Privacy Policy

Last Updated: March 2026

Overview

Prox Product Discovery is an AI-powered platform that helps you discover trending products by analyzing social media trends and user engagement across multiple platforms. This privacy policy explains how we collect, use, and protect your information.

Information We Collect

We collect information to provide personalized product recommendations and improve our service:

  • Email address - Collected during chat to provide a personalized experience, price drop alerts, and new arrival notifications. No password is required for basic chat access.
  • Account information - When you create a full account, we collect your name, email address, and a securely hashed version of your password
  • Search queries and preferences - What you search for and problems you describe
  • Chat history - Conversations with our AI assistant to provide personalized recommendations
  • Conversation insights - Our AI extracts structured metadata from your conversations to improve recommendations. This includes detected style preferences (e.g., "mid-century", "minimalist"), inferred budget range, room type, life stage signals (e.g., moving, renovating), and household context (e.g., renting, has kids). This data is derived from what you share in conversation — we do not collect information beyond what you tell us.
  • Saved products - Products you save to your account for later reference
  • Interaction data - Products you view, click, or show interest in, including which products are shown and which affiliate links are clicked during a conversation
  • Device and browser information - For site functionality and performance

Third-Party Data Sources

We aggregate publicly available trend data from multiple social platforms to power our recommendations:

  • YouTube - Product reviews and video engagement metrics
  • Blogs & RSS - Home and design publication content
  • Amazon - Product details, pricing, and availability

Important: We cache trend data temporarily (up to 1 hour) to improve performance and comply with API rate limits.

How We Use Conversation Data

Conversation insights extracted from your chats are used to:

  • Improve the relevance of product recommendations during your session
  • Generate aggregated, anonymized audience analytics for our partner program (see below)
  • Identify product gaps — categories where users are searching but we don't yet have good recommendations
  • Monitor and improve the quality of our AI assistant

Important: We do not sell your personal data. Conversation insights shared with partners are always aggregated and anonymized — partners see trends across their audience (e.g., "40% of your visitors prefer mid-century style"), never individual conversations or personal information.

Partner Program & Data (Consumer Perspective)

When you use Prox through a partner's shop (an influencer or brand that has integrated our AI chat), your conversation insights are associated with that partner for the purpose of providing them with aggregated audience analytics. This means:

  • Partners can see anonymized trends about their audience's style preferences, budget ranges, and product interests
  • Partners never see your email address, personal details, or individual chat messages
  • Partners cannot identify individual users from the insights data
  • You can request deletion of your data at any time (see "Your Rights" below)

Partner Data (B2B Partners)

If you are a Prox Partner (an influencer, creator, or brand operating a storefront), we collect additional information to provide our B2B services:

  • Account information — Name, email, brand name, social media URLs provided during application
  • Public follower counts — Retrieved from Instagram's public API to determine subscription tier
  • Billing information — Processed by Stripe; we store only transaction history and subscription status
  • Storefront customization — Logo, accent color, display name, curated product lists
  • Aggregate audience insights — Derived from conversations on your storefront (never individual user data)
  • Instagram caption analysis (opt-in) — If you enable AI Voice Analysis, we process your recent public Instagram captions to generate a voice and tone guide. This guide captures your communication style (tone, vocabulary, emoji usage) so your storefront's AI assistant matches your personal brand. Captions are processed once to generate the guide and are not stored separately. You can enable or disable this at any time from your dashboard.

How we use partner data:

  • To operate your storefront and process subscription billing
  • To determine and adjust your subscription tier based on follower count
  • To generate a voice and tone guide from your Instagram captions (with your consent) so your storefront's AI assistant matches your communication style
  • To send weekly insight digests and platform communications
  • To improve platform features and identify product gaps

Partner data is retained for the duration of your partnership plus 7 years for tax and legal compliance. See our Partner Terms of Service for full details.

Partner Affiliate Credentials (BYOA)

Partners may connect their own affiliate network credentials ("Bring Your Own Affiliates" or BYOA) to earn commissions directly from product sales on their storefront. When partners provide affiliate credentials:

  • Credential storage — API tokens and sensitive credentials are encrypted at rest using AES-256 encryption
  • Access controls — Credentials are only accessible to automated sync processes; no Prox staff can view plaintext credentials
  • Credential validation — We validate credentials against the affiliate network API before storing them
  • Credential deletion — Partners can remove their credentials at any time from the dashboard; deletion is immediate and permanent

Prox does not receive any commission from sales through partner affiliate links. Partners are solely responsible for maintaining their affiliate program memberships and complying with affiliate network terms.

