[email protected]
GET STARTEDClaim your 100 free messages.

Privacy Policy

Last updated April 26, 2026

Privacy Policy

Last updated: April 2025

NGL AI ("we", "us", or "our") operates the platform at nglai.app. This Privacy Policy explains how we collect, use, and protect information when you use our AI-powered conversational commerce service.

1. Information We Collect

Account & Profile Data

  • Name, email address, and profile picture (via Google OAuth or email registration)
  • Store name and business details you provide during onboarding

Store & Product Data

  • Product catalog, prices, and inventory information you upload or sync
  • Integration credentials for Shopify, WooCommerce, or custom REST APIs (stored encrypted)

Messaging & Conversation Data

  • Customer conversations across connected channels (Messenger, WhatsApp, Instagram, Website Widget)
  • Order details confirmed through AI-assisted chat
  • Lead/customer contact information shared during conversations

Usage & Billing Data

  • Credit balance, top-up history, and per-message AI usage logs
  • Platform analytics: active channels, conversation counts, AI response metrics

2. How We Use Your Information

  • To operate the AI agent and process orders on your behalf
  • To sync your product catalog across messaging channels
  • To calculate and deduct message credits accurately
  • To generate analytics and performance reports visible to you
  • To send transactional emails (order confirmations, account alerts)
  • To improve AI response quality and platform reliability

3. Data Storage & Security

All data is stored on servers located in the cloud with industry-standard encryption at rest (AES-256) and in transit (TLS 1.3). API keys and channel access tokens are stored encrypted and never logged in plaintext. We use short-lived JWT access tokens and rotate refresh tokens on each use.

4. Third-Party Services

We share data with the following third parties solely to provide our service:

  • Google Gemini API — processes conversation messages to generate AI replies. Conversation content is sent to Google's API under their data processing terms.
  • Meta (Facebook/Instagram/WhatsApp) — we connect to Meta's Graph API to read and send messages on your behalf.
  • Shopify / WooCommerce — if you connect your store, we sync product and order data via their APIs.
  • PostgreSQL / Redis — infrastructure providers hosting our database and caching layer.

We do not sell your data or your customers' data to any third party.

5. Customer Data (Your Customers)

When your customers interact with your AI agent, their messages, names, and contact details are stored to enable the conversation and generate orders. As the merchant, you are the data controller for your customers' personal information. You are responsible for ensuring you have appropriate consent to use an AI-assisted chat service on your messaging channels.

6. Data Retention

  • Conversation logs are retained for 12 months from the last message, then deleted.
  • Order and lead records are retained for 3 years for business record purposes.
  • Billing and credit logs are retained for 5 years to comply with financial regulations.
  • You may request deletion of your account and associated data at any time by emailing us.

7. Your Rights

You have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

8. Cookies

We use a single session cookie (NEXT_LOCALE) for language preference and JWT refresh tokens stored in HTTP-only cookies. We do not use advertising or tracking cookies.

9. Changes to This Policy

We may update this policy as the platform evolves. We will notify active merchants by email at least 7 days before any material change takes effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

10. Contact

Questions about this policy? Email us at [email protected].