Privacy Policy

Last Updated: December 10, 2025

This Privacy Policy explains how HOM.AI PTE. LTD. (“Company”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when individuals (“you”, “users”) use our services.

Our services include:

  • AI SaaS Platform – a multi-modal content generation and orchestration system supporting images, videos, text, code, brand onboarding, PIM, integrations, and automated workflows.
  • Marketplace Content Generation Tool (“Marketplace Content Generation Service”) – a credit-based tool for generating Amazon-specific creative assets, product imagery, A+ content, and text.

This Policy is informed by major global privacy regulations, including the EU General Data Protection Regulation (GDPR), UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), the Singapore PDPA, and other applicable data-protection laws. We are actively working to align our practices with the requirements that apply to our operations and will update our compliance measures as they evolve.

1. Data Controller

Controller: HOM.AI PTE. LTD.
 Registered Address: 20 COLLYER QUAY, #18-03, 20 COLLYER QUAY, SINGAPORE 049319
 Privacy Email: hi@shopos.ai

Depending on how you use the Services, we may act as a data controller or a data processor.

2. Scope of This Privacy Policy

This Policy applies to:

  • Our websites, SDKs, and browser extensions
  • The AI SaaS Platform and Marketplace Content Generation Service
  • Workspaces, Spaces, and APIs
  • Connected third-party integrations
  • Processing of publicly available data for research features

If you operate a Space or connect your own users, you may act as the controller for those interactions.

3. Categories of Personal Data We Collect

A. Account & Identity Data
  • Name, email
  • Password (hashed)
  • Company information
  • Workspace roles
  • Billing-related information
B. Brand & Business Data
  • Brand identity, logos
  • Moodboards, colors, typography
  • Brand guidelines and preferences
  • Target audience and markets
C. Product / PIM Data
  • SKU metadata
  • Titles, descriptions, attributes
  • Images, videos, pricing
D. User-Provided Inputs
  • Prompts
  • URLs
  • Uploaded images, videos, audio, and files
E. Generated Data (Outputs)
  • Generated images, videos, text, code
  • Generation parameters
F. Derived Data (Non-Identifying)
  • Pose/segmentation data
  • Depth or motion vectors
  • Tone or voice features
     These are not used to identify individuals.
G. Usage, Logs & Technical Data
  • IP address, device, browser
  • Workflow logs, API logs
  • Cookies and analytics
H. Integration Data

With authorization:

  • Shopify catalog
  • Amazon listing data
  • Public or social data
I. Payment & Transaction Data

Handled by third-party processors like Stripe.

J. Performance & Behavioral Data

When you enable testing or optimization features, we may process:

  • A/B test performance data
  • Marketplace listing analytics (visibility, ranking, sessions, impressions where available)
  • User interaction signals related to generated creatives
  • Optimization outcomes and scoring metrics

This data is used to evaluate creative effectiveness and guide automated regeneration workflows.

4. How We Collect Personal Data

A. Directly from Users

Account creation, brand onboarding, content uploads, and day-to-day usage.

B. Automatically

Cookies, analytics, performance logs, and device information.

C. Through Third-Party Integrations

Shopify, Amazon, Google/Apple login, etc.

D. From Public Sources

For market research or competitive analysis.

E. From Ecommerce & Marketplace Platforms

When you integrate Shopify, Amazon, or other ecommerce systems, we may access:

  • Catalog and listing data
  • Performance metrics such as impressions, sessions, and conversion rates
  • Optional advertising performance metrics provided by the platform

We do not access end-customer personal data unless explicitly permitted by the integration and approved by you.

5. How We Use Personal Data

A. Service Delivery

Operating the Platform and Marketplace Services; content generation; workspace roles; brand memory.

  • If you enable autonomous workflows, we process performance metrics, analytics, and user-provided business rules to:
  • Run A/B or multivariate creative tests
  • Measure the effectiveness of images, videos, and text
  • Generate improved creatives using AI models
  • Automatically publish or update content on connected platforms (e.g., Amazon, Shopify)

These closed-loop systems may apply automated decision-making to regenerate or replace creative assets.
 Human oversight is incorporated where required.

B. Security & Compliance

Detecting misuse or fraud; monitoring performance; enforcing terms; protecting systems.

C. AI Processing
  • Using Inputs to generate Outputs
  • Improving features using de-identified data
  • Creating workspace-specific preference models
  • Behavioral Learning Signals

In addition to prompts and uploads, we may use de-identified performance signals (e.g., test results, engagement metrics) to improve workspace-specific models and optimization logic. These signals are not used to identify individuals.

