Privacy Policy

Last updated: 13-Aug-2025

1. Introduction

RetailAI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered customer service platform.

2. Information We Collect

We collect information that you provide directly to us, such as when you create an account, use our services, or communicate with us. This may include:

• Contact information (e.g., name, email address, phone number)
• Business information (e.g., company name, role)
• Customer service interaction data
• Payment information

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Develop new products and services
• We will use your data to provide you with the services you requested, such as email notifications, inbox management, and automated or assisted replies on your behalf.

4. Google User Data and Gmail API Usage

When you connect a Google account to RetailAI to enable the AI agent to manage email conversations, we access and process limited Google user data with your explicit consent.

• Data we access: your Google account email address and profile name; Gmail message metadata (sender, recipient, subject, headers, timestamps); message body content (plain text and/or HTML); and message IDs. Attachments are only accessed if required for the requested service.
• Purpose: to retrieve incoming customer emails, display them in your CRM inbox, generate automated or suggested responses, send replies on your behalf (where configured), maintain conversation history, and provide notifications.
• Scope and timing: after you connect Gmail, we subscribe to future inbox activity and do not backfill historic emails. Processing starts from the time of connection/watch activation.
• Sending and modifying mail: if enabled, we use Gmail APIs (e.g., gmail.modify) to send or label messages necessary to fulfill your requested workflows.
• Token handling: OAuth tokens are stored securely and used only to provide the requested Gmail features (subscribe to mailbox changes, fetch new messages, send replies).
• Automated processing: AI-generated suggestions or replies may be used to assist your agents. You can choose to review before sending.
• Compliance: RetailAI’s use of information received from Gmail APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We limit our use of Google user data to providing and improving user-facing features. We do not use Google user data for targeted advertising, sell it to data brokers, provide it to information resellers, determine credit-worthiness, or build independent profiles unrelated to your account.

4.1 Limited Use and Prohibited Uses (Google User Data)

Consistent with Google’s OAuth verification guidance, our handling of Google user data explicitly excludes:

• Targeted, personalized, retargeted, or interest-based advertising
• Selling or transferring to data brokers or information resellers
• Determining credit-worthiness, lending, or similar eligibility decisions
• Creating standalone datasets unrelated to your use of RetailAI
• Training AI or ML models on Google user data beyond what is strictly necessary to provide user-facing features for your account

5. Sharing and Disclosure

We will not sell your data to third parties. We may share your data with trusted partners who help us provide our services, such as cloud hosting providers, email delivery partners, security/monitoring vendors, and authorized sub-processors operating under data protection agreements. We do not share Google user data for advertising purposes.

6. Data Retention

We retain email messages and related conversation data as long as your account remains active or as needed to provide the services. You may disconnect Gmail at any time, and you can request deletion of stored email records subject to legal or contractual obligations.

7. Your Choices and Controls

• You can disconnect your Google account and revoke access in your Google Account permissions.
• You can unsubscribe the Gmail watch within the product (stop receiving future notifications) without removing the account.
• You may request data deletion of stored email records via our support channels.

8. Data Security

We implement appropriate technical and organizational measures to protect the security of your personal information. However, please note that no method of transmission over the Internet or electronic storage is 100% secure.

• Encryption in transit (TLS) and at rest for applicable data stores
• Secure storage and limited, role-based access to OAuth tokens and email data
• Principle of least privilege for systems and personnel
• Monitoring and logging for operational and security events

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at ssh.sherazi@gmail.com

Back to Home