Privacy Policy
Last updated: January 3, 2026
Web Development Solutions LLC, a California limited liability company doing business as "Attend" ("Attend," "we," "us," or "our"), respects your privacy and is committed to protecting the personal information you share with us.
This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our AI-powered customer support service ("Service"). This policy applies to:
- Merchants: Shopify store owners who install and use Attend
- End-Users: Customers of merchants who interact with Attend's chat widget
Please read this Privacy Policy carefully. By using the Service, you agree to the practices described herein.
1. Introduction
1.1 About This Policy
This Privacy Policy describes:
- What information we collect
- How we use that information
- When and with whom we share information
- Your choices and rights regarding your information
- How we protect your information
1.2 Our Role
For Merchants: We act as a data controller for your account information and as a data processor for the customer data you process through our Service.
For End-Users: The merchant whose store you are interacting with is the data controller for your personal information. We act as a data processor on behalf of the merchant. Please refer to the merchant's privacy policy for information about how they handle your data.
1.3 Applicability
This policy applies to information collected through:
- Our website (tryattend.com)
- The Attend Shopify application
- The chat widget embedded on merchant stores
- Communications with us (email, support requests)
2. Information We Collect
2.1 Merchant Information
When you create an account and use our Service, we collect:
Account Information:
- Shopify store name and URL
- Contact email address
- Name (if provided)
- Billing information (processed through Shopify)
Configuration Data:
- Widget settings (colors, position, greeting message)
- Store policies (shipping, returns, FAQ content)
- AI configuration (tone preferences, custom instructions)
- Escalation email addresses
Usage Data:
- Feature usage and interaction patterns
- Conversation volumes and metrics
- Login activity and timestamps
2.2 End-User Information
When end-users interact with the chat widget, we collect:
Conversation Data:
- Chat messages and content
- Timestamps of interactions
- Pages visited during chat session
Order Information (when voluntarily provided):
- Order numbers
- Email addresses
- Information retrieved from Shopify (order status, tracking, items)
Technical Information:
- Browser type and version
- Device type
- IP address (for security and fraud prevention)
- Session identifiers
2.3 Information from Third Parties
We may receive information from:
Shopify:
- Store information via Shopify APIs
- Order and customer data (as authorized by the merchant)
- Billing and subscription information
AI Providers:
- Generated responses (we do not receive training data)
2.4 Automatically Collected Information
We automatically collect:
- Log files (requests, errors, performance data)
- Analytics data (aggregated usage statistics)
- Security event logs
3. How We Use Information
3.1 Providing the Service
We use information to:
- Operate and maintain the chat widget
- Process and respond to customer inquiries
- Execute AI-powered conversations
- Perform order lookups and actions (as configured)
- Deliver conversation transcripts and analytics
3.2 Improving the Service
We use information to:
- Analyze usage patterns and optimize performance
- Identify and fix bugs and errors
- Develop new features and functionality
- Train and improve AI models (using only aggregated, anonymized data—see Section 3.5)
3.3 Communications
We use merchant information to:
- Send service-related notices and updates
- Respond to support requests
- Provide billing and subscription information
- Send product updates and announcements (with opt-out available)
3.4 Security and Compliance
We use information to:
- Detect and prevent fraud, abuse, and security incidents
- Enforce our Terms of Service
- Comply with legal obligations
- Respond to legal requests and protect our rights
3.5 AI Training
We do not use your conversation data to train AI models.
Our AI provider (Anthropic) has confirmed that conversation data processed through their API is not used for model training. We do not share your data with any party for AI training purposes.
We may use aggregated, anonymized usage data to improve our Service, but this data cannot be used to identify any individual or merchant.
5. Data Retention
5.1 Retention Periods
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 60 days |
| Conversation data | Duration of account + 60 days |
| Configuration data | Duration of account + 60 days |
| Billing records | 7 years (legal requirement) |
| Security logs | 1 year |
| Aggregated analytics | Indefinitely |
5.2 Account Deletion
When you delete your account or uninstall the app:
- Most data is deleted within 60 days
- End-user personal data is deleted within 48 hours (per Shopify requirements)
- Some data may be retained as required by law or for legitimate business purposes (e.g., fraud prevention)
- Aggregated, anonymized data may be retained indefinitely
5.3 Data Export
You may export your conversation data at any time through the Service dashboard. We recommend exporting your data before canceling your subscription.
6. Data Security
6.1 Security Measures
We implement reasonable administrative, technical, and physical safeguards to protect your information, including:
Technical Safeguards:
- Encryption in transit using TLS 1.2 or higher
- Encryption at rest using AES-256
- Secure credential storage (hashed, salted passwords)
- Regular security updates and patches
Administrative Safeguards:
- Access controls and authentication requirements
- Employee security training
- Vendor security assessments
- Incident response procedures
Operational Safeguards:
- Regular security monitoring
- Vulnerability assessments
- Secure development practices
6.2 Data Breach Response
In the event of a data breach affecting your personal information, we will:
- Investigate and contain the breach
- Notify affected parties as required by law (typically within 72 hours)
- Take steps to mitigate harm
- Report to relevant authorities as required
6.3 Limitations
While we implement reasonable security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.
7. Your Rights
7.1 Access and Portability
You have the right to:
- Access your personal information
- Receive a copy of your data in a portable format
- Know what information we have collected about you
7.2 Correction
You have the right to request correction of inaccurate or incomplete personal information.
