Privacy Policy

MerchantIQ (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services (collectively, the “Services”).

By accessing or using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please discontinue use of our Services.

We review this policy periodically and may update it to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page indicates when the most recent changes were made.

Personal Information

When you register for an account, connect your Shopify store, or contact us, we may collect:

• Name and email address
• Business name and website URL
• Billing and payment information (processed securely via third-party payment providers)
• Shopify store credentials and access tokens (only to the extent required by our integration)
• Communications you send us (support tickets, feedback, demo requests)

Usage Data

We automatically collect certain information when you interact with our Services:

• IP address, browser type, and device information
• Pages visited, features used, and time spent on the platform
• Referring URLs and exit pages
• Interaction logs with our AI assistant (anonymised and aggregated)
• Shopper session data from stores using our SwitchIt™ widget (see Section 9)

We use the information we collect to:

• Provide, operate, and improve our Services
• Personalise your experience and tailor AI responses to your store’s catalogue
• Process payments and manage your subscription
• Send transactional emails (account updates, invoices, service notices)
• Respond to support inquiries and feedback
• Analyse usage trends to enhance platform performance
• Train and improve our AI models (using anonymised, aggregated data only)
• Detect and prevent fraud, abuse, or violations of our Terms of Service
• Comply with applicable laws and regulations

We do not sell your personal information to third parties. Marketing communications are opt-in, and you can unsubscribe at any time.

We may share your information in the following limited circumstances:

• Service Providers: Trusted third-party vendors who assist in operating our platform (cloud hosting, payment processing, analytics, email delivery). These parties are contractually obligated to protect your data.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you before this occurs.
• Legal Requirements: We may disclose information when required by law, court order, or to protect the rights, property, or safety of MerchantIQ, our users, or the public.
• With Your Consent: We may share information for any other purpose with your explicit consent.

We never sell, rent, or trade your personal information to third-party marketers.

We implement industry-standard security measures to protect your information against unauthorised access, alteration, disclosure, or destruction:

• Encryption in transit (TLS/HTTPS) and at rest (AES-256)
• Access controls limiting employee access to personal data on a need-to-know basis
• Regular security audits and vulnerability assessments
• Secure API key management for Shopify integrations
• Incident response procedures for breach detection and notification

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to prompt notification if a breach affecting your data occurs.

We retain your personal information for as long as necessary to provide our Services and fulfil the purposes described in this policy, unless a longer retention period is required by law.

• Account data: Retained for the duration of your active account, plus 90 days after account deletion for recovery purposes.
• Payment records: Retained for 7 years to comply with financial regulations.
• Shopper interaction logs: Anonymised and aggregated after 30 days; raw logs deleted within 90 days.
• Support communications: Retained for 3 years to improve our services.

You may request deletion of your account data at any time by contacting us at hello@merchantiq.ai.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data, subject to legal obligations.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing of your data for direct marketing or legitimate interest purposes.
• Restriction: Request that we limit processing of your data in certain circumstances.

To exercise any of these rights, contact us at hello@merchantiq.ai. We will respond within 30 days.

We use cookies and similar tracking technologies to enhance your experience and analyse platform usage. These include:

• Essential cookies: Required for the platform to function (authentication sessions, security tokens).
• Analytics cookies: Help us understand how users interact with our Services (e.g., page views, feature usage).
• Preference cookies: Remember your settings and preferences.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality. Our SwitchIt™ widget sets session-scoped cookies on merchant storefronts to maintain shopper context across pages.

Our Services integrate with third-party platforms to deliver core functionality. Key integrations include:

• Shopify: We access your store’s catalogue, order, and customer data solely to power AI responses. We are bound by Shopify’s Partner Program agreement.
• Payment Processors: Billing is handled by third-party processors; we do not store raw card data.
• AI Providers: We use AI infrastructure providers to process queries. Data sent to these services is anonymised where possible.
• Analytics: We use analytics tools to monitor platform health and usage. Refer to each provider’s privacy policy for their data practices.

This Privacy Policy does not cover third-party services. We encourage you to review their respective privacy policies.

Our Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at hello@merchantiq.ai and we will promptly delete such information.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

• Updating the “Last updated” date at the top of this page
• Sending an email notification to registered account holders
• Displaying a notice on the platform dashboard

Your continued use of our Services after changes are posted constitutes your acceptance of the updated policy. We recommend reviewing this page periodically.