Privacy policy
Vestfold Hall — Privacy Policy
Last updated: July 4, 2026
Vestfold Hall ("Vestfold Hall," "we," "us," or "our") is a managed AI sales-assistant application for Shopify stores, operated by Gilliam Technical Services LLC. This Privacy Policy explains what information the Vestfold Hall app and chat agent ("the Service") collect, how we use and share it, how long we keep it, and the rights available to merchants and their customers.
Note for merchants: This policy describes how we handle data in providing the Service to you. You remain the data controller for your store and your customers, and you are responsible for your own store privacy policy and for obtaining any consents required in your jurisdiction.
1. Who we are
- Service / brand name: Vestfold Hall
- Operator: Gilliam Technical Services LLC ("GTS")
- Contact for privacy inquiries: privacy@vestfoldhall.com
- Mailing address: 142 Eastview Drive #4872, Emerald Isle, NC 28594, USA
If you have questions about this policy or wish to exercise a privacy right, contact us at the email above.
2. What information we collect
We practice data minimization: we request only the data the Service needs to function. Specifically, the app requests the read_products, read_content, read_themes, and read_legal_policies scopes (the last two are read-only: read_themes reads your theme's color settings so you can match the chat widget to your brand and never edits your theme; read_legal_policies reads your published store policies so the assistant can summarize and link them for shoppers). We do not access, request, or store your customers' Shopify account, order, or checkout data through Shopify's APIs.
a. Information from the merchant / store (via Shopify APIs)
- Store domain (e.g.,
your-store.myshopify.com) and store name. - Store contact email (used to route inquiries and reports to you).
-
Product catalog content (
read_products): product title, handle, status, description, price range, variant pricing, product type, and collections. This builds the knowledge base the agent answers from and lets it recognize sales. -
Published store content (
read_content): the titles and text of your blog posts / articles, used as supplementary "opinion-tier" knowledge the agent can summarize and link to (product descriptions always take precedence). Theread_contentscope also nominally grants access to blog-contributor account details (author email, IP, browser/OS); the app does not read, request, or store any of that contributor data — it retrieves only each article's title, body text, and URL. -
Theme color settings (
read_themes): the published theme's color values only, read-only, used solely to offer brand-match swatches in the app. No other theme data is read, and the theme is never modified. -
Published store policies (
read_legal_policies): the text and public URL of your store's refund/return, shipping, privacy, and terms-of-service policies, read-only, so the assistant can give shoppers a faithful summary with a link. These are the merchant's own published legal pages; no customer data is involved.
b. Information from the merchant's customers (shoppers, via the chat widget)
When a shopper interacts with the on-storefront chat widget, we collect:
- The messages the shopper types and the agent's replies (the conversation transcript). This includes messages exchanged during a live chat with a member of the store's team, when the shopper chooses to talk to a person.
- Any contact information a shopper voluntarily provides in the conversation — for example an email address or phone number they choose to share so the store can follow up.
- The shopper's IP address and timestamps, used solely for rate-limiting, abuse prevention, and security.
When a shopper asks for a person, the conversation transcript and any contact details they shared are passed to the merchant so the merchant can respond (by live chat, or by email if no one is available). We retain that hand-off record on the merchant's behalf for a limited period (see §Retention), and live-chat sessions are automatically deleted within 24 hours.
We do not deploy advertising or cross-site tracking cookies. The widget stores the current conversation in your browser's sessionStorage only, so the chat persists as the shopper moves between pages; it is cleared when the browser session ends.
3. How we use information
- Provide the chat agent: answer shopper questions using the store's product catalog.
- Lead capture & human support: when a shopper voluntarily shares contact details or asks for a person, deliver that inquiry (and the conversation) to the merchant, and enable the merchant to respond — by live chat in real time, or by email.
- Intelligence reports (daily, weekly, monthly, and lifetime views): produce aggregated summaries for the merchant (top questions, product interest, unmet demand). These summaries are derived from conversation content and are intended to be aggregated, not to profile individual shoppers.
- Security and abuse prevention: rate-limiting and blocking abusive use.
- Service operation, maintenance, and support.
We do not sell personal information, and we do not "share" personal information for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA).
