Privacy Policy for MattressAI

1. Introduction

MattressAI ("we," "our," or "us") provides AI-powered customer service solutions for Shopify merchants. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our Shopify application and services.

2. Information We Collect

2.1 Information from Shopify Merchants

• Store Information: Store name, URL, contact details, and configuration settings
• Product Data: Product catalogs, descriptions, pricing, and inventory information
• Customer Data: Customer names, email addresses, order history (as permitted by Shopify's API)
• Order Information: Order details, transaction data, and purchase history
• Usage Data: App usage statistics, feature utilization, and performance metrics

2.2 Information from End Customers

• Chat Conversations: Messages, inquiries, and interactions with our AI assistant
• Session Data: IP addresses, browser information, and session timestamps
• Interaction Data: Products viewed, questions asked, and engagement patterns

2.3 Automatically Collected Information

• Technical Data: Device information, browser type, operating system
• Analytics Data: Usage patterns, feature adoption, and performance metrics
• Log Data: Error logs, access logs, and system diagnostics

3. How We Use Information

3.1 Service Provision

• Provide AI-powered customer service and support
• Generate product recommendations and answers
• Sync product catalogs and inventory data
• Process and respond to customer inquiries

3.2 Service Improvement

• Train and improve our AI models
• Analyze usage patterns and optimize performance
• Develop new features and capabilities
• Provide customer support and troubleshooting

3.3 Business Operations

• Process payments and manage subscriptions
• Send service notifications and updates
• Comply with legal obligations
• Protect against fraud and abuse

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third-party providers:

• OpenAI: For AI processing and natural language understanding
• Pinecone: For vector storage and semantic search capabilities
• Vercel/Cloudflare: For hosting and content delivery
• Firebase: For data storage and authentication

4.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal process or government requests
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Enforce our Terms of Service

4.3 Business Transfers

In the event of a merger, acquisition, or sale, user information may be transferred as part of the business assets.

5. Data Security

We implement industry-standard security measures including:

• Encryption in transit and at rest
• Access controls and authentication
• Regular security audits and monitoring
• Secure data centers and infrastructure

6. Data Retention

• Merchant Data: Retained for the duration of service use plus 30 days
• Customer Chat Data: Retained for 2 years for service improvement
• Analytics Data: Retained for 3 years for business insights
• Legal Data: Retained as required by applicable laws

7. Your Rights and Choices

7.1 Merchant Rights

• Access and download your data
• Correct inaccurate information
• Delete your account and data
• Restrict data processing
• Data portability

7.2 End Customer Rights

• Request information about data collection
• Request deletion of personal data
• Opt-out of data processing
• Contact the merchant regarding their data

8. International Data Transfers

Data may be processed in countries outside your jurisdiction. We ensure adequate protection through:

• Standard Contractual Clauses
• Privacy Shield frameworks (where applicable)
• Adequacy decisions by relevant authorities

9. Children's Privacy

Our services are not intended for individuals under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify merchants of material changes via email or through the app interface.

11. Contact Information

For privacy-related questions or requests: