Privacy Policy

This Privacy Policy describes how SolisHQ ("Company," "we," "us") collects, uses, and protects information when you use the Accipio platform ("Service"). We are committed to protecting your privacy and the privacy of your customers. This policy applies to all data processed through the Accipio platform.

We collect information necessary to operate the Service: (a) Account information — your commerce platform account details and configuration; (b) Commerce data — product catalogs, order information, and customer interaction data as authorized by your commerce platform integration; (c) Conversation data — customer messages and AI-generated responses processed through the 7-step pipeline; (d) Usage data — platform usage metrics, feature utilization, and performance data; (e) Policy configuration — the business rules and policies you define within the Service.

Your data is used exclusively to operate the Service: processing customer conversations through the Authorized Response Pipeline, evaluating policies, generating analytics and revenue attribution reports, improving your merchant-specific AI model, and providing technical support. We do not sell your data. We do not use your data to train general-purpose AI models. Your data is never shared with other merchants.

Accipio uses a DB-per-tenant architecture. Every merchant receives a dedicated, physically isolated database. Your data is not stored in a shared database with access controls — it is structurally isolated. Cross-tenant data access is architecturally impossible. This isolation is a core engineering principle, not a feature that can be disabled.

All data at rest is encrypted using AES-256-GCM with per-tenant encryption keys. All data in transit is protected with TLS 1.3. Encryption keys are managed through secure key management infrastructure and are never stored alongside encrypted data.

Customer personally identifiable information (PII) is never stored in AI processing artifacts. The Service retains only commerce platform reference identifiers (e.g., Shopify GID) to reference customer records. A PII detection gate operates on every data write operation to prevent accidental PII storage. Customer data remains in your commerce platform — Accipio references it but does not duplicate it.

Active accounts: data is retained for the duration of your subscription. Conversation logs are retained for the period specified in your plan configuration. Cancelled accounts: data is retained for thirty (30) days after cancellation, then permanently deleted. Audit records: tamper-evident audit chain records are retained according to your plan's audit retention policy.

The Service integrates with commerce platforms (currently Shopify) to access data you have authorized. The Service uses AI model providers to process conversations through the pipeline. We select providers that meet our security and privacy standards. We do not share your data with third parties for marketing, advertising, or any purpose unrelated to operating the Service.

You have the right to: access all data stored by the Service on your behalf; export your data at any time through the dashboard; request deletion of your data; understand what data is collected and how it is used; restrict processing of your data. To exercise these rights, contact us at privacy@solishq.com.

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least thirty (30) days before they take effect. The current version of this policy is always available on our website.

For privacy-related questions or requests, contact us at privacy@solishq.com.