Privacy Policy

Last updated: 27 March 2026

This Privacy Policy describes how Askably ("we", "us") collects, uses, and discloses information when you use the Askably application ("the App") or visit our website at askably.ai.

1. Information We Collect

From merchants (store owners who install the App):

• Shopify store information (store name, email, domain, timezone, currency)
• Product catalog data (titles, descriptions, prices, variants, images)
• Store policies (shipping, returns, refund, privacy) and pages
• App settings and widget configuration preferences
• Shopify OAuth access tokens (encrypted at rest)

From store visitors (customers who use the chat widget):

• Chat messages sent to the chatbot
• The page URL where the chat was initiated
• Email address, only if voluntarily provided during a handoff request
• Session identifier (randomly generated UUID, not linked to personal identity)

We do NOT collect:

• Names, addresses, or phone numbers of store visitors (unless voluntarily shared in chat)
• Payment or credit card information
• Browsing history or tracking cookies
• Data from visitors who do not interact with the chat widget

2. How We Use Information

• Product and policy data: Used to train the AI chatbot so it can answer customer questions accurately about the store's products and policies.
• Chat conversations: Stored so merchants can review conversations, identify common questions, and improve their chatbot's knowledge base.
• Email addresses: Used solely to facilitate handoff — when the chatbot cannot resolve an issue, the conversation transcript is sent to the merchant's configured email address so they can follow up with the customer.
• Analytics: Aggregated, non-personal data (conversation counts, popular topics, resolution rates) is provided to merchants to help them understand their customers' needs.

3. Third-Party Services

The App uses the following third-party services to operate:

• Google Gemini AI: Chat messages and store knowledge are sent to Google's Gemini API to generate responses. Google's Gemini API Terms of Service apply. Chat data sent to Gemini is not used by Google to train their models.
• Cloudflare: Application hosting, database, and content delivery. Cloudflare Privacy Policy.
• Amazon SES: Email delivery for handoff transcripts. AWS Privacy Notice.
• Shopify: App distribution, billing, and store data access. Shopify Privacy Policy.

4. Data Storage and Security

• Data is stored in Cloudflare D1 databases in the Oceania region.
• All data is encrypted in transit using TLS.
• Shopify access tokens are encrypted at rest using AES-256-GCM.
• Access to data is restricted to the merchant who owns the store. Merchants can only view their own store's conversations and data.

5. Data Retention and Deletion

• Conversation data is retained until the merchant deletes it via the dashboard.
• Merchants can delete individual conversations at any time.
• When the App is uninstalled, all data associated with the store is permanently deleted within 48 hours.
• Abandoned chat sessions (no messages sent) are automatically cleaned up after 30 days.

6. GDPR and Data Subject Rights

For stores serving customers in the European Economic Area (EEA):

• The merchant is the data controller. Askably is the data processor.
• Customers can request access to or deletion of their data by contacting the merchant directly.
• Askably supports Shopify's mandatory GDPR webhooks for data requests, data deletion, and shop data erasure.
• Merchants are responsible for providing appropriate privacy notices to their customers about the use of AI-powered chat support.

7. Children's Privacy

The App is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided personal information through the chat widget, contact the merchant to request deletion.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email to registered merchants at least 30 days in advance. The "Last updated" date at the top of this page indicates when the policy was last revised.

9. Contact

For privacy-related questions, contact us at [email protected].