4. AI processing and subprocessors
To deliver the Service we use the following subprocessors. We share only the data necessary for each to perform its function.
| Subprocessor | Purpose | Data shared |
|---|---|---|
| Anthropic, PBC | Generates the agent's responses (Claude AI models) | Conversation messages and the store's product knowledge base |
| Cloudflare, Inc. | Hosting, edge compute, and key-value storage of the agent and its data | Catalog knowledge base, conversation logs, captured leads |
| Shopify, Inc. | App platform and product catalog source | Store and product data via Shopify APIs |
| Resend | Transactional email delivery (merchant reports and lead alerts) | Merchant email address and report/lead content |
Conversation content sent to Anthropic is processed to generate a reply and is not used to train Anthropic's models under our API terms.
5. Where data is stored and processed
Data is stored and processed on Cloudflare's infrastructure, which operates globally. The Service is operated from the United States. By using the Service, merchants and shoppers understand that data may be processed in the United States and other countries where our subprocessors operate.
6. How long we keep data
- Product catalog knowledge base: kept current; refreshed from the store and replaced on update. Deleted when the app is uninstalled and the retention period elapses.
- Conversation transcripts / logs: automatically expire approximately 30 days after the interaction.
- Live-chat sessions: automatically deleted within 24 hours.
- Support hand-off records (a transcript + shopper-provided contact details, kept so the merchant can respond): retained up to 60 days, or until deleted on request or when the store's data is purged.
- Captured leads (shopper-provided contact details): retained so the merchant can act on them, until deleted on request or until the store's data is purged.
-
Deletion on request: when we receive Shopify's
customers/redactrequest for a shopper, we delete that shopper's captured contact details and their support hand-off transcripts. -
On uninstall: the agent is deactivated immediately. All of the store's data — including catalog, transcripts, leads, support hand-offs, and live-chat sessions — is purged when we receive Shopify's
shop/redactrequest (sent 48 hours after uninstall), or sooner on request.
7. Data subject and consumer rights
Depending on where they live, individuals (including merchants' customers) may have rights to access, correct, delete, or restrict the processing of their personal information, and to not be discriminated against for exercising those rights. This includes rights under the California Consumer Privacy Act (CCPA/CPRA), the Virginia CDPA, the Colorado Privacy Act, and similar U.S. state laws, as well as the EU/UK GDPR where applicable.
How we honor requests:
- We support Shopify's mandatory privacy webhooks: Customer Data Request, Customer Redact, and Shop Redact. When a merchant or Shopify forwards one of these, we respond accordingly — compiling or deleting the relevant data.
- Shoppers and merchants may also contact privacy@vestfoldhall.com directly. We verify and respond to requests within the timeframes required by applicable law.
- If a shopper makes a privacy, access, or deletion request through a store's chat widget, the assistant does not action it directly — it records the request and forwards it to that merchant (and, where relevant, to us) to process under this policy.
Because Vestfold Hall acts as a service provider / processor to the merchant, we will also assist the merchant in responding to requests they receive directly.
8. Security
We protect information using industry-standard measures, including:
- Encryption in transit (HTTPS/TLS) for all data exchange.
- Secret management: API keys and shared secrets are stored as encrypted, write-only secrets and are never exposed to the storefront or to shoppers.
-
Least-privilege access: the app requests only the
read_products,read_content,read_themes, andread_legal_policiesscopes (product catalog, published store content, theme color settings, and published store policies — the last two read-only, for brand-matching the widget and for summarizing/linking your policies) and never accesses customer, order, or checkout data via Shopify. It does not edit your theme, and it does not read or store the blog-contributor personal data thatread_contentnominally exposes. - Abuse and rate-limit controls to protect the Service.
No method of transmission or storage is 100% secure, but we work to protect your information and to notify affected parties of incidents as required by law.
9. Children's privacy
The Service is intended for use by merchants and the general shopping public. It is not directed to children, and we do not knowingly collect personal information from children under the age of 16 (or the age defined by local law).
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by updating the "Last updated" date above and, where appropriate, by notifying merchants. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact
Gilliam Technical Services LLC — Vestfold Hall Privacy inquiries: privacy@vestfoldhall.com Mailing address: 142 Eastview Drive #4872, Emerald Isle, NC 28594, USA