SearchSense

Privacy Policy

Last updated: January 10, 2025

At SearchSense, operated by Testica Iga Małłek, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered search solution for WooCommerce stores. This policy is compliant with the General Data Protection Regulation (GDPR) and Polish data protection laws.

Data Controller:
Testica Iga Małłek
ul. Polna 2, 87-162 Lubicz Górny, Poland
NIP: PL8911577240
REGON: 520588574

1. Information We Collect

1.1 Information You Provide

  • Account information (name, email address, company name)
  • Payment information (processed exclusively through Paddle - we do not store credit card details)
  • WooCommerce store connection details and API credentials
  • Support requests and communications

1.2 Information Collected Automatically

  • Usage data and analytics
  • Search queries and patterns (anonymized)
  • Device and browser information
  • IP addresses and location data

1.3 Product Data from Your Store

  • Products (names, descriptions, SKUs, prices, stock levels)
  • Categories, tags, brands, and attributes
  • Product images and media files
  • Store configuration and metadata

1.4 End-User Data

  • Search queries entered by your customers
  • Anonymized search patterns and usage statistics
  • User behavior data for personalization (only when consent cookie is present)
  • Interaction data with search results and recommendations

Note: Personalization features require your customers' consent. You must specify which cookie indicates consent, and we only track behavior when this cookie is present.

2. Legal Basis for Processing

We process your data based on the following legal grounds:

  • Contract Performance: To provide our services, manage accounts, and process payments
  • Legitimate Interests: To improve our services, ensure security, and analyze usage
  • Consent: For marketing communications and personalization features
  • Legal Obligations: To maintain financial records and comply with laws

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our AI-powered search service
  • Process data with AI to enhance search capabilities
  • Process transactions and manage subscriptions through Paddle
  • Improve search accuracy and relevance using machine learning
  • Provide personalized search results and product recommendations (with consent)
  • Send service updates and important notifications
  • Respond to support requests
  • Analyze search patterns to enhance AI models
  • Comply with legal and regulatory obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

4.1 Service Providers

  • Payment Processing: Paddle (handles all payment transactions)
  • Hosting: Cloud infrastructure in Ashburn, VA, USA
  • Search Infrastructure: Proprietary search technology
  • Analytics: Google Analytics (only with your consent)
  • Email Services: For transactional and marketing emails

4.2 AI Service Providers

  • OpenAI: For AI-powered search capabilities
  • Other AI Providers: We may use additional AI providers in the future to enhance service quality

Product data shared with AI providers is used solely to improve search functionality. All AI providers are bound by strict data processing agreements.

4.3 Other Disclosures

  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit (TLS) and at rest
  • Regular security audits and updates
  • Secure access controls and authentication
  • Secure API communications with rate limiting
  • Regular backups and disaster recovery procedures

5.1 Security Incidents

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify affected customers within 72 hours of discovery
  • Provide details about the nature and scope of the breach
  • Describe measures taken to address the breach
  • Recommend steps you can take to protect yourself

6. Customer as Data Controller

When you use SearchSense to process your end-users' data:

  • You act as the data controller for your end-users' personal data
  • SearchSense acts as your data processor
  • You are responsible for obtaining necessary consents from your users
  • A Data Processing Agreement (DPA) is available upon request
  • You must ensure your privacy policy reflects the use of SearchSense

Important: For personalization features, you must specify which cookie name indicates user consent. We only collect behavior data when this consent cookie is present.

7. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt-out of marketing communications
  • Lodge a complaint with a supervisory authority (in Poland: UODO - Urząd Ochrony Danych Osobowych)

8. Data Retention

We retain different types of data for different periods:

  • Account Data: Duration of service plus 90 days
  • Product Data: Deleted within 30 days of service termination
  • Search Logs: 12 months (anonymized after 3 months)
  • Financial Records: 7 years (legal requirement)
  • Support Communications: 2 years
  • Marketing Preferences: Until you unsubscribe

We may retain anonymized, aggregated data for longer periods for analytics and service improvement.

9. Automated Decision-Making

We use artificial intelligence and machine learning for:

  • Generating semantic search results
  • Ranking products based on relevance
  • Providing personalized recommendations
  • Extracting attributes from natural language queries

These processes do not involve fully automated decision-making with legal or similarly significant effects. You can request human review of AI-generated results by contacting support.

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For detailed information, please see our Cookie Policy.

11. Children's Privacy

Our service is not intended for children under 18 years of age. We do not knowingly collect personal information from children.

12. International Data Transfers

Your data may be transferred internationally:

  • Our primary servers are located in Ashburn, Virginia, USA
  • We use Standard Contractual Clauses (SCCs) for transfers from the EEA to the USA
  • All sub-processors are required to implement appropriate safeguards
  • We monitor regulatory changes and update our practices accordingly

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Testica Iga Małłek
Operating as: SearchSense
ul. Polna 2
87-162 Lubicz Górny, Poland

Contact:
Email: privacy@searchsense.io
Website: searchsense.io

Company Details:
NIP: PL8911577240
REGON: 520588574

Back to Home

We value your privacy

We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user experience and analyze website traffic. By clicking "Accept", you agree to our website's cookie use as described in our Cookie Policy.