Privacy Policy
Last Updated: January 27, 2025
Policy Version: 1.0
1. Introduction
Welcome to Ari ("we," "our," or "us"), accessible at getari.co. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our AI-powered customer support platform that provides product recommendations, order tracking, and store-related assistance.
Our service includes AI models trained on retail data to provide intelligent customer support. Please read this Privacy Policy carefully, as it contains important information about how we handle data in our AI systems.
2. Information We Collect
2.1 Customer Information (End Users of Our Clients' Stores)
When customers interact with our AI support system on our clients' websites:
- Conversation Data: Chat messages, questions, and interactions with our AI
- Product Queries: Search terms, product interests, and purchase intent data
- Order Information: Order numbers, tracking requests, and purchase history (as shared by the store)
- Behavioral Data: Browsing patterns, product views, and engagement metrics
- Technical Data: IP address, browser type, device information, session data
2.2 Client Business Information (Store Owners Using Our Platform)
- Account Information: Business name, contact details, billing information
- Store Data: Product catalogs, inventory information, pricing, descriptions
- Shopify Integration Data: Store configuration, customer data, order history
- Usage Analytics: Platform usage, AI performance metrics, feature utilization
- Support Communications: Help desk tickets, feedback, feature requests
2.3 Training Data for AI Models
We collect and process the following data to train and improve our RAG (Retrieval-Augmented Generation) models:
- Product Information: Names, descriptions, categories, specifications, pricing
- Customer Interactions: Anonymized conversation patterns and query types
- Store Policies: Return policies, shipping information, FAQ content
- Historical Support Data: Common questions, resolution patterns, success metrics
2.4 Automatically Collected Information
- Server logs, API calls, system performance data
- Error logs and debugging information
- Security monitoring and fraud detection data
3. How We Use Your Information
3.1 Core AI Services
- Product Recommendations
- Order Assistance
- Customer Support
- Personalization
3.2 AI Model Training and Improvement
- RAG Model Training
- Natural Language Processing
- Performance Optimization
- New Feature Development
3.3 Business Operations
- Service Delivery
- Client Support
- Analytics and Reporting
- Billing and Account Management
4. AI-Specific Data Processing
4.1 Machine Learning and AI Training
- Data is used to train, test, and improve our AI models
- Data minimization and pseudonymization are applied where possible
4.2 RAG (Retrieval-Augmented Generation) System
- Store product data is indexed for retrieval
- Customer queries are matched against indexed information
- Responses are generated based on store-specific data
- Context is preserved during sessions
4.3 Data Quality and Accuracy
- AI output is monitored for quality, bias, and relevance
- Feedback loops improve performance
- Models are regularly updated
4.4 AI Output Logging and Replay
- AI-generated responses may be temporarily logged for debugging and analytics
- Output logs are not reused across clients and are access-controlled
- Personal identifiers are removed before using any data for model improvement
- Clients may request redaction or deletion of specific transcripts
5. Information Sharing and Disclosure
5.1 Within Our AI Ecosystem
- Client Data Isolation: Each store's data is processed separately
- Cross-Client Learning: Only anonymized, aggregated patterns may be used across clients
- Model Isolation: Per-client isolation is applied where appropriate
- No Commercial Sharing: We do not sell or license any client data
5.2 With Our Clients (Store Owners)
- Analytics Dashboard
- Conversation Logs
- Insight Reports
5.3 Third-Party Service Providers
- Shopify Integration: Via APIs, with merchant consent
- Cloud Infrastructure & Hosting: Hosted via Railway (Singapore)
- AI Processing: May use AWS or Google Cloud
- Analytics Tools (if applicable)
- Payment Providers
We maintain an updated list of subprocessors. You can request access by contacting privacy@getari.co.
5.4 Legal and Safety Requirements
- Compliance with legal obligations
- Fraud and abuse protection
- Business transfers (e.g., mergers or acquisitions)
6. Data Security for AI Systems
6.1 Technical Safeguards
- Encryption (in transit and at rest)
- Role-Based Access Controls
- Secure APIs
- Model Security Protections
6.2 AI-Specific Security Measures
- Data Anonymization
- Model Isolation
- Output Filtering
- Audit Trails
7. Your Rights and Choices
7.1 For Store Customers
- Access: Request data used in interactions
- Correction: Update incorrect information
- Deletion: Request personal data removal
- Opt-out: Disable AI features (where supported by store)
7.2 For Store Owners (Our Clients)
- Data Control: Manage shared store data
- Model Customization: Retrieval-based only; no fine-tuning by default
- Export: Download logs and reports
- Termination: Full data deletion upon account closure
7.3 Consent and Legal Basis for Processing
- Our widgets are embedded by store owners
- We do not collect consent directly from end-users
- Store owners are responsible for obtaining proper consent (GDPR, CCPA, etc.)
- Users acknowledge data usage by interacting with the assistant
- We support deletion, access, and correction requests on behalf of our clients
8. Data Retention
8.1 Customer Interaction Data
- Active Conversations: Retained during session or immediate follow-up
- Historical Data: Anonymized patterns may be retained for model improvement
- Personal Data: Deleted per client settings or legal requirements
8.2 AI Training Data
- Product Data: Retained while client account is active
- Anonymized Patterns: May be retained to improve model quality
- Model Versions: Archived for rollback and version comparison
9. International Data Transfers
- Primary Processing: Data is processed and stored in Southeast Asia (Singapore) via Railway
- AI Training: May occur in additional regions depending on performance needs
- Safeguards: Standard Contractual Clauses (SCCs) and access controls
- Client Control: Custom data residency available upon request
10. Shopify Integration Specific Terms
10.1 Data Access
- Access via Shopify APIs, with merchant permission
- Data is synchronized in real-time or scheduled intervals
- We comply with Shopify's Partner Program guidelines
10.2 Shopify Data Usage
- Product catalogs are used for AI training and answering product questions
- Customer data is only processed as needed for support
- Order data is accessed to fulfill customer order-tracking requests
11. AI Transparency and Fairness
11.1 Algorithmic Transparency
- Recommendations are based on relevance, query context, and product data
- No intentional bias based on protected characteristics
11.2 Human Oversight
- AI output is reviewed for safety and correctness
- Human review occurs for flagged or complex queries
- Escalation processes are in place for unresolved issues
12. Children's Privacy
Our service is not intended for use by children under 13.
- Store owners are responsible for age compliance and parental consent
- We do not knowingly collect or process data from children
- If discovered, we promptly delete any inadvertently collected children's data
13. Updates to This Policy
We may update this Privacy Policy as our business and legal obligations evolve.
- Change Notifications:
- Continued use after changes constitutes acceptance
- Clients may contact us to request data deletion if they disagree with changes
14. Contact Information
Ari Customer Support Platform
For any AI-specific questions or concerns about data processing, contact us at the above addresses.