Privacy Policy

Last updated: June 10, 2026

1. Introduction

Guidely Pro (“Guidely Pro,” “we,” “our,” or “us”) provides an omnichannel software-as-a-service product that enables merchants to build AI-powered shopping guides, product recommendation experiences, and conversational commerce flows for their online stores. Guidely Pro supports merchants who operate on Shopify, WooCommerce, Wix, Adobe Commerce, and other supported e-commerce platforms. Our platform-specific connector apps (including the Guidely Pro Shopify app) are free to install.

This Privacy Policy explains what information we collect from merchants and their customers, how we use that information, who we share it with, and the rights and choices available to data subjects. It applies to the Guidely Pro web application, the embedded chatbot widget shown on merchant storefronts, and all related Guidely Pro applications including the Shopify connector app.

2. Who We Are and Roles Under Data Protection Law

For the purposes of the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act / CPRA:

  • When we collect data directly from a merchant who creates a Guidely Pro account (for example, account name, email, and contact details), we act as a data controller.
  • When we process shopper, customer, or order data on behalf of a merchant — including data we receive from the merchant's Shopify, WooCommerce, Wix, or other connected storefront — we act as a data processor on the merchant's behalf. The merchant remains the controller of that data.

Merchants who use Guidely Pro on a Shopify store should also review Shopify's Privacy Policy.

3. Information We Collect

3.1 Merchant Account Information

When a merchant signs up for Guidely Pro at digimonk.online, we collect:

  • Name, email address, and password (stored hashed)
  • Company name, primary domain, and business region
  • Platform the merchant operates on (Shopify, WooCommerce, etc.)
  • Referral source (how the merchant found us)

3.2 Store Data Imported From Connected Platforms

When a merchant connects a Shopify, WooCommerce, or other supported storefront to Guidely Pro through OAuth or an authenticated API connection, we receive and process:

  • Store name, store URL, currency, and locale
  • Product catalog data — product titles, descriptions, variants, images, prices, vendor, tags, inventory status, and product URLs
  • Order data limited to the fields needed for attribution and analytics — order ID, line items, total, currency, the attributed product, and a hashed reference to the customer where available
  • Storefront metadata such as theme identifiers, where required to install or render the embedded chatbot widget

We request only the OAuth scopes strictly required for these features. For Shopify, this includes data scopes only (e.g. read_products, read_orders); we do not request scopes that allow modifying customer information.

3.3 Customer Data From Merchant Storefronts

When a shopper interacts with a Guidely Pro chatbot or experience embedded on a merchant's storefront, we may process:

  • Conversation transcript — the questions, answers, and product selections exchanged between the shopper and the AI agent
  • Session identifiers, anonymized device information, browser type, and referring page
  • Click events on recommended products (for attribution and analytics)
  • Optional contact information (name, email, phone) only when the shopper voluntarily provides it through a lead-capture experience configured by the merchant

We do not collect a shopper's payment information through the chatbot. Checkout always occurs on the merchant's storefront using the storefront's native checkout.

3.4 Information We Collect Automatically

When merchants use the Guidely Pro web application or visitors browse digimonk.online, we automatically collect:

  • IP address (for security and rate limiting)
  • Browser type, device type, and operating system
  • Pages visited, features used, and timestamps
  • Cookies and similar tracking technologies (see Cookies section below)

4. How We Use Information

We use the information described above to:

  • Provide, operate, and maintain the Guidely Pro service
  • Generate AI-powered product recommendations and conversational responses on behalf of the merchant
  • Attribute orders to chatbot conversations so merchants can measure performance
  • Provide merchant analytics, dashboards, and reporting
  • Send transactional emails (account verification, password resets, and important service announcements)
  • Detect, investigate, and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Improve our service, train internal product analytics, and develop new features (always using aggregated and anonymized data where possible)

We do not sell personal information. We do not use shopper conversation data to train third-party large language models for the benefit of any party other than the merchant who owns that data.

