Skip to content
Home » Legal Information » Privacy Policy

ai-owl.com Privacy Policy

Last Updated: 2-23-2025

This Privacy Policy explains how ai-owl.com (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you visit or interact with our website (ai-owl.com) or use our services (collectively, the “Services”).

This Privacy Policy is intended to comply with applicable data protection laws, including the California Consumer Privacy Act (“CCPA”) and the General Data Protection Regulation (“GDPR”).

1. Information We Collect  

We may collect the following categories of personal information:  

  • Identifiers: Names, addresses, phone numbers, email addresses, unique personal identifiers, online identifiers, IP addresses, device or other unique identifiers.
  • Commercial Information: Records of products or services purchased or considered, and other purchasing or consuming histories.
  • Internet or Other Electronic Network Activity Information: Browsing history, search history, and information regarding a consumer’s interaction with our website, or advertisement.   
  • YouTube Videos: We may embed YouTube videos on our website for informational or entertainment purposes. YouTube is a service provided by Google. When you interact with embedded YouTube videos, Google may collect information about your viewing activity, including your IP address, browser type, device information, and interactions with the video (e.g., likes, comments, watch time). Google’s collection and processing of this data are governed by Google’s Privacy Policy, which you can review here: https://policies.google.com/privacy?hl=en-us By viewing embedded YouTube videos on our site, you consent to Google’s collection and processing of your data as described in their privacy policy. We do not have control over Google’s data collection practices.

2. How We Collect Information

We collect personal information directly from you when you:

  • Provide information on our website, such as when you create an account, place an order, contact us, or fill out a form.
  • Interact with our customer support team.
  • Participate in surveys, contests, or other promotions.

We may also collect information automatically through:

  • Cookies and Similar Technologies: Cookies and similar technologies (Google Tags, Meta Pixel) to collect information about your browsing behavior, such as your IP address, browser type, operating system, referring URLs, pages visited, and time spent on pages.
  • We use Complianz to manage our website’s cookie policy and compliance with relevant regulations (e.g., GDPR, CCPA). Complianz helps us inform you about the cookies we use, obtain your consent to their use, and provide you with control over your cookie preferences. For detailed information about our cookie usage, please visit our Cookie Policy, which is managed by Complianz: https://ai-owl.com/cookie-policy-eu/. This Cookie Policy provides information about the types of cookies we use, their purpose, and how you can manage your cookie preferences.
  • Log Files: We may collect information that your browser sends whenever you visit our website, such as your IP address, browser type, operating system, referring/exit pages, and date/time stamps.

3. How We Use Your Information

We may use your personal information for the following purposes:

  • To provide and improve our Services: To process orders, deliver products, provide customer support, and improve our website and services.  
  • To communicate with you: To send you order confirmations, shipping updates, promotional offers, and other important notices.
  • To personalize your experience: To tailor our services to your interests and preferences.
  • To analyze website traffic and usage: To understand how visitors use our website and to improve its functionality.
  • To comply with legal obligations: To comply with applicable laws and regulations, such as tax laws and anti-money laundering regulations.
  • To protect our rights and interests: To prevent fraud, investigate suspicious activity, and enforce our Terms of Service.
  • For marketing purposes: To send you marketing communications, such as newsletters, promotional emails, and targeted advertisements. You can opt-out of receiving marketing communications at any time by following the instructions in the communication or by contacting us.  

4. Sharing Your Information

We may share your personal information with the following third parties:

  • Service Providers: We may share your information with third-party service providers who assist us in providing our Services, such as payment processors, shipping carriers, and marketing platforms.  
  • Business Partners: We may share your information with business partners for joint marketing or promotional purposes.
  • Legal and Safety: We may disclose your information to law enforcement or other authorities as required by law or when we believe it is necessary to protect our rights, safety, or the safety of others.
  • Business Transfers: We may disclose your information in connection with a merger, acquisition, or sale of all or a portion of our assets.  

5. Print-on-Demand Order Fulfillment

We partner with Printful to fulfill our print-on-demand orders. When you place an order for a product that is fulfilled through Printful, we share certain information with them to enable order processing and delivery. This information includes:

  • Personal Information: Your name, shipping address, email address, and phone number.
  • Order Information: Details about the products you ordered, including sizes, colors, designs, and any customization requests.

