing or deleting data.
We do not respond to law-enforcement or government requests without a valid legal order, and we will inform the affected merchant unless legally prohibited.
7. Security
- All HTTP traffic is encrypted in transit using modern TLS.
- Persistent stores and backups are encrypted at rest.
- Production systems are not directly reachable from the public internet; operator access requires multi-factor authentication.
- We log access to merchant data and review access logs periodically.
No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours where required by law (GDPR Art. 33 / 34, UK GDPR equivalent, Australian NDB scheme, applicable US state breach-notification laws, and any other regime that applies to you).
8. International transfers and data location
Our primary production servers are located in the United States. Public traffic is served from a global edge computing network (provided by Cloudflare, Inc.) before reaching those servers. Because our operating entity is based in the European Union and our processing routinely involves transfers across borders:
- Transfers from the United Kingdom rely on the UK International Data Transfer Agreement (IDTA) or the UK addendum to the EU Standard Contractual Clauses.
- Transfers from the EEA (including Germany) rely on the EU Standard Contractual Clauses.
- Transfers to or from Canada are made under PIPEDA's accountability principle.
- Transfers to or from Australia are made under Australian Privacy Principle 8 (cross-border disclosure).
If your jurisdiction restricts transfers of personal information to the United States or other third countries, the safeguards above apply. We will provide copies of the relevant transfer mechanisms on request to privacy@shoesy.ai.
9. Children
Shoesy is a B2B tool used inside e-commerce storefronts. We do not knowingly collect personal information from a child:
- Under 13 in the United States, in line with the Children's Online Privacy Protection Act (COPPA).
- Under 16 in the UK and the EEA (or the lower minimum age your member state has set for digital-services consent under GDPR Art. 8).
If you believe a child has interacted with the widget, contact us and we will delete the relevant chat log.
10. Changes to this policy
We may update this policy. Material changes will be announced inside the merchant dashboard at least 14 days before they take effect, and reflected in the Effective date at the top of this page. Continued use of Shoesy after the effective date constitutes acceptance.
11. Contact
Questions, requests, or complaints: privacy@shoesy.ai.