SevenKnots

Privacy Policy

Last updated: April 7, 2026

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, password (stored as a hash), store name, store type, country, preferred currency, and language preference.

Store Data

To power the AI assistants and dashboard, we store and process data you provide or sync from your existing systems, including product catalogs, pricing, inventory levels, orders, customer records, supplier information, and staff details.

Usage Analytics

We collect usage data to improve the Service, including AI conversation logs, feature usage patterns, API request volumes, login activity, and performance metrics. This data is associated with your tenant account and is never shared with other tenants.

2. How We Use Your Data

  • AI Processing: Your store data is used to build context for the Customer AI and Admin AI assistants, enabling them to provide accurate, store-specific responses about your products, inventory, and business metrics.
  • Analytics & Insights: We generate analytics snapshots and AI-powered summaries from your operational data to provide business intelligence through the admin dashboard.
  • Service Improvement: Aggregated, anonymized usage patterns help us improve AI accuracy, platform performance, and feature development.
  • Communication: We use your email address to send transactional emails (account verification, password resets, subscription confirmations, payment notifications) and product updates. You can opt out of non-essential communications at any time.

3. Data Storage & Security

All data is stored on Supabase infrastructure hosted in Frankfurt, Germany (EU). Data is encrypted at rest and in transit using industry-standard encryption protocols. We implement row-level security (RLS) to ensure strict tenant isolation — your data is never accessible to other tenants.

Additional security measures include JWT-based authentication, API rate limiting, input validation on all endpoints, and comprehensive audit logging of administrative actions.

4. Third-Party Services

We use the following third-party services to operate the platform:

  • Anthropic Claude — AI language models (Haiku, Sonnet, Opus) power the Customer AI and Admin AI assistants. Your store data is sent to Anthropic's API for processing. Anthropic does not use your data to train their models. See Anthropic's Privacy Policy.
  • Stripe — Payment processing for subscriptions. Stripe handles all payment card data; we never store your full card number. See Stripe's Privacy Policy.
  • Resend — Transactional email delivery for account notifications, alerts, and reports. See Resend's Privacy Policy.
  • Vercel — Application hosting and edge delivery. See Vercel's Privacy Policy.

5. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription, your data is preserved for 30 days to allow for reactivation or export. After 30 days, your data may be permanently deleted.

AI conversation logs are retained for 90 days for service quality purposes and then automatically purged. Analytics snapshots are retained for the duration of your subscription.

6. Your Rights

You have the right to:

  • Access: Request a copy of all personal data we hold about you and your tenant.
  • Delete: Request deletion of your account and all associated data. We will process deletion requests within 30 days.
  • Export: Export your data (products, orders, customers, analytics) in standard formats (CSV, JSON) at any time through the dashboard or by contacting support.
  • Rectify: Update or correct your personal information through the dashboard settings.
  • Restrict: Request that we limit processing of your data in certain circumstances.
  • Object: Object to processing of your data for specific purposes, such as marketing communications.

7. Cookies

We use essential cookies to maintain your authentication session and remember your preferences. These cookies are strictly necessary for the Service to function and cannot be disabled.

We do not use third-party tracking cookies or advertising cookies. No data is shared with advertising networks.

8. Children's Privacy

The Service is intended for business use and is not directed at individuals under the age of 16. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the platform. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at info@sevenknots.co.

Terms of Service·Back to Login