SIZIT Privacy Policy
Last updated on September 18, 2025
This policy explains how SIZIT AI ("SIZIT", "we") collects, uses, and protects the personal information of merchants who install the app and users who interact with our services.
1. Information We Collect
We may process:
- Shopify store data (name, domain, plan, shop ID).
- Contact details for authorized administrators provided by Shopify (name, email, phone).
- Product catalog, variants, and metadata required for size recommendations.
- Widget usage metrics on the storefront in aggregated/anonymous form whenever possible.
- Technical logs and diagnostics for support and security.
We do not store card data or payment credentials.
2. Purposes of Processing
- Provide and maintain the size recommendation service.
- Sync catalog and sizing data with our algorithms.
- Offer support and improve the product through analytics.
- Comply with legal obligations and Shopify platform requirements.
3. Legal Basis
Performance of the contract with the merchant, compliance with legal obligations, and our legitimate interest in operating, maintaining, and improving the service. When required, we will request the corresponding consent.
4. Processor/Controller
For end-customer data we generally act as data processor. The merchant acts as controller and sets the purposes. We may act as controllers for data related to our relationship with the merchant (contact, billing, support).
5. Sharing and Providers
We do not sell personal data. We may share data with:
- Infrastructure and service providers (hosting, monitoring, email).
- Authorities when required by law.
We require providers to implement security measures and appropriate agreements (e.g., SCCs).
6. Retention
We retain data for as long as necessary for the stated purposes. After the plugin is uninstalled, we delete or anonymize unnecessary information within a reasonable timeframe, unless we must keep it by law.
7. Data Subject Rights (GDPR)
You may exercise the following rights with us:
- Access, rectification, and erasure.
- Restriction of processing and portability.
- Objection and withdrawal of consent.
- Complaint before your data protection authority.
For requests related to end-customer data, we may have to redirect you to the merchant responsible for handling the request.
8. Security
We apply encryption in transit, access controls, and continuous monitoring.
9. International Transfers
We may work with providers inside and outside the EEA. We implement appropriate safeguards (e.g., Standard Contractual Clauses) when applicable.
10. Updates
We will publish any changes on this page and indicate the date of the latest update. We recommend reviewing it periodically.
11. Contact
Contact us at legal@sizit.ai.