Provider: Siddhivatech · Contact: sales@siddhivatech.com
Orbit ("the App", "we") is a Shopify app that adds an AI chat and optional voice assistant to a merchant's storefront. This policy explains what data the App collects, how it is used, who it is shared with, and the choices available to merchants and their customers.
From the merchant's Shopify store (via granted scopes):
read_products) — catalog data used to answer product questions.read_orders) — recent orders, used to answer order-status questions and for in-app analytics.read_themes) — to detect and render the storefront widget.From shoppers interacting with the assistant:
Merchant-provided content: knowledge base entries and assistant prompts the merchant configures.
We do not sell personal data.
To produce answers, the App sends shopper message text and relevant store context (e.g. catalog snippets and the merchant's knowledge-base entries) to Google Gemini (Google LLC) for AI processing. Google processes this data as our service provider to return a response. See Google's privacy terms and the Gemini API terms. We do not send AI providers more than is needed to answer the question.
The optional voice assistant streams microphone audio from the shopper's browser directly to Google's Gemini Live service over a secure connection using a short-lived, single-use token minted by our server. Audio is not stored on our servers.
We share data only with: (a) Google (AI processing, as above), and (b) Shopify (the platform the App runs on). We do not share personal data with advertisers or data brokers. We may disclose data if required by law.
The App implements Shopify's required privacy webhooks:
customers/data_request — we provide the stored data for the identified customer.customers/redact — we delete the identified customer's data.shop/redact — we delete the shop's data after uninstall.Merchants and their customers may exercise data-subject rights via the merchant, who can contact us at sales@siddhivatech.com.
Data is transmitted over HTTPS/TLS. The AI provider is authenticated server-side; the long-lived API key is never exposed to shopper browsers. Access tokens and credentials are stored securely.
The App is not directed to children and does not knowingly collect data from them.
We may update this policy; the "Last updated" date will change. Material changes will be communicated to merchants.
Questions or requests: sales@siddhivatech.com.