Privacy Policy

Last updated: April 17, 2026

Introduction

AI Smart Search ("we", "our", "us") provides an AI-powered chatbot for Shopify stores. This privacy policy explains how we collect, use, and protect data when you use our application.

Data We Collect

Store Owner Data

• Shopify store domain and store name
• Storefront API access token (encrypted at rest)
• Product catalog data (titles, descriptions, prices, images, metafields)
• Chatbot configuration settings

Customer Data

• Chat conversation messages (anonymized, no personal identifiers)
• Product click events
• Feedback ratings (thumbs up/down and optional comments)
• Browser-stored preferences (only with customer opt-in, stored locally in their browser)

Conversion & Analytics Data

When a store customer interacts with the chatbot and later completes a purchase, we collect anonymized conversion data to help store owners measure chatbot effectiveness. This includes:

• Order total, item count, and line-item details (product titles, quantities, prices)
• Whether the customer used the chatbot's Add to Cart feature or applied a discount code
• A randomly generated session identifier linking the chat session to the checkout

This data is collected via a Shopify web pixel extension that runs in a sandboxed environment during checkout. It does not include customer names, emails, payment details, or any personally identifiable information.

Cookies

We use a small number of first-party cookies to attribute purchases to chatbot sessions. These cookies are set only when a customer interacts with the chatbot widget:

• ocs-chatbot-had-session — indicates the customer used the chatbot (value: "1")
• ocs-chatbot-session-id — a randomly generated session identifier
• ocs-chatbot-conversion-sent — prevents duplicate conversion reporting
• ocs-chatbot-had-clicks — indicates the customer clicked a product in the chatbot
• ocs-chatbot-used-atc — indicates the customer used the Add to Cart feature
• ocs-chatbot-discount — stores an applied discount code

All cookies expire after 30 days, use the SameSite=Lax attribute, and contain no personally identifiable information. They are not used for cross-site tracking or advertising.

Data We Do NOT Collect

• Customer names, emails, or account information
• Payment or billing information from store customers
• IP addresses (not stored beyond rate limiting)

How We Use Data

• To provide AI-powered product search and recommendations
• To generate analytics for store owners about chatbot performance
• To attribute conversions and revenue to chatbot sessions, helping store owners measure ROI
• To improve the quality of AI responses over time
• To enforce usage limits based on subscription plan

Data Storage & Security

• Store configurations are stored in Cloudflare Workers KV (encrypted in transit)
• API tokens are encrypted at rest using AES-256-GCM
• Conversation logs are automatically deleted after 30 days
• Customer memory preferences are stored in the customer's own browser (localStorage) and never transmitted to our servers

AI Enrichment Cache

To reduce processing costs and API calls, AI-generated summaries, feature extractions, and semantic embedding vectors for each product are cached in Cloudflare Workers KV, keyed to a hash of the product's content. When a product's title or description changes, the cached entry for that product is invalidated and regenerated. Cached entries expire after 90 days of inactivity or immediately when the app is uninstalled. The cache stores merchant catalog data only — no customer-identifying information is cached.

Third-Party Services

• Anthropic (Claude) — AI model provider. Two categories of data are sent to Anthropic's API:
  1. Real-time customer chat messages, processed to generate responses.
  2. Merchant product catalog data — titles, descriptions, and product image URLs — processed during catalog indexing to generate product summaries, extract features, and derive visual attributes. This runs periodically as part of catalog enrichment, not in response to individual customer requests.
  No customer images are ever sent to Anthropic. API requests are processed by Anthropic on a zero-retention basis. See Anthropic's Privacy Policy.
• Cloudflare Workers — Server infrastructure hosting the application. See Cloudflare's Privacy Policy.
• Cloudflare Workers AI — Generates semantic embedding vectors for products during catalog indexing, enabling intent-based search. No customer data is processed by Workers AI. Covered by Cloudflare's Privacy Policy above.
• Resend — Transactional email provider used to deliver store-owner notifications (usage alerts, welcome messages). Customer email addresses captured via opt-in forms in the chatbot are routed to the merchant's connected email marketing platform (e.g., Klaviyo), not to Resend.
• Shopify — Store platform. See Shopify's Privacy Policy.

We enter into Data Processing Agreements with each sub-processor where required. Material changes to our sub-processor list are disclosed by updating this policy at least 30 days before they take effect.

Data Retention

• Conversation logs: 30 days
• Individual conversion records: 90 days
• Monthly conversion aggregates: 95 days
• Product index: refreshed on schedule, deleted on uninstall
• Store configuration: retained until app is uninstalled + 48 hours
• Usage records: retained for billing period
• Cookies: 30 days (set only when customer interacts with the chatbot)

GDPR Compliance

We support Shopify's mandatory GDPR webhooks for customer data requests, customer data deletion, and shop data deletion. Since our chatbot does not collect personally identifiable customer data, these requests are acknowledged but typically require no data action.

Your Rights

Store owners can export or delete their data at any time through the app settings. Uninstalling the app triggers automatic data cleanup within 48 hours.

Contact

For privacy questions, contact us at smartsearch@onecountry.com.