Privacy Policy

RagTether (“RagTether,” “we,” “us,” or “our”) provides an AI-powered customer support platform for ecommerce businesses. Our service includes catalog sync, retrieval-augmented generation (RAG) pipelines, an embeddable chat widget, messaging channels such as email and WhatsApp, and a control plane dashboard for merchants and their teams.

This Privacy Policy explains how we handle personal information when you visit our website, create an account, subscribe to a plan, or use the RagTether platform. It also describes how we process data on behalf of merchants when their customers interact with AI support powered by RagTether.

The data we collect depends on how you interact with RagTether — as a merchant account holder, team member, website visitor, or end customer of a store using our chat widget.

• Account and profile data: name, email address, password or authentication credentials, organization name, billing contact details, and team role assignments.
• Billing and subscription data: plan tier, payment method details processed by our payment provider, invoices, tax information, and transaction history.
• Store and catalog data: product listings, inventory, pricing, order metadata, and other information synced from connected platforms such as Shopify, Wix, BigCommerce, WordPress, WooCommerce, and similar integrations you authorize.
• Knowledge base content: documents, images, text files, policies, FAQs, and other materials you upload to train or ground AI responses.
• Conversation data: messages exchanged through the chat widget, email, WhatsApp, Instagram, or other enabled channels; CSAT ratings; escalation and handoff records; and AI verification logs.
• Usage and analytics data: feature usage, conversation volume, deflection rates, dashboard interactions, API calls, webhook events, and support requests.
• Technical data: IP address, browser type, device identifiers, operating system, referral URLs, log files, and error reports.
• Marketing data: email address and preferences if you join our waitlist, subscribe to our newsletter, or request product updates.

We use personal information to provide, maintain, and improve RagTether, including syncing your catalog, running RAG pipelines, generating and verifying AI responses, enabling human takeover, and displaying analytics in your dashboard.

We also use data to process subscriptions, send service-related notices, respond to support requests, detect abuse or security incidents, comply with legal obligations, and — where permitted — send product updates or marketing communications you can opt out of at any time.

When you use RagTether to support your customers, we process end-customer conversation content on your behalf as a data processor. You remain responsible for determining the lawful basis for collecting and using your customers’ data and for providing appropriate notices to them.

Where applicable data protection laws require a legal basis, we rely on one or more of the following:

• Contract: to create and manage your account, deliver the service you subscribed to, and process payments.
• Legitimate interests: to secure our platform, prevent fraud, improve product performance, and communicate about service changes — balanced against your rights.
• Consent: for optional marketing emails, non-essential cookies, and certain integrations you explicitly enable.
• Legal obligation: to retain records required by tax, accounting, or regulatory requirements.

RagTether uses automated systems, including large language models, to interpret customer questions, retrieve relevant catalog and knowledge-base content, draft replies, and run verification checks before responses are sent.

AI outputs are assistive and may not always be correct. Merchants should configure handoff rules, review conversations in the live dashboard, and not rely on automated replies as the sole basis for legal, medical, financial, or safety-critical decisions.

We do not use your private store data or uploaded knowledge to train public foundation models unless you explicitly opt in to a feature that states otherwise.

We do not sell personal information. We share data only as needed to operate RagTether:

• Infrastructure and hosting providers that store and process data securely.
• Payment processors that handle subscription billing.
• AI and embedding providers used to generate and verify responses, subject to contractual confidentiality and data-use restrictions.
• Integration partners (e.g., ecommerce platforms and messaging providers) when you connect those services.
• Professional advisers, auditors, or authorities when required by law or to protect rights and safety.
• Successor entities in connection with a merger, acquisition, or asset sale, with notice where required by law.

We retain account and billing records for as long as your subscription is active and for a reasonable period afterward to comply with legal, tax, and dispute-resolution requirements.

Conversation logs and analytics are retained according to your plan settings and our default retention schedule, after which they are deleted or anonymized unless we must keep them longer for legal reasons.

You may request deletion of your account data subject to exceptions for data we are required or permitted to retain. Merchants can configure retention for end-customer conversations where plan features allow.

We implement administrative, technical, and organizational measures designed to protect personal information, including encryption in transit, access controls, and monitoring. No method of transmission or storage is completely secure; please use strong credentials and limit team access appropriately.

Enterprise customers may request additional security documentation, including information about SSO/SAML, audit logs, and data residency options where available.

RagTether may process and store information in countries other than where you or your customers are located. Where required, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms to protect cross-border transfers.

Depending on your location, you may have rights to access, correct, delete, restrict, or port personal information, and to object to or withdraw consent for certain processing. You may also lodge a complaint with a supervisory authority.

To exercise these rights, contact us at support@ragtether.com. We will respond within the timeframe required by applicable law, typically within 30 days. Merchants should direct end-customer privacy requests relating to store conversations to us only when acting as their processor, or handle them directly when they are the controller.

You can manage marketing preferences via unsubscribe links in our emails. For cookie choices on our website, see our Cookie Policy.

RagTether is a business service not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will take appropriate steps to delete it.

We use cookies and similar technologies on our marketing site and control plane. Details about cookie categories, purposes, and how to manage preferences are in our Cookie Policy.

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and revise the “Last updated” date. Continued use of RagTether after changes become effective constitutes acceptance of the updated policy where permitted by law.

Questions about this Privacy Policy or our data practices can be sent to support@ragtether.com. For data protection inquiries, include “Privacy” in the subject line and describe your request with enough detail for us to verify your identity.