Shopify Agent
AI assistant for storefronts
TechnologySolutionsFAQ
Privacy Policy

Your Privacy, Our Priority

We believe in transparent, responsible data practices. Learn how we protect your information while delivering powerful AI agent experiences.

Last Updated: September 12, 2025

Data Protection First

We implement industry-leading security measures to protect your data at every step.

Least-Privilege Access

Our systems only access the minimum data required to provide our AI agent services.

Transparent Practices

Clear communication about what data we collect, how we use it, and your rights.

User Control

You maintain full control over your data with options to modify or delete at any time.

This page summarizes our Privacy Policy in a readable format. In case of conflict, the full PDF policy governs.

Scope & Who We Are

This policy applies to MCPChats websites, products, and services that link to it, including our AI agents and integrations. MCPChats is the controller of your personal data where applicable. If you use MCPChats on behalf of a business, that business is responsible for the data it provides into our services and for complying with applicable laws.

Information We Collect

We collect only what we need to provide, secure, and improve our services:

  • Account data (e.g., name, email, company, billing)
  • Service and interaction data (e.g., chats, prompts, feedback, support requests)
  • Integration data from connected platforms you authorize (e.g., store/catalog/order data as configured)
  • Device and technical data (e.g., IP, device, browser, OS, log data, crash diagnostics)
  • Cookie and similar technology data when you visit our sites and apps

How We Use Your Information & Legal Bases

We use personal data to:

  • • Provide, operate, and support our services
  • • Personalize experiences and improve features
  • • Process payments and prevent fraud/abuse
  • • Communicate service and security updates
  • • Comply with legal obligations and enforce terms

Where GDPR applies, our legal bases include performance of a contract, legitimate interests (e.g., security, product improvement), consent (e.g., certain cookies/marketing), and legal obligations.

Cookies & Similar Technologies

We use cookies and similar technologies for essential site functionality, analytics, remembering preferences, and—where permitted—marketing. You can control cookies via your browser settings and our in-product controls where available.

  • Strictly necessary cookies to deliver the site and secure areas
  • Analytics to understand usage and improve performance
  • Preferences to remember choices
  • Marketing where consented

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, to comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data category and context.

Sharing & Processors

We do not sell your personal information. We share it with trusted service providers who process it on our behalf under appropriate contracts, and when required by law.

  • • Cloud hosting, storage, and infrastructure providers
  • • Analytics and error monitoring providers
  • • Payment processors and billing systems
  • • Customer support tools and communications platforms
  • • AI model providers used to power features you enable

International Transfers

If we transfer personal data across borders, we use approved safeguards such as Standard Contractual Clauses and additional measures where appropriate.

Security

We apply technical and organizational measures to protect personal data.

  • • Encryption in transit; encryption or segmentation at rest where applicable
  • • Access controls, least-privilege, and audit logging
  • • Vulnerability management and security reviews
  • • Business continuity and incident response procedures

Your Rights & Choices

Subject to local laws, you may:

  • • Access, correct, or delete your personal data
  • • Export your data
  • • Object to or restrict certain processing
  • • Withdraw consent where processing is based on consent
  • • Appeal certain decisions, and lodge a complaint with a regulator
California residents: you have additional rights under the CCPA/CPRA. You may also exercise a “Do Not Sell or Share My Personal Information” choice. EU/UK/Swiss residents: you have rights under GDPR. Use the contact options below.

Children’s Privacy

Our services are not directed to children and we do not knowingly collect personal information from children.

AI Processing

Features may use AI models, including third-party large language models, to generate responses or insights based on inputs you provide. We implement safeguards to protect your content and provide controls to limit data sharing with model providers where feasible.

  • • You control which integrations and AI features are enabled
  • • We apply minimization and masking where appropriate
  • • We prohibit use of data for provider training unless you consent or configure otherwise

Changes to this Policy

We may update this policy to reflect changes to our practices or for legal, regulatory, or operational reasons. Material changes will be communicated via the services or by email where appropriate.

Contact Us

For privacy questions or to exercise your rights, contact us: