Privacy Policy for Phoenix CRO Engine

Effective Date: December 16, 2025

1. Introduction

Phoenix CRO Engine ("we", "us", or "our") provides a Conversion Rate Optimization service specifically designed for Shopify merchants. We respect your privacy and the privacy of your customers. This policy outlines how we collect, use, and protect data.

2. Data We Collect

To provide our services (including Shadow Mode analysis and Live Optimization), we process the following data:

• Merchant Information: Store name, email, and basic shop settings.
• Store Traffic Data: Anonymous session identifiers, cart actions, page views, and conversion events.
• Customer Data: We minimize the collection of PII (Personally Identifiable Information). We use session behavior to train our local AI models. We do not sell customer data to third parties.

3. How We Use Your Data

• To train the Reinforcement Learning (RL) agent specific to your store.
• To analyze conversion lift and provide performance metrics.
• To execute automated actions (e.g., applying discounts) based on the "Policy Network" decisions.

4. Data Retention & GDPR

We comply with Shopify's GDPR requirements.

• Data Erasure: Upon uninstallation, your store's configuration and specific AI models are scheduled for deletion.
• Subject Requests: We honor "Right to be Forgotten" requests received via Shopify's customers/redact and shop/redact webhooks.

5. Third-Party Services

Our application infrastructure is hosted on secure cloud providers (Render, Supabase/PostgreSQL) which adhere to industry security standards.

6. Contact Us

For privacy concerns, data requests, or support, please contact us at:
support@phoenixcro.io

(Note: If you have previously contacted us via our legacy Gmail address, please update your records to our new official support channel above.)