Contents
Privacy Policy
Last updated: January 2, 2026
1. Introduction
Cognify Suite ("we", "our", or "us") is a Shopify application that helps merchants increase their average order value by providing AI-generated insights and recommendations to support upsell and cross-sell strategies.
This Privacy Policy explains how we collect, use, and safeguard information when you install and use our application. We are committed to transparency, data minimization, and protecting merchant and customer privacy.
2. Information We Collect
2.1 Store Data (From Shopify)
| Data Type | What We Collect | Retention |
|---|---|---|
| Shop Info | Store name, domain, email | Until uninstall |
| Products | Titles, descriptions, prices | Until uninstall |
| Orders | Order IDs, products, timestamps | 24 months |
| Customers | Anonymous IDs only (no PII) | 24 months |
2.2 Analytics Data
| Data Type | Purpose | Retention |
|---|---|---|
| Widget Views | Performance tracking | 24 months |
| Clicks | Conversion funnel | 24 months |
| Conversions | Revenue attribution | 24 months |
2.3 AI Processing Data
| Data Type | Purpose | Retention |
|---|---|---|
| Product Embeddings | Semantic search | Until deleted |
| Query Logs | Improve AI | 90 days |
| Chat History | Context | 30 days |
3. How We Use Information
We use the information we collect to:
- Provide and maintain our application
- Generate AI-powered product recommendations
- Analyze campaign performance
- Improve user experience
- Send technical notices and support
4. AI & Machine Learning
AI features are merchant-initiated, read-only, and do not perform automated actions on the store.
How AI Works
Our AI analyzes product catalog data and aggregated store signals only when requested by the merchant to provide advisory recommendations. AI outputs are informational and require merchant action to implement.
Privacy Safeguards
- No Customer PII: Only hashed, anonymous identifiers are used
- No Model Training: Merchant data is never used to train shared or global AI models
- Read-Only Access: AI cannot modify store data, pricing, or customer records
- Deletion on Request: All data deleted upon uninstall or request
5. Third-Party Services
| Service | Purpose | Data Shared |
|---|---|---|
| Shopify | Platform integration | OAuth tokens, store data |
| Google Gemini | AI contextual analysis (fallback) | Product data only |
| Brevo | Transactional emails | Store owner email only |
| Hetzner Cloud | Database hosting | Encrypted application data |
Note: Customer personal information is never shared with third parties.
6. Data Retention
- Shop/Product Data: Until uninstall
- Analytics: 24 months
- AI Query Logs: 90 days
- Chat History: 30 days
Upon uninstallation, we delete all data within 48 hours.
7. Data Security
| Measure | Implementation |
|---|---|
| Encryption | TLS 1.3 + AES-256 |
| Authentication | Shopify OAuth 2.0 |
| Access Control | Role-based |
8. Your Rights
Under GDPR and CCPA, you have:
- Right to Access: Request your data
- Right to Export: Download in JSON/CSV
- Right to Delete: Uninstall = full deletion
- Right to Portability: Transfer your data
Note: We do NOT store personal customer data. Only anonymous tracking.
10. International Transfers
| Service | Location |
|---|---|
| Database Hosting | US (Ashburn, VA) |
| AI Processing | US |
| Email Services | EU |
All transfers comply with Standard Contractual Clauses (SCCs) where applicable.
11. Children's Privacy
Cognify Suite is a B2B service for Shopify merchants. We do not knowingly collect data from children under 13.
12. Changes to This Policy
We may update this policy and will notify you of material changes via email or in-app notification.
13. Contact Information
14. Shopify Compliance
We comply with Shopify mandatory webhooks:
| Webhook | Response |
|---|---|
customers/data_request | No PII stored |
customers/redact | Clear session data |
shop/redact | Delete all in 48h |
Have questions about your data?
Contact Us