Privacy policy
AIPI Privacy Policy
Last Updated: September 20, 2025
1. Introduction
A. Scope of This Policy
This Privacy Policy describes how X-ORIGIN-AI, Inc., doing business as AIPI ("AIPI", "we", "us", or "our"), collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from aipi.com (the "Site") or otherwise communicate with us (collectively, the "Services").
For the purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.
B. About Us (The Data Controller)
For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the data controller of your personal information is X-ORIGIN-AI, Inc., registered at 651 N Sepulveda Blvd #2086, BEL AIR, CA, 90049, US.
As the data controller, we are responsible for determining the purposes and means of processing your personal information.
C. Policy Summary
This summary provides a quick overview of our data practices. It does not replace reading the full Policy, which contains more detailed information.
● What We Collect: We collect information you provide (e.g., contact, account, and payment details), information generated automatically when you use our Services (e.g., device and usage data), and information from third parties (e.g., service providers).
● Why We Collect It: We use your information to provide and improve our Services, process your orders, for marketing and advertising, for security and fraud prevention, and to comply with legal obligations.
● Who We Share It With: We may share your information with service providers (like Shopify), business and marketing partners, our affiliates, and in connection with business transactions or legal requirements.
● Your Key Rights: Depending on your location, you have rights including access, correction, and deletion of your personal information, and the right to opt out of certain data sharing and marketing. You can exercise your rights by contacting us as described in this Policy.
2. The Personal Information We Collect
To provide full transparency in line with regulations like the California Consumer Privacy Act (CCPA), this section details the categories of personal information we have collected over the past 12 months, their sources, and the business or commercial purposes for their collection and use.
A. Overview of Your Data
The following table provides a comprehensive view of the personal information we collect, linking it to its sources and our purposes for using it.
| Category of Personal Information (as defined by CCPA) | Examples of What We Collect | Source(s) of Information | Our Business and Commercial Purposes |
| Identifiers | Name, postal address, billing address, email address, phone number, IP address, account username, unique personal or online identifiers (e.g., cookie IDs from partners like Google, Facebook, TikTok). | Directly from you: When you create an account, place an order, subscribe to marketing, or contact customer service. | To provide and manage Services; process orders and payments; marketing and advertising; security and fraud prevention; communicate with you. |
| Automatically: Collected via cookies and similar technologies when you visit our site. | |||
| From third parties: Such as our service provider, Shopify. | |||
| Personal Information categories listed in the California Customer Records statute (Cal.Civ.Code§1798.80(e)) | Name, address, phone number, credit card number, debit card number, or other financial information. | Directly from you: During the checkout and ordering process. | To provide and manage Services; process orders and payments; security and fraud prevention. |
| Commercial Information | Records of products you view, add to cart, add to a wishlist, purchase, return, or exchange; past transaction history; search terms you enter on the site. | Directly from you: When you interact with our website. | To provide and manage Services; personalize your shopping experience; marketing and advertising; analytics and service improvement. |
| Automatically: Logged by our service platform (e.g., Shopify). | |||
| Internet or Other Electronic Network Activity Information | Browsing history, search history, information regarding your interaction with our website or advertisements (e.g., clickstream data, time spent on pages, navigation paths). | Automatically: Via cookies, pixels, and other tracking technologies as you browse our site. | To personalize your shopping experience; marketing and advertising; analytics and service improvement; security and fraud prevention. |
| Geolocation Data | Approximate geolocation (e.g., country or city level) inferred from your IP address. | Automatically: From your device information when you visit our site. | To provide localized content; analytics and service improvement; security and fraud prevention. |
| Audio, electronic, visual, or similar information | We do not actively collect this data, but you may provide it if you contact customer support or leave a product review with images or videos. | Directly from you: In communications or submissions. | To provide and manage Services (e.g., displaying your review or resolving a support ticket). |
| Inferences | Profiles generated from your purchase history, browsing behavior, and preferences to reflect your interests and characteristics for product recommendations and targeted advertising. | Internally generated: By analyzing other categories of personal information we collect (like Commercial Information and Network Activity). | To personalize your shopping experience; marketing and advertising; analytics and service improvement. |
| Sensitive Personal Information | Credit or debit card number and other financial account information; account log-in credentials (username and password). | Directly from you: During checkout or when creating/logging into an account. | To process orders and payments; provide and manage Services; security and fraud prevention. |
B. Detailed Sources of Personal Information
We collect your personal information from three main sources:
● Directly from You: We collect information you provide when you:
○ Create or modify your account, including setting a username and password.
