Privacy Policy

• Merchants who sign up for a workspace and connect a store
• Developers who request scoped A2A API keys to build agents on top of merchant catalogs
• Shoppers who interact with a StartShop-powered AI agent embedded on a merchant's storefront

Account information

• Name, email, and authentication identifiers (including Google OAuth identifiers)
• Merchant profile, brand, store URL, and plan tier
• Developer profile (display name, company, contact email, website)

Connected store data: Shop domain, install/uninstall timestamps, granted scopes, and the offline access token used to call the platform's APIs; Product catalog (titles, descriptions, images, prices, inventory, variants, tags); Draft orders and checkout handoff metadata required to complete an order; Subscription and billing status returned by the underlying commerce platform (e.g., Shopify Billing API). Conversation data: Messages exchanged between shoppers and the AI agent (text and, where applicable, voice transcripts); Tool calls invoked by the agent (e.g., search, quote, negotiate, request_checkout_handoff) and their results; Cart state, session identifier, and channel (chat, voice, A2A). API and audit data: A2A credentials (we store only a hash of each key, plus a short prefix for display); Per-call audit logs: endpoint, timestamp, response status, duration, and a summary of the request/response; x402 payment metadata where the agent requires metered access. Technical data: IP address, user agent, device and browser info, and standard server logs collected when you use the dashboard or call our APIs.

• To provide and operate the Service, including syncing catalogs, running the AI agent, and routing checkouts
• To authenticate users, issue and revoke A2A keys, and enforce scopes and rate limits
• To generate merchant insights and analytics from conversations (aggregated within the merchant's own workspace)
• To detect, investigate, and prevent fraud, abuse, or security incidents
• To communicate with you about the Service, including transactional and security notices
• To comply with legal obligations and respond to lawful requests

We do not sell personal information, and we do not use merchant or shopper data to train foundation models for other customers.

Conversations are processed by third-party large language model providers (e.g., the model gateway StartShop uses to power the agent) under contractual data-protection terms. Inputs and outputs are used solely to generate responses for that conversation and are not used by the provider to train its models, where the provider supports such terms.

We share information only with:

• Infrastructure & backend — our managed cloud backend (database, edge functions, file storage) used to run the Service
• Commerce platforms — Shopify (and other platforms you connect) to read catalog data and create draft orders / cart permalinks
• AI model providers — to generate responses and embeddings for conversations and insights
• Voice/video providers — where you enable voice or avatar features
• Payment processors — to handle subscription billing and, where used, x402 metered payments
• Authorities — when required by law, subpoena, or to protect rights, safety, or security

When a shopper interacts with an AI agent embedded on a merchant's storefront, the merchant is the controller of the conversation and any associated cart data, and StartShop acts as a processor on the merchant's behalf. The merchant's own privacy policy governs how shopper data is collected on their storefront.

StartShop honors Shopify's mandatory privacy webhooks:

• customers/data_request — we acknowledge and provide any shopper data we hold for the requesting customer
• customers/redact — we delete or anonymize personal data tied to the customer
• shop/redact — we delete shop-level data 48 hours after app uninstall, in line with Shopify's policy

• Account data: retained while your account is active and for a reasonable period afterward for legal and audit purposes
• Conversation logs: retained for the merchant to review and analyze; merchants may delete individual conversations from the dashboard
• API audit logs: retained for security and billing reconciliation
• Catalog cache: deleted when a merchant disconnects or uninstalls the app

We use industry-standard safeguards: TLS in transit, encryption at rest, hashed API keys, Row-Level Security on all merchant-scoped tables, scoped service-role access for privileged operations, and regular security review of our edge functions and dependencies. No system is perfectly secure; please report suspected vulnerabilities to security@startshop.ai.

StartShop is based in the United States. If you access the Service from outside the U.S., your information may be transferred to, stored, and processed in the U.S. and other countries where our sub-processors operate.

Depending on your location (e.g., EEA, UK, California), you may have the right to access, correct, delete, or port your personal information, to object to or restrict processing, and to withdraw consent. To exercise these rights, contact privacy@startshop.ai. Shoppers should contact the merchant whose storefront they used; we will assist that merchant in responding.

The Service is not directed to children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect their personal information.

We use a small number of cookies and similar technologies for authentication, security, and basic analytics. You can control cookies through your browser settings.

We may update this Privacy Policy from time to time. Material changes will be announced in the dashboard or by email. The “Last updated” date at the top reflects the most recent revision.

StartShop Inc.

Privacy: privacy@startshop.ai · Security: security@startshop.ai