chord.gift Privacy Policy
Effective: 2026-05-22
chord is operated by 10X AI Technology Pte Ltd (Singapore / UEN 202245757M). This page describes what data we collect, why, and your rights. Plain English, no fine-print games.
1. What we collect
When you browse chord.gift:
- IP-based country (read at request time for currency + shipping routing; not stored long-term)
- Essential cookies (session, CSRF token, cookie-banner dismissal state)
- If you allow analytics: first-party behavior events such as page views, section visibility, scroll depth, button clicks, media play/pause/progress, checkout step progress, validation error codes, and time-on-page
- If you allow analytics: browser, operating system, coarse device class/vendor, viewport and screen size, device pixel ratio, text-size signals, reduced-motion setting, and connection hints where your browser provides them
- If you allow analytics: Google Tag Manager → GA4 and Cloudflare Web Analytics (page views, clicks, basic interaction signals)
- If you allow marketing: advertising pixel events (Meta Pixel, TikTok Pixel, Google Ads) when you arrive from or convert after a paid campaign
- If you allow AI insights: aggregated behavior patterns used to improve product selection, page UX, copy, and gift recommendation logic
When you sign in:
- Email address (passwordless Magic Link, or via Google / Apple Sign-In)
- Account profile (name + email returned by Google / Apple if you use them)
When you place an order:
- Recipient name, shipping address, phone number (for delivery)
- Email address (for order confirmation + delivery tracking)
- Payment info — handled by Stripe; chord never sees your full card number, only a token + last 4 digits
- Photo you upload (for the painting)
- Optional story text + special requests you write in the customization form
- Billing country (for tax / DDP duty calculation)
2. Why we collect it
- Order fulfillment: we have to know who you are, where to ship, and what you uploaded, or there's no painting.
- Communication: order confirmation, progress updates, shipping tracking, refund processing.
- Analytics + ads: to understand which marketing channels work, so we can keep operating. We do not sell your data.
- Product + UX insight: to understand where customers hesitate, which images/videos answer questions, which options are confusing, and which gift ideas deserve more investment.
- Fraud + security: to detect suspicious orders or stolen-card fraud (handled by Stripe + our own checks).
- Legal: tax records, accounting compliance with Singapore ACRA, dispute resolution.
3. AI processing — what's in scope
chord uses AI only for these specific tasks:
| What | AI provider | Data sent |
|---|---|---|
| Photo preview generation (the "AI preview" you see before deciding to order) | OpenAI (gpt-image-2 model) | The photo you uploaded, plus prompt text describing oil-painting style |
| Photo moderation (refuse illegal / abusive content) | OpenAI Moderation API | Photo + any text you wrote |
| Future: gift card text drafting, story summarization | OpenAI or comparable | Story / special-request text only |
What AI does NOT do:
- The final painting is not AI-generated. It is hand-painted by real artists on real canvas with real paint, in our Shenzhen studio.
- We do not use your photos to train any AI model. OpenAI's API terms (which we rely on) explicitly state customer API data is not used to train OpenAI models.
- We do not run face recognition or biometric analysis on your photos.
- We do not put full shipping addresses, phone numbers, payment data, or full free-text form entries into behavior analytics events.
- We do not store your full user-agent string long-term for analytics; we keep coarse browser/device fields instead.
You can request deletion of your photo at any time by emailing dylan@chord.gift with your order number — see "Your rights" below.
4. Third-party processors
| Processor | What they do | What we share |
|---|---|---|
| Stripe (US) | Payment processing | Card data (you enter directly into Stripe's form), name, billing address, email |
| OpenAI (US) | AI preview + moderation | Uploaded photo, story text, special-request text |
| Resend (US) | Transactional email (order confirmation, shipping notifications) | Email address, order number, painting summary |
| Cloudflare (US/global edge) | Hosting, CDN, edge runtime, security | IP at request time (not stored long-term) |
| Cloudflare D1 / R2 / Queues (US/global edge) | First-party behavior analytics storage and processing | Pseudonymous session IDs, event names, page/section IDs, option IDs, timestamps, country, device class |
| Google Analytics 4 / Google Ads (US) | Analytics, conversion tracking | Cookie ID, page URLs, click events, order value (hashed customer ID for ad attribution) |
| Meta Pixel (US) | Conversion tracking for Facebook/Instagram ads | Same as GA4 + hashed email when you order |
| TikTok Pixel + Events API (US/IE) | Conversion tracking for TikTok ads | Same as Meta Pixel; server-side events use SHA-256 hashed email + phone |
| Auth.js (self-hosted on Cloudflare) | Login session | Email + provider profile |
| Google / Apple Sign-In (optional) | OAuth login | Name + email from your account |
| DHL / UPS / FedEx (varies) | Shipping | Recipient name, address, phone, order weight + dimensions |
All processors above operate under their own privacy policies. We have data processing agreements (DPA) with the ones that require it.