○ Make a purchase, manage shipping addresses, or process a return.
○ Communicate with our customer support team via online chat, email, or contact forms.
○ Subscribe to our marketing newsletters.
● Automatically: We use cookies, pixels, web beacons, and similar technologies to automatically collect certain information when you interact with our Services. This includes your IP address, device type, browser information, and your browsing and clicking behavior on our site.
● From Our Service Providers and Partners: We work with third parties to operate our business and provide the Services. For example, our e-commerce platform is powered by Shopify, which collects and processes information on our behalf. We also receive information from payment processors, data analytics providers, and marketing partners.
3. How and Why We Use Your Personal Information
We process your personal information for the following specific purposes:
● To Provide and Manage Our Services: This includes creating and maintaining your account, processing your payments and orders, arranging for shipping, handling returns, and providing customer support through our online chat and other channels. For instance, when you place an order, we need your contact and address details to fulfill the delivery and your payment information to process the transaction.
● For Marketing, Advertising, and Personalization: We use your information to send you emails or other communications about our products, services, and promotions. We also use your purchase history and website browsing behavior to show you personalized product recommendations and targeted advertisements on our Services and other websites. Our data analysis confirms we share data with advertising partners like Google, Facebook (Meta), and TikTok for these purposes.
● For Analytics and Service Improvement: We analyze how users interact with our Services to understand user preferences, identify trends, diagnose technical problems, and improve the functionality and user experience of our website. This involves analyzing aggregated traffic data and user behavior patterns with tools like Google Analytics.
● For Security and Fraud Prevention: We use your information to verify your account, secure payment transactions, and detect, investigate, and prevent potential fraudulent, illegal, or malicious activity. For example, we use services like Cloudflare and hCaptcha to protect our website from automated attacks and ensure the integrity of user interactions.
● To Comply with Legal Obligations and Exercise Legal Rights: We may need to process your information to comply with applicable laws and regulations, such as responding to valid legal process from law enforcement or government agencies (e.g., subpoenas or court orders), fulfilling tax and accounting obligations, or exercising or defending our legal rights in a legal proceeding.
4. Disclosure and Sharing of Personal Information
In certain circumstances, we may disclose your personal information to third parties for the legitimate purposes described in this Policy. The following are the categories of third parties to whom we disclose personal information, along with the categories of personal information disclosed to them in the past 12 months.
● Our Service Providers and Vendors: These are third-party companies that perform business functions on our behalf. They may only process your information according to our instructions and are contractually obligated to protect its confidentiality and security.
○ Examples:
■ E-commerce Platform: Our website is powered by Shopify, which provides us with core online store functionality, payment processing, and data analytics services.
■ Payment Processors: To process your credit and debit card payments, including Google Pay and Amazon Pay.
■ Logistics and Shipping Partners: To deliver the products you purchase.
■ Customer Support Tools: Such as the online chat feature provided by Shopify.
○ Categories of Personal Information Disclosed: Identifiers, California Customer Records Information, Commercial Information, Internet Activity Information, Sensitive Personal Information.
● Advertising and Marketing Partners: We partner with third parties to show you personalized ads on our website and other platforms. This practice may constitute "sharing" of personal information for cross-context behavioral advertising under the CCPA.
○ Examples: Google, Facebook (Meta), TikTok, ClientGear, and Zbanx.
○ Categories of Personal Information Disclosed: Internet or Other Electronic Network Activity Information (e.g., cookie data, browsing history), Inferences, Identifiers (e.g., IP address and device ID), Commercial Information.
● Analytics Partners: These partners help us measure and analyze traffic and usage trends for our Services.
○ Examples: Google Analytics.
○ Categories of Personal Information Disclosed: Internet or Other Electronic Network Activity Information, Geolocation Data, Identifiers.
● Security and Fraud Prevention Partners: We use third-party services to protect our website from spam and abuse.
○ Examples: Cloudflare and hCaptcha.
○ Categories of Personal Information Disclosed: Internet or Other Electronic Network Activity Information, Identifiers (e.g., IP address).
● Our Affiliates: We may share information within our corporate group for internal administration and reporting.
● Third Parties in a Business Transaction: If AIPI is involved in a business transaction such as a merger, acquisition, or sale of assets, your personal information may be transferred to a successor entity.
● Legal and Law Enforcement Agencies: We may disclose your personal information when we believe in good faith that it is necessary to comply with a legal obligation or respond to valid legal process.
