Privacy Policy

This Privacy Policy describes how Ario ("we," "us," or "our") collects, uses, stores, and shares information in connection with the Ario Shopify app and related services (collectively, the "Service"). Ario is an AI shopping assistant that merchants install on their Shopify storefronts to help shoppers find products through conversational search.

We take privacy seriously. We collect the minimum data needed to operate the Service, we don't sell personal information, and we give merchants and shoppers clear rights to access and delete their data.

1. Who we are

Ario is a Shopify app operated independently. The data controller for this Service is the operator of Ario, reachable at privacy@ariochat.com. If you need a postal address for formal legal notice, request it at that email and we will provide it.

"Merchant" means a Shopify store owner who installs Ario. "Shopper" means a visitor to a merchant's storefront who interacts with the Ario widget. This policy covers both groups.

2. What we collect

From merchants (when you install Ario)

• Shop domain and shop ID provided by Shopify during the OAuth install flow.
• An OAuth access token scoped to your store, which lets Ario query your products and policies on behalf of your store.
• Contact email associated with your Shopify account.
• Subscription and billing metadata from Shopify's Billing API (plan, status, trial dates). We do not see or store payment card details; Shopify handles that directly.
• Widget configuration you choose in the admin (brand color, enabled/disabled state).

From shoppers (when they use the widget on your storefront)

• Messages shoppers type into the widget and the responses the AI generates.
• Anonymous session identifiers (random strings) to maintain conversation continuity within a single browsing session. Stored in the shopper's browser local storage, valid for 24 hours.
• Technical metadata needed to deliver the service: timestamps, the merchant's shop domain, coarse error information when something goes wrong.

We do not collect shopper names, emails, addresses, phone numbers, payment info, or any personally identifying information unless a shopper voluntarily types it into a chat message. We actively design against needing this data.

What we deliberately do not collect

• We do not copy, mirror, or store merchant product catalogs on our servers. We query the live Shopify catalog on each conversation.
• We do not track shoppers across stores or across the web.
• We do not use third-party advertising cookies or tracking pixels.
• We do not sell, rent, or license personal data to anyone.

3. How we use it

We use the information above to:

• Operate the Service (respond to shopper questions, display product recommendations, maintain conversation context).
• Query your Shopify store for products, variants, inventory, pricing, and published policies in real time, in order to ground AI responses in accurate data.
• Show merchants their own conversation history in the Ario admin interface.
• Debug errors, monitor service health, and improve reliability.
• Enforce plan limits (conversation caps) and billing.
• Comply with legal obligations and respond to lawful requests.

We do not use shopper conversations to train AI models. Your data is not used to improve any general-purpose AI system.

4. Legal basis (for shoppers in the European Economic Area and the UK)

Where GDPR applies, we rely on the following legal bases:

• Contract: processing necessary to deliver the Service the merchant installed on our behalf.
• Legitimate interests: debugging, security monitoring, and service improvement, balanced against shopper privacy.
• Legal obligation: tax, accounting, and law enforcement requirements.

Shoppers can exercise any of the rights listed in Section 8 at any time.

5. Who we share it with

We share the minimum data needed with the following third parties, and only for the purposes below:

• Anthropic, PBC — We send shopper messages and context (store name, product search results, policy text snippets) to the Claude API to generate responses. Anthropic processes this data as our service provider and does not use it to train models. See Anthropic's privacy policy.
• Shopify, Inc. — We query Shopify's APIs for catalog, policy, and billing data on behalf of the merchant. Shopify's handling of this data is governed by Shopify's privacy policy.
• Supabase, Inc. — Our database host. Stores merchant configuration, billing metadata, and conversation logs in encrypted form.
• Vercel, Inc. — Our application hosting and delivery network.
• Cloudflare, Inc. — Our DNS provider and email routing for @ariochat.com addresses.
• Resend, Inc. — Our transactional email provider for merchant notifications and outbound communication.

We share data with law enforcement or government authorities only when legally required (for example, a valid subpoena or court order). We will challenge overbroad requests where we believe they are unlawful.

6. Where it's stored

Data is stored on Supabase and Vercel infrastructure, with primary storage in secure data centers in the European Union or the United States depending on the specific service. Conversations may transit to Anthropic's API servers in the United States for AI processing. All data is encrypted in transit (TLS) and at rest.

If you are in the EEA or UK, by using the Service you consent to the international transfer of your data as described above. We rely on Standard Contractual Clauses or equivalent safeguards where required.

7. How long we keep it

• Merchant accounts: kept while your app is installed, plus 90 days after uninstall for billing reconciliation and accidental-reinstall recovery, then deleted.
• Conversation logs: retained for up to 12 months from the date of conversation, then automatically deleted. Merchants can delete specific conversations or all conversations earlier from the Ario admin.
• Billing records: retained for 7 years as required by tax and accounting law.
• Backups: rotating encrypted backups retained up to 30 days.

8. Your rights

Depending on where you live, you have some or all of the following rights:

• Access — request a copy of data we hold about you.
• Deletion — request that we delete data we hold about you.
• Correction — request that we correct inaccurate data.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to specific processing activities.
• Withdraw consent — where processing is based on consent.
• Complain — to a data protection authority in your country.

To exercise any of these rights, email privacy@ariochat.com. We respond within 30 days. For California residents under the CCPA/CPRA and residents of other US states with comparable laws, the same rights apply and the same contact address.

Shopify merchants can also delete shopper data automatically by using the GDPR webhooks Ario implements (customers/data_request, customers/redact, shop/redact), which Shopify triggers on your behalf.

9. Cookies and tracking

Ario's widget uses browser local storage (not cookies) to store a random session identifier and the most recent messages in a shopper's current conversation. This is strictly necessary for the widget to function and is not used for tracking, advertising, or analytics.

The Ario admin interface, which only merchants see, uses session cookies for authentication.

10. Security

We implement industry-standard security practices: TLS encryption for all data in transit, encryption at rest, the principle of least privilege for database access, OAuth-scoped access tokens for Shopify APIs, and regular security reviews. No system is perfectly secure. If we become aware of a security incident affecting your data, we will notify affected merchants without undue delay and in any event within 72 hours where required by law.

11. Children

Ario is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact privacy@ariochat.com and we will delete it.

12. Changes to this policy

We may update this policy from time to time. When we make material changes, we update the "Last updated" date at the top and notify installed merchants by email. Continued use of the Service after changes become effective constitutes acceptance of the updated policy. Prior versions are available on request.

13. How to contact us

Questions, concerns, data requests, or complaints:

• Email: privacy@ariochat.com
• General support: hello@ariochat.com

If you are in the EEA or UK and have an unresolved concern, you have the right to lodge a complaint with your local data protection authority.