ASE, Inc
Install App

Privacy Policy

Last Updated: December 4, 2025

1. Introduction

ASE, Inc. ("we," "us," or "our") operates the SuzyAI application ("App" or "Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our Service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

When you register for and use the Service, we collect:

  • Account Information: Name, email address, business name, and contact details
  • Payment Information: Billing information processed through Shopify's billing system
  • Authentication Credentials: Login credentials for your email account (stored securely using OAuth tokens)

2.2 Information from Shopify

When you connect your Shopify store, we access the following data through Shopify's API:

  • Store Information: Store name, domain, and settings
  • Order Data: Order numbers, status, dates, line items, shipping information, and tracking numbers
  • Customer Data: Customer names, email addresses, order history, and notes
  • Product Data: Product names, SKUs, descriptions, and inventory levels

2.3 Information from Your Email Account

When you connect your email account (Gmail or Outlook), we access:

  • Email Content: Subject lines, message bodies, sender and recipient information, and timestamps
  • Email Metadata: Labels, folders, read/unread status
  • Draft Emails: Draft responses created by our Service for your review

2.4 Automatically Collected Information

We automatically collect certain information when you use the Service:

  • Usage Data: Features used, actions taken, time spent, and frequency of use
  • Device Information: Browser type, operating system, IP address, and device identifiers
  • Log Data: Server logs, error reports, and performance data
  • Analytics Data: Response times, email volumes, and service performance metrics

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the Service: Analyze emails, retrieve order information, and generate draft responses
  • Improve the Service: Enhance AI accuracy, develop new features, and optimize performance
  • Account Management: Create and maintain your account, process payments, and provide customer support
  • Communication: Send service updates, security alerts, and support messages
  • Analytics: Generate insights about support performance and customer interactions
  • Security: Detect and prevent fraud, abuse, and security incidents
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. AI and Machine Learning Processing

Our Service uses artificial intelligence and machine learning to:

  • Analyze customer emails to understand intent and context
  • Match emails with relevant Shopify order data
  • Generate contextually appropriate draft responses
  • Learn from your feedback to improve response quality

Important: We do not use your data to train general AI models that benefit other customers. AI processing is performed solely to provide service functionality to your account.

5. How We Share Your Information

We do not sell your personal information or customer data to third parties. We may share information in the following circumstances:

5.1 Service Providers

We work with third-party service providers who perform services on our behalf:

  • Cloud Infrastructure: Amazon Web Services (AWS) for hosting and data storage
  • AI Services: OpenAI or similar providers for natural language processing
  • Analytics: Service analytics and performance monitoring tools
  • Payment Processing: Shopify for billing and payment processing

These service providers are contractually bound to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Legal process, court orders, or government requests
  • Enforcement of our Terms of Service
  • Protection of our rights, property, or safety
  • Investigation of fraud or security issues

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

6. Data Storage and Security

6.1 Data Storage

Your data is stored on secure servers located in the United States. We retain:

  • Active Account Data: For as long as your account is active
  • Historical Data: For up to 90 days after account closure for legal and operational purposes
  • Aggregated Analytics: Indefinitely in anonymized form

6.2 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access and multi-factor authentication for our team
  • Regular Audits: Security assessments and vulnerability testing
  • Monitoring: 24/7 security monitoring and incident response
  • OAuth Tokens: Secure token storage using industry best practices

While we implement robust security measures, no method of transmission over the internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

7. Data Retention and Deletion

We retain your data only for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active
  • Email and Order Data: Cached temporarily for service functionality (typically 30 days)
  • Usage Logs: Retained for 90 days for troubleshooting and analytics
  • Billing Records: Retained for 7 years for tax and accounting purposes

When you delete your account, we will delete your data within 30 days, except where we are required to retain it by law or for legitimate business purposes (such as fraud prevention or billing disputes).

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

8.1 General Rights

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Data Portability: Request a copy of your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing of your personal information
  • Withdraw Consent: Withdraw consent for data processing at any time

8.2 GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to lodge a complaint with a supervisory authority
  • Right to object to automated decision-making
  • Right to receive clear information about data processing

8.3 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell your information)
  • Right to non-discrimination for exercising your rights

8.4 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@suzyai.com. We will respond to your request within:

  • 30 days for general requests
  • 1 month for GDPR requests (extendable to 3 months for complex requests)
  • 45 days for CCPA requests (extendable to 90 days)

We may require verification of your identity before processing your request.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and service functionality
  • Analytics Cookies: Understand how you use the Service and improve user experience
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect service functionality.

10. Third-Party Services and Links

The Service integrates with third-party services:

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@suzyai.com.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data Processing Agreements with service providers
  • Compliance with applicable data transfer regulations

13. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer:

Email: dpo@suzyai.com

Subject: GDPR Inquiry - [Your Name]

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Sending an email to the address associated with your account
  • Posting a notice in the Service
  • Updating the "Last Updated" date at the top of this policy

We will provide at least 30 days' notice before material changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Shopify-Specific Privacy Information

As a Shopify App, we comply with Shopify's privacy requirements:

  • Data Access: We only access Shopify data that is necessary to provide the Service
  • Customer Data: We access customer data from your Shopify store solely to generate contextual email responses
  • Data Minimization: We collect only the minimum data necessary for service functionality
  • Shopify Plus: We comply with Shopify Plus security and privacy requirements
  • GDPR Webhooks: We support Shopify's GDPR webhooks for customer data requests and erasure

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ASE, Inc.

Privacy Inquiries: privacy@suzyai.com

Data Protection Officer: dpo@suzyai.com

General Support: support@suzyai.com

Website: suzyai.com

We will respond to all legitimate privacy requests within the timeframes required by applicable law.