1. Introduction
Welcome to SorionAI. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our AI-powered conversational commerce platform.
SorionAI is an international AI agent for e-commerce businesses, providing multi-channel messaging automation across Messenger, Instagram, and web widgets. We specialize in serving businesses in Middle East and European markets.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, phone number, company name
- Payment Information: Billing address, payment method details (processed securely by Paddle)
- Business Data: Product catalog, pricing, inventory data
- Customer Conversations: Messages exchanged between your business and customers via our platform
2.2 Automatically Collected Information
- Usage Data: Pages visited, features used, time spent on platform
- Device Information: IP address, browser type, device type, operating system
- AI Interaction Data: Messages processed, AI responses generated, model performance metrics
- Cookies: Analytics cookies to improve user experience
3. How We Use Your Information
- Provide and maintain our AI conversational commerce services
- Process and manage e-commerce orders (Paddle and Shopify integrations)
- Train and improve our AI models
- Send service updates, security alerts, and support messages
- Analyze platform performance and user behavior to improve our services
- Comply with legal obligations and prevent fraud
- Provide customer support and respond to inquiries
4. Data Sharing and Third Parties
- Supabase (PostgreSQL): Database hosting and authentication
- DeepInfra / AI Gateway: AI model processing with enterprise security
- Meta APIs: Messenger and Instagram message delivery
- Shopify: E-commerce order synchronization (if enabled)
- Paddle.com: Subscription billing and checkout
Important: We do NOT sell your personal data to third parties.
5. Data Retention
- Account Data: Retained while your account is active
- Conversation Logs: Retained for 30 days, then archived or deleted
- Order Data: Retained for 2 years for compliance purposes
- Deleted Accounts: All personal data deleted within 30 days of account closure
6. Your Rights (GDPR)
If you are in the European Union, you have the right to access, rectify, erase, port, restrict, and object to processing of your personal data. To exercise these rights, contact us at privacy@sorionai.com.
7. Data Security
- Encryption: All data transmitted via HTTPS/TLS
- Access Control: Role-based access controls
- Database Security: Row-Level Security (RLS) in PostgreSQL
- Incident Response: Documented incident response plan for data breaches
8. Cookies
We use essential, analytics, and preference cookies. You can disable non-essential cookies in your browser settings.