Privacy Policy — Talia
Last updated: 4 June 2026
This Privacy Policy explains how Khawatmi ("Talia", "we", "us") collects, uses, and protects information when a merchant installs and uses the Talia — AI SEO Autopilot app ("the App") on their Shopify store.
Data controller: Khawatmi, Ringlerstr. 16, 85057 Ingolstadt, Germany.
Contact: support@khawatmi.de
1. What the App does
Talia automatically generates and updates SEO content (product titles, meta descriptions, product descriptions, and image alt text) for a merchant's Shopify products using AI.
2. Information we collect
We only collect what's needed to provide the service:
- Store information: your
myshopify.comdomain, shop name, and the store contact email (welcome email and support). - Product content: product titles, descriptions, and image URLs we read from your store to generate optimized SEO copy and alt text.
- Generated content & history: the AI-generated copy and a before/after log of changes, so you can review, restore, and audit them.
- Usage & billing data: monthly optimization counts and your subscription plan (via Shopify Billing — we never see or store card details).
We do not collect or store your customers' personal data. The
mandatory Shopify privacy webhooks (customers/data_request,
customers/redact, shop/redact) are implemented; because we
hold no customer PII, there is nothing to return or erase at the customer level, and
we erase all shop-level data on shop/redact.
3. How we use the information
- To generate and apply SEO content to your products.
- To show you review queues, history, scoring, and usage.
- To send a one-time welcome email and respond to support requests.
- To enforce plan quotas and prevent abuse.
Legal basis (GDPR): performance of our contract with you (providing the App) and our legitimate interest in operating and securing the service.
4. Sub-processors / third parties
| Provider | Purpose | Data shared |
|---|---|---|
| Shopify | Store / app platform | Store & product data |
| OpenAI | AI generation of SEO copy & alt text | Product titles, descriptions, image URLs |
| Fly.io (Frankfurt, EU) | App hosting (compute) | All App data, in transit / processing |
| Supabase (EU region) | Database hosting | All App data listed above |
| Resend | Sending the welcome/support email | Store contact email, shop name |
OpenAI: product content is sent to the OpenAI API to generate copy. Per OpenAI's API data-usage policy, data submitted via the API is not used to train their models.
International transfers: OpenAI and Resend process data in the United States. Where applicable, transfers rely on the providers' Standard Contractual Clauses / Data Processing Agreements.
5. Data retention
- Optimization history: merchant-configurable (default 90 days; options 7/30/90/180), then automatically deleted.
- Bulk-run records: default 30 days.
- All shop data is erased when you uninstall the App (via the
shop/redactwebhook).
6. Security
Data is transmitted over TLS and stored on access-controlled infrastructure. Access tokens and API keys are stored as encrypted secrets and never logged.
7. Your rights
Depending on your jurisdiction (e.g. GDPR), you may have the right to access, correct, export, or delete your data. Contact us at support@khawatmi.de. You can also delete all data we hold by uninstalling the App.
8. Changes to this policy
We may update this policy; the "Last updated" date will change accordingly. Material changes will be communicated through the App or by email.
9. Contact
Questions about this policy or your data: support@khawatmi.de.