5. Use of AI / Large Language Models

Guidely Pro uses third-party large language model providers (currently OpenAI) to generate conversational responses. When a shopper sends a message to a Guidely Pro chatbot, the following may be sent to the AI provider:

  • The shopper's message text and a relevant slice of the merchant's product catalog
  • The merchant's configured chatbot instructions and tone
  • A short window of recent conversation messages for context

We do not send the shopper's name, email, IP address, or checkout information to the AI provider unless the merchant has explicitly configured a lead-capture flow that requires it. Our AI provider is contractually obligated not to use this data to train their general-purpose models.

6. Shopify Webhooks and Mandatory GDPR Compliance Endpoints

For merchants who install our Shopify app, we implement Shopify's mandatory GDPR-compliance webhooks:

  • customers/data_request — When a shopper requests their data from a Shopify store, we receive a webhook and provide the merchant (the data controller) with all stored data tied to that customer.
  • customers/redact — When a shopper requests deletion of their data, we receive a webhook and delete or anonymize all conversation data, click events, and lead-capture data associated with that customer within 30 days.
  • shop/redact — When a Shopify store uninstalls our app, Shopify sends this webhook 48 hours later. We then delete the store's product catalog cache, integration credentials, conversation history, and all related data within 30 days, subject to any applicable legal retention requirements.

7. How We Share Information

We share information only as described below:

  • With merchants: A merchant receives all data collected on their own storefront — conversation transcripts, analytics, lead-capture submissions, and attribution data.
  • With service providers: We use carefully selected third parties to host infrastructure, send transactional email, and provide AI inference. Each provider is bound by a data-processing agreement and processes data only on our instructions.
  • For legal reasons: We may disclose information if required by valid legal process, to protect our rights, to enforce our Terms of Service, or to prevent harm.
  • In a business transfer: If Guidely Pro is involved in a merger, acquisition, or asset sale, personal information may be transferred subject to the obligations in this Privacy Policy.

Key sub-processors include: OpenAI (AI inference), Amazon Web Services (hosting), and our transactional email provider. An up-to-date sub-processor list is available on request at join@guidelypro.ai.

8. Data Retention

We retain information for as long as it is needed for the purposes described in this Policy:

  • Merchant account data is retained for the lifetime of the account plus up to 12 months after account closure
  • Shopper conversation data is retained for up to 24 months from collection, unless the merchant or shopper requests earlier deletion
  • Product catalog data is refreshed on each sync and the previous snapshot is discarded

9. International Data Transfers

Guidely Pro is operated from servers located in the United States. When you use the service from outside the United States, your data may be transferred to, stored in, and processed in the United States and other countries where our service providers operate. For transfers from the EU/EEA, UK, or Switzerland, we rely on appropriate safeguards including the European Commission's Standard Contractual Clauses.

10. Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including:

  • TLS encryption for all data in transit
  • Encryption at rest for stored credentials and sensitive fields
  • Role-based access controls and audit logging
  • Database-per-tenant isolation so each merchant's data is kept separate from every other merchant's data
  • Regular vulnerability scanning and dependency monitoring

No method of transmission or storage is 100% secure. While we strive to protect personal information, we cannot guarantee absolute security.

11. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • The right to access the information we hold about you
  • The right to correct inaccurate information
  • The right to request deletion of your information
  • The right to restrict or object to certain processing
  • The right to data portability
  • The right to withdraw consent where processing is based on consent
  • The right to lodge a complaint with a supervisory authority (for individuals in the EU/EEA or UK)

To exercise these rights, contact us at join@guidelypro.ai. If your data was provided to us by a merchant on whose storefront you interacted with our chatbot, you may also exercise these rights directly with that merchant.

12. Cookies and Tracking Technologies

Guidely Pro uses cookies and similar technologies for essential service functionality (authentication, session management, security), service performance (analytics, error reporting), and merchant preferences. We do not use cross-site advertising cookies. Merchants and shoppers can control cookies through their browser settings.

13. Children's Privacy

Guidely Pro is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and notify account holders by email at least 30 days before the changes take effect.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our Data Protection contact at: