Last updated: April 26, 2026
ShopQuery, Inc. ("ShopQuery", "we", "our", or "us") operates catalog infrastructure for physical retail merchants. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our platform, including our website at shopquery.ai, our merchant dashboard, our embeddable storefront widgets, and our integrations with third-party platforms including Meta (WhatsApp and Instagram), Google, Shopify, Square, Lightspeed, Vend, and other point-of-sale and inventory management systems (collectively, the "Services").
By accessing or using the Services, you agree to this Privacy Policy. If you are a merchant using ShopQuery on behalf of a business, you represent that you have authority to bind that business to this policy.
Merchant Account Information. When you create a ShopQuery account, we collect your name, business name, email address, phone number, and billing information.
Point-of-Sale and Inventory Data. With your authorisation, we connect to your inventory management system using read-only credentials. We read product names, descriptions, prices, variants, stock levels, location identifiers, and related catalogue metadata. We do not write to, modify, or delete data in your invenotry system.
Customer Interaction Data. When buyers interact with your ShopQuery-powered channels, including WhatsApp, Instagram DMs, Google Shopping listings, and embedded website storefronts, we may collect message content, product queries, interaction timestamps, and session metadata solely for the purpose of generating catalog responses and fulfilling your service.
Usage and Technical Data. We collect information about how you use the Services, including IP addresses, browser type, pages visited, API request logs, and error reports. This data is used for security, performance monitoring, and product improvement.
Communications. If you contact us for support or onboarding, we retain those communications.
We use the information we collect to:
We do not sell your data. We do not use your inventory or customer data to train machine learning models without your explicit consent.
ShopQuery integrates with Meta's WhatsApp Business API and Instagram Messaging API to enable conversational commerce on your behalf. By connecting these channels, you authorise ShopQuery to send and receive messages through your registered business accounts.
Message content processed through these integrations is used only to generate catalog-based responses to buyer queries. We do not share this data with third parties beyond what is required to operate the integration.
Your use of these integrations is subject to Meta's Terms of Service and Data Policy. ShopQuery acts as a data processor on your behalf for messages handled through Meta's platforms. As the business account holder, you remain the data controller for your customer conversations.
We comply with Meta's Platform Terms and all applicable WhatsApp Business API policies. Message content is not used for advertising or shared with Meta beyond what is required by the integration.
When you connect a Shopify, Square, Lightspeed, Vend, or other integrated system, we request only the minimum permissions required to read your product and inventory data. We do not request payment processing, customer account, or order management permissions unless explicitly required by a feature you enable.
For Shopify merchants, ShopQuery operates as a Shopify Partner and complies with Shopify's Partner Program Agreement and API Terms of Service. Data accessed via the Shopify API is used solely to operate the Services and is not shared with third parties except as described in this policy.
We do not sell, rent, or trade your personal information or business data to third parties.
We share data only in the following circumstances:
We retain your account data for as long as your account is active. Inventory snapshot data is retained for a rolling 90-day period to support sync history and troubleshooting. Message logs from AI-assisted conversations are retained for 30 days, then deleted.
On account termination, we delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes.
We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. System credentials are stored using secure vault infrastructure and are never logged or exposed in plaintext.
No system is perfectly secure. We encourage you to use strong passwords and notify us immediately at [email protected] if you believe your account has been compromised.
Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. You may also have the right to restrict or object to certain processing.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. Where we are acting as a data processor on behalf of your business, requests relating to buyer data should be directed to you as the data controller.
ShopQuery is operated from the United States. If you access our Services from outside the United States, your data may be transferred to and processed in the United States. We implement appropriate safeguards for international transfers in accordance with applicable law.
Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at [email protected] and we will delete it.
We may update this Privacy Policy from time to time. Material changes will be notified by email or via an in-dashboard notice at least 14 days before taking effect. Continued use of the Services after changes take effect constitutes acceptance of the updated policy.