Privacy Policy

DijiPilot Privacy Policy

Last updated: November 5, 2025

This Privacy Policy explains how DijiPilot (“we”, “us”, “our”) collects, uses, protects, and shares your information when you use dijipilot.com and our services. It sits alongside our Cookie Policy, Refund Policy, and Delivery Policy.

In short: We do not resell your data. We use your information only to set up and support your store and related services. We don’t store your full credit-card details. Anything we keep is encrypted. You can ask us to delete your data at any time (see “Your Rights”).

1) Who We Are & Roles

For dijipilot.com and our client onboarding/support, DijiPilot is the Data Controller of your information. When we help you run your own store and process your customers’ data inside platforms like Shopify, we act as your Data Processor and follow your instructions.

Controller: Ninu Limited (trading as “DijiPilot”), London, United Kingdom. Contact: support@dijipilot.com.

2) What We Collect

Contact details (name, email, phone) and business info (company name, country, billing details).
Account setup details needed to open/verify third-party accounts (e.g., platform usernames, IDs, permissions). Some providers may require KYC (e.g., ID photo, proof of address); we only request what’s needed.
Project inputs (Brand Questionnaire answers, logos, images, copy you provide).
Support records (tickets, messages, notes to resolve issues).
Technical data (IP, device/browser, basic analytics and error logs). See our Cookie Policy.
Store credentials we create for you (temporary; see “Passwords & Credentials”).

We do not keep full payment card numbers or CVV. Payments are handled by providers like Stripe and PayPal.

3) How We Use Your Information

To create and deliver your store, products, and integrations you request.
To help open/verify third-party accounts (where permitted) or guide you through it.
To provide customer support and maintenance.
To communicate about your project, invoices, service updates, and important notices.
To improve our services (e.g., usage analytics, error troubleshooting).
To comply with law, prevent fraud, and enforce our terms if needed.
We may send service and account emails (essential). We only send marketing emails if you’ve opted in or where allowed by law. You can opt out anytime via “unsubscribe” or by emailing support@dijipilot.com

4) What We NEVER Do

No resale of personal data.
No use of your data for unrelated advertising.
No storing of full payment card data. Our processors handle it.
No training external AI models on your personal data.

5) Legal Bases (EEA/UK)

Contract: to deliver what you purchased.
Legitimate interests: service safety, improvement, basic analytics, fraud prevention.
Consent: optional marketing or where required (you can withdraw anytime).
Legal obligation: tax, accounting, compliance.

6) Sharing Your Information

Service providers (hosting, email, ticketing, analytics, secure file storage). They only use data to provide their services to us and are bound by contracts.
Platforms you choose (Shopify, Google, Meta, Printify/Printful, Stripe/PayPal, marketplaces). We share only what’s needed to connect your accounts—often under your direct admin/collaborator invites.
Legal & safety (to comply with law, enforce terms, or protect rights).
Business changes (merger/acquisition) with notice and safeguards.

7) International Transfers

We are UK-based and may use trusted providers in the UK, EEA, US, or elsewhere. When required, we use protections like the UK/EU Standard Contractual Clauses or adequacy decisions.

8) Retention

Account & project data: kept while you are a customer and up to 24 months after the last activity, unless you ask us to delete sooner.
Support tickets/logs: typically 12–24 months.
KYC/verification docs (if provided): up to 24 months or as required by the platform/law, then deleted.
Invoices & tax records: up to 6 years (legal requirement).
Backups: rotate on rolling cycles (typically 30–90 days).

9) Security

Encryption: data encrypted at rest and in transit.
Access controls: least-privilege staff access; mandatory 2FA on core systems.
Credential handling: one-time secret links or platform invites (no plain-text emails).
Monitoring: audit logs and alerts on key systems.
Incident response: if a breach affects you, we will notify you without undue delay and, where required, regulators within applicable timelines.

10) Passwords & Credentials

If we create passwords or API keys for you during setup, they are handed over securely at handover. You should change all passwords immediately after handover. We do not retain working copies of your passwords beyond what is necessary to complete the setup. If we need temporary access later, we’ll ask for a new time-limited invite.