● Third Parties with Your Consent or at Your Direction: When you explicitly direct us or consent to us disclosing your information to a third party.
5. Cookies and Other Online Tracking Technologies
We and our third-party partners use cookies, pixel tags, and similar technologies on our Services to provide functionality, analyze user behavior, and deliver personalized advertising. A cookie is a small text file stored on your device when you visit a website.
A. Types of Cookies We Use
Our website uses several types of cookies, which, in the EU and similar jurisdictions, require your consent before being placed, unless they are "strictly necessary".
| Cookie Category | Purpose Description | Example Cookies and Providers (Based on Detection) |
| Strictly Necessary Cookies | These cookies are essential for the website to function and cannot be switched off. They are usually set in response to actions made by you, such as setting your privacy preferences, logging in, or filling in forms. | _shopify_essential (Shopify), __cf_bm (Cloudflare) |
| Functionality Cookies | These cookies enable the website to provide enhanced functionality and personalization, such as remembering your region or currency preferences. | localization (Shopify), cart_currency (Shopify), test_cookie (DoubleClick/Google) |
| Performance/Analytics Cookies | These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site. | _ga, _ga_TY36MQCRS0 (Google Analytics) |
| Targeting/Advertising Cookies | These cookies are set through our site by our advertising partners to build a profile of your interests and show you relevant advertisements on other sites. They work by uniquely identifying your browser and device. | _fbp (Facebook), _ttp (TikTok), _gcl_au (Google), _shopify_s (Shopify) |
B. Your Choices and How to Manage Cookies
We respect your right to privacy. You can manage your cookie preferences in the following ways:
● Cookie Consent Management Tool: When you first visit our website, you will be presented with a cookie banner where you can accept all cookies or customize your preferences to consent to or reject non-essential cookie categories. You can change your choices at any time via the "Cookie Settings" link in our website footer.
● Browser Settings: Most web browsers allow you to control cookies through their settings. Please note that if you block all cookies (including strictly necessary cookies), you may not be able to access all or parts of our site.
● Global Privacy Control (GPC): For visitors from applicable jurisdictions (like California), we respect and process the Global Privacy Control (GPC) signal. If you visit our site with a GPC-enabled browser or device, we will automatically treat this signal as a valid request to opt out of the "sale" or "sharing" of your personal information.
● Advertising Industry Opt-Out Tools: You may opt out of interest-based advertising from many companies that participate in programs like the Digital Advertising Alliance or the Network Advertising Initiative by visiting their opt-out pages.
6. Data Security and Retention
A. Data Security
We are committed to the security of your personal information. We have implemented appropriate technical, administrative, and physical security measures designed to protect the personal information we collect. These measures include, but are not limited to:
● Using SSL/TLS technology to encrypt data during transmission.
● Implementing strict access controls to ensure that only authorized personnel have access to personal information.
● Regularly conducting security assessments to identify and remediate potential security risks.
While we employ robust security measures, please be aware that no security system is perfect or impenetrable. We cannot guarantee "absolute security." We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
B. Data Retention
The length of time we retain your personal information depends on various factors, including the purpose for which it was collected, our ongoing relationship with you, and our legal and regulatory obligations. Our specific retention periods or criteria are as follows:
● Account Information: We retain your account information for as long as your account is active. If you close your account, we will retain your information for a reasonable period to handle any follow-up matters, after which it will be deleted or anonymized
● Transaction and Order Information: To comply with tax, accounting, and corporate record-keeping requirements, we typically retain transaction-related information for 7 years.
● Customer Support Communications: We retain records of your communications with customer support for a period sufficient to allow us to track and resolve your issue, and for internal training and quality assurance purposes.
● Marketing Information: If you consent to receive marketing communications, we will retain your contact information until you opt-out.
● Cookie Data: The retention periods for cookies vary. Please refer to the specific expiration dates detailed in our cookie management tool.
7. Children's Privacy
Our Services are not directed to children under the age of 16, and we do not knowingly collect any personal information from children in this age group. If you are a parent or guardian and discover that your child has provided us with personal information, please contact us immediately, and we will take steps to delete that information. As required by the CCPA, we hereby state that we do not have actual knowledge that we “sell” or “share” the personal information of consumers under 16 years of age.
8. Third-Party Websites and Links
Our Services may contain links to websites, applications, or other online platforms operated by third parties. If you click on these links and leave our Services, you should review the privacy and security policies of those third parties. This Privacy Policy does not apply to the privacy practices of such third-party sites.
9. Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes, we will post the updated policy on this page and revise the "Last Updated" date at the top. For material changes, we may provide you with additional notice, such as via email or a prominent notice on our website.
10. How to Contact Us
If you have any questions, comments, or concerns about our privacy practices or this Privacy Policy, or if you would like to exercise any of your available rights, please contact us at:
Company Name: X-ORIGIN-AI, Inc.
Email: support@aipi.com
Mailing Address: X-ORIGIN-AI, Inc., Attn: Privacy Office, 651 N Sepulveda Blvd #2086, BEL AIR, CA, 90049, United States
11. Region-Specific Disclosures
A. Notice for Residents of Europe (EEA, UK, and Switzerland)
This section provides additional information for residents of the European Economic Area (EEA), the United Kingdom (UK), and Switzerland.
Legal Basis for Processing
We process your personal information based on the following legal bases under the General Data Protection Regulation (GDPR):
● Performance of a Contract: When we process your information to provide our Services, such as fulfilling your orders or managing your account.
● Your Consent: When you have given us consent to process your information for a specific purpose, such as for sending marketing communications or placing non-essential cookies.
● Legitimate Interests: When we process your information for our legitimate interests, such as for service improvement, security, and fraud prevention, provided that these interests are not overridden by your rights and interests.
● Legal Obligation: When we need to process your personal information to comply with a legal obligation.
Your Rights
You have the following rights under the GDPR:
● Right of Access: The right to obtain access to your personal data.
● Right to Rectification: The right to obtain the rectification of inaccurate personal data.
● Right to Erasure (‘Right to be Forgotten’): The right to obtain the erasure of personal data under certain conditions.
● Right to Restriction of Processing: The right to obtain restriction of processing under certain conditions.
● Right to Data Portability: The right to receive your personal data in a structured, commonly used and machine-readable format.
● Right to Object: The right to object to processing based on legitimate interests.
● Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time.
● Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you.
International Data Transfers
Your personal information will be transferred to, and processed in, countries outside of the EEA, UK, or Switzerland, including the United States, Canada, Singapore, and Australia.
● For transfers to Canada, we rely on the European Commission's adequacy decision.
● For transfers to the United States, Singapore, and Australia, we rely on recognized transfer mechanisms such as the Standard Contractual Clauses (SCCs), and we conduct Transfer Impact Assessments (TIAs) to ensure your data receives an equivalent level of protection.
Data Protection Officer (DPO)
We have appointed a Data Protection Officer to oversee compliance with data protection laws. You may contact our DPO at:
Email: dpo@AIPI.ai
EU/UK Representative
In accordance with Article 27 GDPR and the UK GDPR, we have appointed a representative to act on our behalf in the EEA and the UK. You may contact our Representative at:
[Company/Contact Name], [Address], [Email]
Complaints
If you have a complaint about how we process your personal information, please contact us first. You also have the right to lodge a complaint with your local data protection authority.
B. Notice for California Residents
This section supplements the information contained in our Privacy Policy and applies solely to visitors, users, and others who reside in the State of California. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).
Your California Privacy Rights
You have the following rights under the CCPA/CPRA:
● Right to Know/Access: You have the right to request that we disclose what personal information we collect, use, disclose, and sell or share.
● Right to Delete: You have the right to request the deletion of your personal information, subject to certain exceptions.
● Right to Correct: You have the right to request the correction of inaccurate personal information.
● Right to Opt-Out of Sale / Sharing: We may “share” your personal information with advertising partners for cross-context behavioral advertising. You have the right to direct us not to “sell” or “share” your personal information. You can exercise this right by clicking the “Your Privacy Choices” link on our website footer or by broadcasting the Global Privacy Control (GPC) signal, which we recognize as a valid request to opt out.
● Right to Limit Use and Disclosure of Sensitive Personal Information: We collect sensitive personal information, including your account log-in credentials and financial account/payment card information. We use and disclose this information only for purposes that are necessary to provide the goods or services you requested, to ensure security and integrity, to prevent fraud, and to verify your account, all of which are purposes permitted under California Code of Regulations, title 11, section 7027(m). Because our use and disclosure of your sensitive personal information is consistent with these exceptions, we are not required to provide a “Limit the Use of My Sensitive Personal Information” link.
● Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
Exercising Your Rights
To exercise the rights described above, please submit a verifiable consumer request to us by using the contact details provided in the "How to Contact Us" section. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.