Privacy Policy

Data We Receive

• Shopping or gifting intent, such as what the user wants to buy, budget, region, and constraints.
• Optional personal_agent_context summaries, such as recipient, preferences, dislikes, hard constraints, and memory_refs.
• Request metadata needed for operations and abuse prevention, such as channel, path, status code, timestamps, and hashed IP / user-agent values.
• Developer account data when provided, such as display name, email, company, website, API key metadata, and authenticated request logs.
• Merchant, click, order, attribution, and settlement events when a merchant or commerce integration sends them to SellToAI.

Data You Should Not Send

• Do not send raw user memory, full conversation history, private notes, or sensitive profile text.
• Do not send payment card numbers, bank accounts, government IDs, exact addresses, passwords, or third-party login credentials.
• SellToAI is designed to receive privacy-bounded summaries from Personal Agents, not raw Personal Agent memory.

How We Use Data

• To generate product recommendations, Product Evidence Cards, personalization_trace, and MorasOS understanding_trace.
• To enforce public trial quotas, account-level quotas, security controls, abuse prevention, debugging, and developer request logs.
• To preserve MatchToken, click, and order attribution so a recommendation can be connected to an outcome.
• To improve recommendation quality, evidence coverage, merchant fulfillment, and developer integration experience.

Sharing and Retention

• We do not sell personal information.
• We may process data with infrastructure, analytics, merchant/checkout, attribution, and security service providers as needed to operate SellToAI.
• We retain data only as long as needed for operations, audit, compliance, dispute handling, and product improvement, then delete, aggregate, or anonymize it.

Contact

To request access, deletion, or correction, contact [email protected].