Partner Product Data Isolation

When partners import products from their affiliate networks, each partner's product catalog is completely isolated:

  • Catalog isolation — Products imported by a partner are only visible on that partner's storefront
  • No cross-partner sharing — Partner A's products never appear on Partner B's storefront or in Prox's main catalog
  • Conversation isolation — Chat conversations on a partner's storefront only search that partner's product catalog
  • Analytics isolation — Partners only see analytics for their own storefront visitors

This isolation is enforced at the database level. Product ownership is tracked via dedicated columns, and all queries are scoped to the partner's ID.

Data Processing (Partners as Controllers)

For partners operating storefronts, the following data processing relationship applies:

  • Data Controller — Partners are the data controller for their storefront visitors
  • Data Processor — Prox acts as a data processor on behalf of partners, processing visitor data only as necessary to operate the storefront and provide analytics
  • Subprocessors — We use subprocessors including Neon (database hosting), Vercel (hosting), and Stripe (billing). A full list is available upon request
  • Data location — All data is stored in the United States

Partners requiring a formal Data Processing Agreement (DPA) for compliance purposes may contact legal@proxdesign.co.

Affiliate Disclosure

As an Amazon Associate and affiliate partner of CJ Affiliate, Rakuten Advertising, and other affiliate networks, we earn from qualifying purchases. Product links may contain affiliate tracking codes from these networks. This revenue funds our free consumer chat service but does not influence our product recommendations — recommendations are based on your stated needs and AI analysis, not commission rates.

Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your login session and preferences
  • Provide personalized product recommendations
  • Analyze site usage and improve our service
  • Track affiliate referrals for commission purposes

Google Analytics: We use Google Analytics to understand how visitors interact with our website. Google Analytics collects information such as how often users visit the site, what pages they visit, and what other sites they used prior to coming to our site. We use this information to improve our service. Google Analytics collects the IP address assigned to you on the date you visit our site, but not your name or other identifying information. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Payment Processing

We use Stripe to process payments. When you add a payment method or make a purchase, your payment information is sent directly to Stripe and is not stored on our servers. Stripe may collect and process the following information:

  • Credit or debit card number
  • Card expiration date and security code
  • Billing address
  • Transaction history with Prox

Stripe's use of your personal information is governed by their Privacy Policy. We only receive a token representing your payment method and limited information (such as the last four digits of your card) for display purposes.

Data Security

We implement appropriate security measures to protect your information. We do not permanently store personal data from third-party APIs, and most trend data is automatically purged from our systems within hours.

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Your Rights

You have the right to:

  • Request information about data we collect about you
  • Request deletion of your personal information
  • Opt out of data collection (though this may limit service functionality)
  • Update or correct your information

Account Deletion: You can delete your account and all associated data directly from your Account Settings page, or by emailing privacy@proxdesign.co.

Your Privacy Rights by Region

For EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

  • Legitimate interest — Analytics and service improvement
  • Consent — Cookies and tracking technologies (you can manage consent via the cookie banner)
  • Contract — Providing your account and requested services

Your GDPR Rights:

  • Right of access — Request a copy of your personal data
  • Right to rectification — Request correction of inaccurate data
  • Right to erasure — Request deletion of your data ("right to be forgotten")
  • Right to data portability — Request your data in a machine-readable format
  • Right to object — Object to processing based on legitimate interests
  • Right to withdraw consent — Withdraw consent at any time for consent-based processing

To exercise these rights, email privacy@proxdesign.co. You also have the right to lodge a complaint with your local data protection supervisory authority.

For California Users (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Categories of Personal Information We Collect:

  • Identifiers — Email address, name, account ID
  • Commercial information — Products saved, purchase history, preferences
  • Internet activity — Browsing history, search queries, interactions with our service

Your CCPA Rights:

  • Right to know — Request disclosure of the personal information we collect, use, and share
  • Right to delete — Request deletion of your personal information
  • Right to opt-out of sale — Opt out of the "sale" of your personal information
  • Right to non-discrimination — You will not be discriminated against for exercising your rights

Important: Prox does not sell personal information to third parties. We do not exchange your personal data for monetary consideration.

To exercise your CCPA rights, email privacy@proxdesign.co with "CCPA Request" in the subject line.

Data Retention

We retain your data only as long as necessary for the purposes described in this policy:

  • Account data — Retained while your account is active; deleted within 30 days of account deletion request
  • Conversation data — Retained for 12 months for analytics and service improvement, then anonymized
  • Product click data — Retained for 24 months for analytics and affiliate reporting
  • Partner data (B2B) — Retained for the duration of partnership plus 7 years for tax and legal compliance

Contact Us

Questions about this privacy policy should be directed to:
Prox LLC
680 N Lake Shore Dr.
Chicago, IL 60611
privacy@proxdesign.co

← Back to Home