Printful acts as a data processor on our behalf, and they are contractually obligated to protect your personal information. They will only use your information for the purposes of fulfilling your order and as otherwise described in their own privacy policy. We encourage you to review Printful’s privacy policy https://www.printful.com/policies/privacy to understand how they handle your data.

Data Retention: We retain your order information for [duration, e.g., as long as necessary to fulfill your order and for any applicable legal obligations]. Printful may also retain your information according to their own data retention policies.

Your Rights: [Refer to Section 9 of this policy ]. To exercise these rights in relation to data held by Printful, you may also need to contact them directly.

Contact Information: If you have any questions about our data sharing practices with Printful, please contact us at [email protected].

6. Payment Processing

We offer a variety of payment options through our WooCommerce store, including credit cards, debit cards, Apple Pay, Google Pay, WooPay, and Stripe. All payment processing is handled securely by our third-party payment processor, Stripe. Regardless of the payment method you choose, we prioritize the security of your payment information.

Stripe (including WooCommerce Payments):

We use Stripe, a leading third-party payment processor, to securely handle credit and debit card transactions on our website. This includes transactions made through WooCommerce Payments, which is powered by Stripe.

When you pay with a credit or debit card, you provide your payment information directly to Stripe. This includes your card number, expiration date, CVV, billing address, and name as it appears on the card. Stripe may also collect your email address and phone number for transaction confirmations and updates. We do not collect or store your full credit card details or other sensitive payment information on our servers.

Stripe, a PCI DSS Service Provider Level 1 certified company, automatically tokenizes your payment card information. This means that your actual card number is replaced with a unique, randomly generated token, which is used for processing the transaction. This enhances security by ensuring that sensitive card details are not transmitted or stored by us. Stripe uses this tokenized information solely for processing your payments, fulfilling your orders, and preventing fraudulent activities. Stripe handles your payment information in accordance with their strict security standards and privacy policy, which can be found here: https://stripe.com/privacy.

To complete and verify your transaction, we collect your billing address and name as it appears on the card. We may also collect your email address and phone number for order confirmations, shipping updates, and customer service purposes.

While we do not handle your sensitive payment information directly, we may receive and store limited transaction details from Stripe, such as the date, amount, items purchased, and chosen payment method. These records do not include your full credit card number, CVV, or other sensitive payment credentials.

Security Measures:

We utilize Secure Socket Layer (SSL) encryption (HTTPS) to protect the transmission of data during the checkout process. We maintain secure systems and follow industry best practices for integrating payment gateways, including WooCommerce Payments and PayPal, to ensure the security of your payment information as it is transmitted to the respective processors.

If you have any questions about our payment processing practices, please contact us at [email protected].

7. Data Retention

Transaction Data Retention:

We retain transaction details related to your purchases for 5 years. This information includes the date of the transaction, the amount charged, and the items purchased. This data is necessary for California State tax compliance, accounting purposes, dispute resolution, and customer service inquiries. These records do not include your full credit card number, CVV, or other sensitive payment credentials.

Non-Transaction Data Retention:

This policy outlines how ai-owl.com (“we,” “us,” or “our”) retains personal data that is not directly related to transactions (e.g., purchases). This policy applies to data collected for marketing purposes, such as newsletter subscriptions, contact form submissions, event registrations, and general inquiries.

We retain personal data for as long as an individual remains a subscriber, customer, actively engaged with our services, or until they withdraw their consent or request deletion of their data.

Specific Data Retention Principles:

  • Active Subscribers/Customers: We retain data for the duration of the subscription or customer relationship. Upon cancellation or termination, we will retain the data for a reasonable period of three (3) months for administrative purposes, such as record-keeping, analyzing past campaign performance, and complying with potential legal obligations related to marketing activities. The specific retention period after cancellation/termination may be adjusted based on the nature of the data and applicable legal requirements.
  • Inactive Subscribers/Customers: If a subscriber becomes inactive (e.g., no interaction with emails, website visits, or other defined engagement metrics like opening emails or clicking links for three (3) Months, we will consider them inactive. Before deleting their data, we will make reasonable efforts to contact inactive subscribers via email to confirm their continued interest. If we do not receive a response within thirty (30) days, we will either anonymize their data or delete it entirely. Anonymization involves removing personally identifiable information so that the data can no longer be associated with an individual. We may retain anonymized, aggregated data for statistical and analytical purposes.
  • Unsubscribes and Data Retention: If a subscriber unsubscribes from our marketing communications, we will promptly remove their email address and other related contact information from our marketing lists and systems. We will retain records of the unsubscribe itself to ensure compliance with marketing regulations and prevent future marketing to that individual. However, if the subscriber has also engaged in transactions with our business (e.g., made purchases), we will retain transaction-related data for legal and accounting purposes, such as tax compliance. This transaction data will be kept separate from marketing data and will only be used for the limited purposes of fulfilling legal obligations. We will only retain transaction data for the period required by applicable tax laws and regulations.
  • Legal Requirements: We may retain data for longer periods if required by law, legal obligations (e.g., legal disputes), or to establish, exercise, or defend legal claims.
  • Data Subject Requests: We will promptly comply with requests from individuals to access, rectify, or erase their personal data, subject to applicable data privacy laws and regulations. Please see our [link to Data Subject Rights policy or section] for details on how to exercise these rights, including how to withdraw consent.
  • Data Minimization: We strive to collect and retain only the minimum amount of personal data necessary for the specified purposes.
  • Purpose Limitation: We will only use retained data for the purposes for which it was collected, or for compatible purposes with explicit consent.
  • Consent: Where we rely on consent to process data, individuals have the right to withdraw their consent at any time. We will provide clear and easy mechanisms for withdrawing consent in all marketing communications.

8. Data Security

We take reasonable measures to protect your personal information from unauthorized access, use, and disclosure. These measures include firewalls, intrusion detection systems, encryption (HTTPS/SSL/TLS), access controls, and regular security assessments. All communication between your browser and our website, including the transmission of both payment information and other data (e.g., marketing data, form submissions), is secured using HTTPS (SSL/TLS) encryption. However, no method of transmission over the internet or method of electronic storage is completely secure. Therefore, we cannot guarantee the absolute security of any information you transmit to us or store on our systems. We maintain a comprehensive security program designed to protect your data. 

Data Security During Transmission:

We prioritize the security of your payment card information during transmission. Both Stripe and PayPal automatically tokenize your payment information. This means that your actual card number is replaced with a unique, randomly generated token before it is transmitted. This significantly reduces the risk of unauthorized access to your sensitive payment details. We use HTTPS (SSL/TLS) encryption to further protect all data transmitted during the checkout process.

We regularly assess our systems and applications for potential vulnerabilities and implement appropriate security updates. We also have an incident response plan in place to address any potential security breaches or data compromises.

While we do not directly store sensitive cardholder data on our servers, we comply with applicable Payment Card Industry Data Security Standard (PCI DSS) requirements related to the transmission of payment information. We have contracts with our payment processors (Stripe and PayPal) that explicitly require them to adhere to strict security standards, including PCI DSS compliance, for handling and transmitting payment card data. 

Incident Response:

We maintain a comprehensive Incident Response Plan to address security incidents and data breaches. This plan outlines procedures for identifying, containing, eradicating, and recovering from incidents, as well as notifying affected individuals and authorities as required by applicable data privacy laws, including CCPA and GDPR. Our plan is regularly reviewed and updated to ensure its effectiveness and incorporates industry best practices. We also regularly assess our systems for vulnerabilities and conduct post-incident reviews to continuously improve our response procedures.

9. Your Rights

Under the CCPA and GDPR, you have certain rights regarding your personal information, including the right to:

  • Know: Request information about the categories of personal information we collect, use, disclose, and sell.
  • Access: Request access to the specific pieces of personal information we have collected about you.
  • Deletion: Request the deletion of your personal information.
  • Opt-Out: Opt-out of the sale of your personal information.

To exercise these rights, please submit a verifiable consumer request (CCPA) or data subject request (GDPR) to us by:

10. Children’s Privacy

Our Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe that a child under 13 has provided us with personal information, please contact us immediately.  

11. International Data Transfers

Your personal information may be transferred to and processed in countries other than the country in which you reside, including the United States. These countries may have different data protection laws than your country of residence. We will take steps to ensure that your personal information receives an adequate level of protection when transferred internationally.  

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated Privacy Policy on our website.  

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:  

Our Socials

Table of Contents

Index