11) Payments

We do not store full card numbers or CVV. Payments are processed by providers like Stripe and PayPal under their own terms and privacy policies. We may receive limited info (e.g., last 4 digits, expiry month/year, billing postal code, payment status) for receipts, fraud prevention, and support.

12) AI Features (how we use them)

Our build process uses AI to generate copy/design concepts based on what you provide. We use AI providers under strict agreements. We do not allow your personal data to be used to train third-party models for their own purposes. AI outputs are reviewed and editable by you.

13) Your Store’s Customers & Policies (we act as your Processor)

You are the Data Controller for your store and your shoppers’ data. We process that data only to help run your store (e.g., setup, troubleshooting, integrations) and only on your instructions. If you need a Data Processing Addendum (DPA), contact us at support@dijipilot.com.

To help you get started, we generate standard legal policy templates (like a Privacy Policy, Refund Policy, etc.) for your store. These are a starting point. It is your sole responsibility to review, read, and adapt these policies to ensure they are accurate and compliant with all laws in your region (such as GDPR, CCPA, etc.). We are not a law firm, and these templates are not legal advice.

Need help understanding these policies? Visit the Academy:

Academy: Generating Your Legal Policy Pages → Academy: What are Core Policies & Notices? →

14) Your Data Rights & How to Exercise Them

You have control over your personal information. Below is a guide on how to exercise your rights. For all requests, please email us at support@dijipilot.com from the email address associated with your DijiPilot account so we can verify your identity.

How to Request a Copy of Your Data (Right to Access)

You have the right to request a copy of the personal information we hold about you.

How: Send an email to support@dijipilot.com with the subject line "Data Access Request".
What happens: After verifying your identity, we will compile and securely send you a copy of the personal data we have on file for your account, such as your project inputs and support history.

How to Request Deletion of Your Data (Right to Erasure)

You have the right to request that we delete your personal information.

How: Send an email to support@dijipilot.com with the subject line "Data Deletion Request".
What happens: After verifying your identity, we will permanently delete all personal information from our live systems that we are not legally required to keep.

Important Consequences of Deletion

If you request deletion, please be aware:

Loss of Support: We will no longer have any record of your project, settings, or past conversations. This means we will be permanently unable to provide you with technical support for the store we built.
Data We Must Keep: We cannot delete certain information that we are legally required to retain, such as tax invoices and records of your purchase for financial auditing (as mentioned in Section 8).
Backup Archives: Your data may remain in secure, time-limited backup archives (e.g., for 30-90 days) until it is automatically purged. It will not be used in our live systems.
Timeline: We aim to respond within 30 days (EEA/UK) or 45 days (California), extendable as permitted by law.

Other Rights

Depending on your location, you may also have the right to:

Correct: Ask us to correct any inaccurate or incomplete information.
Object/Restrict: Object to or request that we restrict certain processing of your data.
Withdraw Consent: Withdraw your consent at any time for any processing that is based on consent.
Complain: You have the right to complain to your local data protection authority (such as the UK ICO for UK/EEA residents).
California (CCPA/CPRA): We do not "sell" or "share" personal information. You have the right to know, delete, correct, and not be discriminated against.

15) Cookies & Similar tech

See our Cookie Policy for details and controls. If your browser sends a “Do Not Track” signal, note there isn’t a common standard yet; use our cookie banner or browser settings to manage preferences.

16) Children

Our services are not aimed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child provided personal data, contact us and we will delete it.

17) Changes to This Policy

We may update this policy from time to time. We’ll change the “Last updated” date and, if changes are material, we’ll notify you by email or in your Customer Panel.

18) Contact Us

Privacy questions or requests: support@dijipilot.com
General support: support@dijipilot.com

info@dijipilot.com

About Us

DijiPilot builds ready-to-sell Shopify stores for print-on-demand products like t-shirts, mugs, and posters. Choose from 1100+ products. No coding, no inventory. Just pick your style, and we handle design, SEO, ads, and automation for you.

Information Blogs Privacy Policy Terms and Conditions Delivery Policy Refund Policy Cookie Policy Sitemap Your Privacy Choices

California Consumer Privacy Act (CCPA) Opt-Out Icon

Help / Support Track Your Order FAQ (Questions & Answers) DijiPilot Academy Usage Guides

Our Company About Us Our Products Our References Our Partners Become Our Partner Our Reviews Contact Us