Privacy Policy

Last updated: June 21, 2026

BitoChat (“we”, “the app”) is an AI customer-support chatbot for Shopify stores. This policy explains what data the app processes, why, and how it is protected.

1. Information we process

  • Store catalog & content — active products, pages and shop policies synced from your Shopify store to power answers.
  • Chat conversations — messages exchanged between your storefront visitors and the chatbot, including a generated session ID.
  • Leads — an email address and message when a visitor asks to be contacted or the bot cannot answer.
  • Order lookups — when a shopper checks order status, an order number and email are used only to retrieve that order from Shopify; they are not stored.
  • Operational data — message-usage counts, billing records and your store domain.

2. How we use it

  • To answer shopper questions grounded in your own store content.
  • To show product recommendations, track orders and capture leads for you.
  • To provide analytics, billing and message-credit accounting in your dashboard.

We do not sell your data or use it for advertising.

3. Service providers

To deliver the service, content is processed by:

  • Google (Gemini API) — generates embeddings and chat replies. Text sent for a reply is processed transiently to produce the answer.
  • Vector database (Qdrant) — stores numerical embeddings of your store content for search.
  • Shopify — the platform your store and billing run on.

4. Data retention & deletion

Chat records and leads are retained to power your dashboard until deleted. When you uninstall the app, all of your store’s data — products, content, conversations, leads, billing records and embeddings — is permanently deleted. We also honour Shopify’s mandatory privacy webhooks (customers/data_request, customers/redact, shop/redact).

5. Your shoppers’ choices

Visitors choose what they type into the chat. As the merchant, you are the data controller for your shoppers’ information and are responsible for disclosing chatbot use in your own store privacy policy where required by law.

6. Security

Data is transmitted over HTTPS. Storefront requests are verified through Shopify’s App Proxy signatures, and admin access uses Shopify OAuth — we never receive your password.

7. Contact

Questions about this policy or your data? Email support@bitochat.app.

We may update this policy as the app evolves. Material changes will be reflected here with a new “Last updated” date.