D. Analytics & Product Development

Usage insights, feature enhancement, user-experience improvements.

E. Integrations & Publishing

Syncing Shopify/Amazon data and publishing your marketplace content where instructed.

F. Communications

Service-related messages; optional marketing (opt-out available).

G. Payments & Accounting

Subscription management, invoices, compliance with financial regulations.

6. AI-Specific Processing & Model Training

Default Rule

We may use Inputs and Outputs to enhance our models and services. If local laws require it, we will provide an opt-out option.

User-Controlled Training Settings

Users may request exclusion of their Inputs, Outputs, and performance data from model training where required under applicable law. We will provide a mechanism to manage these preferences.

Brand Workspace Learning

Preference models are trained only within your workspace.

Marketplace-Specific Use

Inputs used solely to create your Amazon marketplace assets.

Third-Party AI Providers
  • Data transmitted securely
  • Providers restricted from training on your data
Human Review

Limited manual review for:

  • Quality assurance
  • Abuse prevention
  • Troubleshooting
Automated Decision-Making Disclosure

Some features, including autonomous optimization loops, involve automated processing to generate or replace creative assets. These processes primarily affect creative content and do not produce legal or similarly significant effects on individuals.

7. How We Share Personal Data

A. Service Providers

Cloud hosting, generative AI vendors, analytics providers, support platforms, email delivery services.

B. Payment Providers

Stripe and similar processors.

C. Connected Integrations

Only when authorized by you: Shopify, Amazon, Google/Apple login.

D. Third-Party AI Providers

Used for content-generation features.

E. Legal Authorities

Where required to comply with laws or protect rights.

F. Business Transfers

In mergers, acquisitions, or financing events.

G. Other Users (If You Choose)

Shared workspaces or publicly shared outputs.

Ecommerce & Marketplace Platforms

With your authorization, we may share generated outputs or updated listings with platforms such as Shopify or Amazon. We only do so for the purpose of publishing or updating content. We do not share end-customer personal data. We do not sell personal data.

8. Cookies, Tracking & Advertising

Used for authentication, user preferences, analytics, and optional advertising (with consent where required).

You may manage cookies via browser settings or our cookie banner.

We may use analytics tools such as Google Analytics, session-replay tools, and advertising pixels (where permitted) to understand usage patterns and evaluate creative effectiveness. Specific tools used may vary over time and will be disclosed in our Cookie Notice.

9. Data Retention

We retain personal data for as long as necessary to provide the Services, fulfill the purposes described in this Privacy Policy, comply with legal or regulatory obligations, resolve disputes, enforce agreements, and support business operations.

Because our data-retention schedules are still being finalized, specific retention periods may vary depending on the type of data and how the Services are used. Once our formal data-retention policy is established, we will update this section to reflect the applicable retention periods.

10. International Data Transfers

We may process or store personal data in Singapore or in other countries where we or our service providers operate, and these locations may have data-protection laws that differ from those in your jurisdiction. Where required, we will implement appropriate safeguards for international data transfers, such as contractual protections or other measures permitted under applicable law. As our infrastructure and vendor relationships evolve, we will update this section to reflect the transfer mechanisms we use.

11. Your Rights

Your privacy rights depend on the data-protection laws that apply to your location. We will honor the rights that apply to you under relevant laws, which may include rights relating to accessing, correcting, deleting, or managing your personal data.

As our compliance program evolves, we will update this section to reflect the processes and rights supported under applicable laws.

Rights Related to Automated Processing

In regions where applicable, you may request:

  • Information about the logic involved in automated creative optimization
  • Human review of decisions where legally required
  • Opting out of certain automated processing activities

12. Children’s Privacy

The Services are not intended for individuals under 18.
 We do not knowingly collect data from children.

13. Security Measures

We use:

  • Encryption in transit and at rest
  • Role-based access control
  • Audit logs and monitoring
  • Routine security assessments

14. Regional Notices

Our privacy practices are informed by the requirements of major global data-protection laws. As our compliance program continues to mature, we may update this section and publish region-specific notices where required by law. This section will be expanded as we formalize additional compliance measures.

Marketplace Compliance

For users integrating Amazon, Shopify, or similar services, we comply with applicable platform data policies and only access scopes required for creative generation, testing, and publishing. We do not access or store end-customer PII unless explicitly granted via the integration.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify users by posting the updated Policy and providing a notice within the Services or by another appropriate method. The updated Policy will be effective as of the date listed at the top.

16. Contact Us

For privacy inquiries or rights requests 📧 hi@shopos.ai