Privacy Policy

Last updated June 2, 2026

Template content for demonstration — review with legal counsel before publishing.

Concie ("we", "us") provides an AI pre-sales agent for e-commerce. This policy explains what personal data we collect, why, how we use and share it, how our AI handles data, and the rights you have. It applies to our website and product.

1. Our role: controller and processor

For our website and account holders, Concie acts as a data controller. When Concie answers your shoppers' questions on your behalf, we act as a data processor and you (the merchant) are the controller.

Processing of your shoppers' data is governed by our Data Processing Agreement (DPA), which incorporates GDPR Article 28 terms (including Standard Contractual Clauses where applicable) and is available to customers.

2. Information we collect

Information you provide: account details (name, work email, company), billing information, and the content you send us (e.g. your store URL, catalog, support messages).

Information collected automatically: device and usage data, log data, and cookies/identifiers (see our Cookie Policy).

Information from third parties: data from connected platforms you authorize (e.g. Shopify, WooCommerce, Meta) strictly to provide the service.

We limit collection to what is necessary to provide the service.

3. How we use your information

To provide, operate, secure and improve the service; to answer your shoppers' questions on your behalf; to process payments; to provide support; and to comply with legal obligations.

We do not sell personal data.

4. AI and your data

Concie uses AI models to understand and answer questions. We send only the data needed to generate an answer — your catalog, policies and the relevant conversation — to our AI sub-processors.

We do not use your data or your shoppers' conversations to train third-party foundation models, and our model providers are contractually prohibited from training on it. Concie answers only from your connected data and applies guardrails to avoid fabricated information.

5. Automated decision-making

Concie's answers are generated automatically, but they are not intended to produce legal or similarly significant effects on individuals, and a human can take over at any time.

Where you configure approvals, sensitive topics are routed to your team. You have the right to request human review of an automated interaction — contact privacy@concie.co.

7. How we share information & sub-processors

We share data with sub-processors that help us run the service, under GDPR-compliant contracts: cloud hosting and infrastructure, AI model providers, analytics, payment processors, and communication providers.

We also share data with the platforms you connect, at your direction; in a business transfer; and where required by law. A current list of sub-processors and our DPA are available to customers on request.

8. Data retention

We retain personal data for as long as your account is active or as needed to provide the service, then delete or anonymize it within a reasonable period, unless a longer retention is required by law.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, port, restrict or object to processing of your personal data, and to withdraw consent. To exercise these, contact privacy@concie.co. You may also lodge a complaint with your local data protection authority.

California residents (CCPA/CPRA) have rights to know, delete, correct, and opt out of "sharing"; we do not sell or "share" personal information as defined by those laws.

10. Marketing & your choices

If you opt in, we may send product and marketing emails; you can unsubscribe at any time via the link in each email or by contacting us. Service and transactional messages are not marketing and are necessary to operate your account.

11. International transfers

We may process data in countries other than yours. Where required, we use appropriate safeguards such as Standard Contractual Clauses for transfers out of the EEA/UK.

12. Security

We use technical and organizational measures to protect personal data, including encryption in transit and at rest, access controls, and least-privilege practices. See our Security page for details.

13. Cookies & tracking signals

We use cookies and similar technologies as described in our Cookie Policy, and set non-essential cookies only with your consent. Where required, we honor recognized opt-out signals such as Global Privacy Control (GPC).

14. Children's privacy

The service is not directed to children under 16, and we do not knowingly collect their personal data.

15. Changes & contact

We may update this policy and will post the new version with a revised date. For privacy questions or requests, or to reach our Data Protection Officer / EU representative, contact privacy@concie.co.

Terms of ServiceCookie PolicySecurity