7.3 Deletion
You have the right to request deletion of your personal information, subject to certain exceptions (legal obligations, fraud prevention, legitimate business purposes).
7.4 Restriction and Objection
You may have the right to:
- Restrict processing of your information in certain circumstances
- Object to processing based on legitimate interests
- Opt out of marketing communications
7.5 Exercising Your Rights
To exercise any of these rights, please contact us at:
Email: hello@tryattend.com
We will respond to your request within 30 days (or sooner if required by law). We may need to verify your identity before processing your request.
7.6 End-User Rights
If you are an end-user (customer of a merchant), please contact the merchant directly to exercise your data rights. We will assist merchants in responding to data subject requests.
8. California Privacy Rights (CCPA/CPRA)
8.1 Applicability
This section applies to California residents and supplements the rest of this Privacy Policy.
8.2 Categories of Information
In the preceding 12 months, we have collected the following categories of personal information:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address | Yes |
| Commercial information | Products/services purchased, purchasing history | Yes (via Shopify) |
| Internet activity | Browsing history, search history, interactions | Yes |
| Geolocation data | Approximate location from IP | Yes |
| Professional information | Business name, role | Yes |
| Inferences | Preferences, characteristics | No |
8.3 Sources of Information
We collect personal information from:
- Directly from you
- Automatically through your use of the Service
- From Shopify (with your authorization)
8.4 Business Purposes
We use personal information for the business purposes described in Section 3.
8.5 Sharing and Disclosure
We share personal information with service providers for business purposes as described in Section 4.
8.6 Sale of Personal Information
We do not sell personal information. We do not exchange personal information for monetary or other valuable consideration.
8.7 Your California Rights
As a California resident, you have the right to:
- Know: Request information about the categories and specific pieces of personal information we have collected
- Delete: Request deletion of your personal information
- Correct: Request correction of inaccurate personal information
- Opt-Out: Opt out of the sale or sharing of personal information (not applicable as we do not sell/share)
- Non-Discrimination: Not be discriminated against for exercising your privacy rights
8.8 Submitting Requests
To submit a request, contact us at hello@tryattend.com. You may designate an authorized agent to submit requests on your behalf.
8.9 Verification
We will verify your identity before processing requests. For requests submitted by authorized agents, we may require proof of authorization.
9. European Privacy Rights (GDPR)
9.1 Applicability
This section applies to individuals in the European Economic Area (EEA), United Kingdom, and Switzerland.
9.2 Legal Basis for Processing
We process personal information based on the following legal grounds:
| Purpose | Legal Basis |
|---|---|
| Providing the Service | Contract performance |
| Security and fraud prevention | Legitimate interests |
| Legal compliance | Legal obligation |
| Marketing (with consent) | Consent |
| Service improvement | Legitimate interests |
9.3 Your Rights Under GDPR
You have the right to:
- Access: Obtain confirmation of processing and access to your data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion ("right to be forgotten")
- Restriction: Restrict processing in certain circumstances
- Portability: Receive your data in a structured, machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
- Complaint: Lodge a complaint with a supervisory authority
9.4 Data Protection Officer
We have not appointed a formal Data Protection Officer. For privacy inquiries, please contact hello@tryattend.com.
9.5 Data Processing Agreement
Merchants requiring a Data Processing Agreement (DPA) for GDPR compliance may request one by contacting hello@tryattend.com.
9.6 Supervisory Authority
If you are in the EEA, you have the right to lodge a complaint with your local data protection authority.
10. International Data Transfers
10.1 Transfer Mechanisms
We are based in the United States and process data primarily in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States.
For transfers from the EEA, UK, or Switzerland, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Other valid transfer mechanisms under applicable law
10.2 Data Localization
We do not currently offer data localization options. All data is processed and stored in the United States.
11. Children's Privacy
11.1 Age Restrictions
The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.
11.2 Parental Rights
If you believe we have collected information from a child under 16, please contact us immediately at hello@tryattend.com. We will take steps to delete such information.
13. Third-Party Services
13.1 Links to Third Parties
Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties.
13.2 Shopify
Our Service integrates with Shopify. Your use of Shopify is governed by Shopify's privacy policy. We access Shopify data only as authorized by you and in accordance with Shopify's API terms.
13.3 AI Providers
We use Anthropic's Claude AI to power our Service. Anthropic's privacy practices are governed by their privacy policy. Notably:
- Anthropic does not use API data to train their models
- Conversation data is processed but not retained by Anthropic beyond temporary processing
14. Changes to This Policy
14.1 Updates
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website
- Updating the "Last updated" date
- Sending email notification for significant changes
14.2 Review
We encourage you to review this Privacy Policy periodically to stay informed about our practices.
14.3 Continued Use
Your continued use of the Service after changes to this Privacy Policy constitutes your acceptance of the updated policy.
15. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Web Development Solutions LLC
DBA Attend
Email: hello@tryattend.com
Website: https://tryattend.com
For Data Subject Requests:
Please email hello@tryattend.com with the subject line "Privacy Request" and include:
- Your name and contact information
- The nature of your request
- Any relevant details to help us process your request
We will respond to your inquiry within 30 days.
This Privacy Policy is effective as of the date stated above.