Privacy Policy

For account holders and business contacts, ModlyAI is generally the data controller. When your shoppers interact with the ModlyAI widget on your website, you are typically the controller of shopper data and ModlyAI acts as a processor/service provider on your behalf, processing data according to your instructions and our agreement with you.

Contact: privacy@modlyai.tech

Account and business data: name, work email, company name, billing details, support communications, and usage of the dashboard.

Widget and catalog data: product catalog fields you sync, widget configuration, session or usage metrics, shopper messages, optional room photos or uploads, and technical logs (IP address, device/browser type, timestamps, and similar diagnostics).

Cookies and similar technologies: on our marketing site and app we may use cookies for authentication, security, analytics, and preferences. You can control cookies through your browser settings where applicable.

We use personal information to:

• Provide, secure, and maintain the Service;
• Process subscriptions and communicate about your account;
• Generate catalog-grounded AI responses and analytics for retailers;
• Detect abuse, troubleshoot, and improve reliability;
• Comply with law and enforce our terms;
• Send product updates or marketing to business contacts (you may opt out).

We do not sell personal information as defined under the California Consumer Privacy Act (CCPA), as amended by the CPRA. We do not use shopper data to train public models for unrelated purposes without appropriate contractual controls.

Where GDPR or UK GDPR applies, we rely on:

• Contract — to deliver the Service you requested;
• Legitimate interests — security, product improvement, and B2B marketing, balanced against your rights;
• Consent — where required (for example, certain cookies or optional communications);
• Legal obligation — when we must retain or disclose data by law.

We may share data with:

• Infrastructure, hosting, analytics, and payment providers under contractual safeguards;
• AI and API subprocessors needed to operate features you enable;
• Professional advisers or authorities when required by law;
• A successor entity in a merger or acquisition, with notice where required.

We require processors to handle data only on our instructions and with appropriate security measures.

We retain information for as long as needed to provide the Service, meet legal obligations, resolve disputes, and enforce agreements. Retention periods may differ for account data, billing records, and widget session logs. You may request deletion subject to applicable law and active subscriptions.

We implement administrative, technical, and organizational measures designed to protect personal information, including access controls and encryption in transit where appropriate. No method of transmission or storage is completely secure; please use strong credentials and notify us of suspected incidents.

We may process data in the United States and other countries. Where required, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or UK authorities, supplemented by additional measures where necessary.

Depending on your location, you may have rights to access, correct, delete, restrict or object to processing, port data, and withdraw consent. California residents may have rights to know, delete, and correct personal information, and to limit use of sensitive personal information where applicable. We will not discriminate against you for exercising these rights.

EEA/UK residents may lodge a complaint with a supervisory authority. To exercise rights, email privacy@modlyai.tech. We may verify your request. Shoppers should contact the retailer whose site they used; retailers can contact us to assist with processor requests.

The Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps to delete it.

We may update this policy from time to time. We will post the revised version with a new "Last updated" date and, where required, provide additional notice. Continued use after changes become effective constitutes acknowledgment where permitted by law.

ModlyAI — Privacy inquiries: privacy@modlyai.tech. For contractual data processing terms, contact your account representative or see your order form and Terms of Service.