Privacy Policy

Effective date: 20 Dec 2025

This Privacy Policy explains how Convomesh (“we”, “us”) collects, uses, shares, and protects information when merchants install our Shopify app or use our services, and when end users interact with sites or communications where our technology is present.

Who we are

Convomesh is provided by Melbourne Digital Group Pty Ltd (ABN 69640635561), an Australian company operating primarily on Google Cloud Platform. Registered address: Melbourne, VIC 3000, Australia. Our services include an AI-powered shopping assistant chat widget, voice mode, and merchant analytics dashboard.

Data we collect

We collect the following categories of data to provide our AI shopping assistant service:

Merchant account data

• Shop domain, OAuth tokens, app configuration, billing tier.

Customer data (via Shopify API)

When customers sign in to our chat widget, we access the following to provide personalized service:

• Customer profile: Name, email address for authentication and personalization.
• Order history: Past orders, order status, and purchase patterns to answer customer inquiries and provide relevant recommendations.
• Fulfillment data: Shipping status, tracking numbers, and delivery information to answer “where's my order?” queries.

Commerce events (via webhooks)

• Orders, fulfillments, refunds (fields provided by Shopify webhooks).
• We prioritize identity by email, then Shopify customer ID. We do not persist phone numbers by default.

Web events (via Shopify Web Pixel)

• Product views, add-to-cart events, checkout started events.
• Session IDs, user agent, IP address (truncated/geo-approximated where required).
• Consent state for compliance tracking. Our Web Pixel Extension sends events only when the platform indicates consent is granted.

Chat interaction data

• Chat messages and conversation history for session continuity.
• Product preferences and “My People” gift recipient profiles (stored locally on device).
• Voice mode audio (processed in real-time, not stored).

Operational metadata

• Timestamps, delivery statuses, retry and deduplication markers, system logs.

How we use data

• AI Shopping Assistant: Provide personalized product recommendations, answer customer questions, and display order status in the chat widget.
• Voice Mode: Enable voice-based shopping assistance with order context for authenticated users.
• Merchant Analytics: Show chat-attributed sales, customer engagement metrics, and product performance insights.
• Attribution Verification: Allow merchants to verify chat attribution tracking via test orders.
• Multi-currency Pricing: Display accurate prices in the customer's local currency based on merchant market configuration.
• Ensure reliability and security (fraud/abuse detection, incident response).
• Comply with legal obligations and merchant contractual requirements.

Shopify API Scopes

Our Shopify app requests the following permissions to provide our service:

Protected Customer Data

• read_customers: To authenticate returning customers and personalize the chat experience with their name and preferences.
• read_orders: To display order history and answer order status inquiries in the chat widget.
• read_fulfillments: To show shipping status, tracking numbers, and delivery information.
• write_orders: To create $0 test orders for merchants to verify attribution tracking (embedded admin only; not available in the storefront/chat; we do not create customer orders via chat).

Event Tracking

• read_pixels, write_pixels: To manage our Web Pixel for customer journey analytics.
• read_customer_events: To track product views and cart events via our Web Pixel Extension.

Pricing & Commerce

• read_markets, read_shipping: To display accurate multi-currency pricing based on customer location.
• read_products, read_inventory: To provide product recommendations and stock availability.

Applicable laws

We process personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and where relevant, the EU/UK GDPR and the California CCPA/CPRA.

Legal bases

Where applicable, we rely on one or more of: performance of a contract (to provide the service), legitimate interests (to secure and improve the service), and consent (for web pixels where required by law).

Cookies and tracking

We use essential cookies and similar technologies necessary to operate the service and secure sessions. For details, see our Cookie Policy.

Data minimization and retention

• We process only the fields necessary for the agreed use cases.
• Chat conversations: Retained for session continuity; customers can clear history.
• Operational logs: Retained for limited windows for troubleshooting.
• Commerce and web events: Retained per merchant configuration; merchants can request deletion.
• Voice mode audio: Processed in real-time, not stored.

GDPR/CCPA deletions via Shopify

We automatically process Shopify's GDPR webhooks (customers/data_request, customers/redact, shop/redact) to fulfill access and deletion requests. Merchants and end users may also contact us directly to request deletion or access to data.

Sharing and sub-processors

We don't sell personal data. We use service providers to operate our platform:

• Google Cloud Platform: Infrastructure, AI/ML services (Gemini for chat/voice).
• Firebase: Customer authentication.
• Stripe: Payment processing (if billing enabled).

See our Sub-processors list for the complete list.

Security

• Encryption in transit and at rest (provider-managed keys); secret storage in Google Secret Manager.
• Principle of least privilege; service-to-service auth via OIDC and IAM roles; audit logging for data access.
• DDoS protections and rate limiting; replay/deduplication for webhook processing.
• Shopify OAuth tokens stored securely in Secret Manager, never exposed to clients.

Your rights

We support GDPR/CCPA rights through Shopify's GDPR topics (customers/data_request, customers/redact, shop/redact) and via direct requests from merchants or end users. See Data Requests for instructions or contact msango@convomesh.com.

• GDPR/UK GDPR (EEA/UK residents): Access, rectification, erasure, restriction, portability, objection.
• CCPA/CPRA (California residents): Right to know, delete, correct, and opt-out of sale/share. We do not sell personal information. Submit requests via your merchant or msango@convomesh.com.
• Chat data: Customers can clear their chat history and preferences at any time within the widget.

Controller vs Processor

For merchant customer data synced from Shopify, we act as a processor on behalf of the merchant (controller). For our own site analytics, account data, and service operations, we act as a controller. Our Data Processing Addendum applies when required by law.

International transfers

Data may be processed in regions where our cloud infrastructure or sub-processors operate (primarily US, Australia). We implement appropriate safeguards for cross-border transfers where required by law.

Communications

You may opt out of non-essential marketing emails by using the unsubscribe link in the message or contacting us. Service and transactional communications may still be sent. See Billing & Refund Policy for billing communications.

Children

Our services are not directed to children under 16 and we do not knowingly collect personal data from them.

Changes

We may update this policy from time to time. Material changes will be posted here with an updated effective date.

Contact

Legal entity: Melbourne Digital Group Pty Ltd (ABN 69640635561)
Registered address: Melbourne, VIC 3000, Australia
Email: msango@convomesh.com