5. Cookies + tracking
- Essential cookies: session, CSRF, cookie-banner state. Required for site to function. No consent banner needed for these.
- Analytics: first-party behavior analytics, GA4, Cloudflare Web Analytics. Used to understand funnel performance and UX friction.
- Marketing: Meta Pixel, TikTok Pixel, Google Ads. Used for conversion measurement and ad relevance. Tied to a per-browser ID; not your name.
- AI insights: permission for chord to use aggregated behavior patterns to improve products, page design, copy, and recommendations. This is not permission to train on your uploaded photos.
- You can choose "Essential only", "Analytics", "Marketing", "AI insights", or "Accept all" in the cookie choices panel. chord still works if you reject non-essential categories.
We honor Do Not Track browser signals for advertising cookies (we don't fire Meta / TikTok / Google Ads pixels when DNT=1).
6. Your rights
You have the following rights, regardless of which country you're in:
- Access — Request a copy of all data we hold about you. Email dylan@chord.gift, we respond within 30 days.
- Correction — Tell us if any data we hold is wrong; we'll fix it.
- Deletion — Email dylan@chord.gift with your order number. We anonymize your account + remove your uploaded photo within 7 days. We retain order records (without photo + minimal PII) for 7 years for Singapore ACRA accounting compliance.
- Export — Request a JSON dump of your data; we send it via secure link within 30 days.
- Unsubscribe — Every marketing email has an unsubscribe link. Transactional emails (order updates) you cannot unsubscribe from while you have an active order — they're necessary for fulfillment.
- Withdraw consent — Use "Cookie choices" in the footer, or clear
chord_cookie_consent_v3from your browser; we re-prompt on next visit.
7. Compliance
We aim to comply with:
- Singapore PDPA (Personal Data Protection Act 2012)
- EU GDPR (when you're in the EU/EEA)
- UK GDPR + Data Protection Act 2018
- California CCPA / CPRA
- Japan APPI
- Australia Privacy Act 1988
- Apple Sign-In privacy standards
If you believe we've mishandled your data, you can complain to:
- Singapore PDPC (https://www.pdpc.gov.sg)
- Your local Data Protection Authority if you're in the EU/UK
- California Attorney General if you're in California
8. International transfers
Our processors are mostly US-based. When EU/UK customers' data goes to US processors, we rely on:
- Standard Contractual Clauses (SCC) for EU transfers
- UK International Data Transfer Agreement for UK transfers
- Stripe, OpenAI, Resend, Google, Meta, TikTok, Cloudflare all participate in the EU-US Data Privacy Framework
9. Data retention
| Data | Retention period |
|---|---|
| Uploaded photo | Until you request deletion, or 90 days after order delivery (whichever is sooner). After that we delete from primary storage; encrypted backups purge within 60 more days. |
| Order records (without photo) | 7 years (Singapore ACRA accounting requirement) |
| Account profile | Until you delete the account |
| Marketing email subscription | Until you unsubscribe |
| First-party raw behavior events | Up to 90 days, then aggregated or deleted |
| Aggregated behavior analytics | Up to 18 months |
| Analytics cookies (GA4 default) | 14 months |
| Server logs (Cloudflare) | 30 days |
10. Children
chord is not intended for users under 16. If we learn we've collected data from a child under 16 without parental consent, we delete it.
11. Changes
We update this policy when our processors or data flows change. The version + date at the top of the page reflect the last update. Material changes (new third-party processor, new data category) we'll email registered customers about.
12. Contact
For any privacy question: dylan@chord.gift
Data Protection Officer: dylan@chord.gift (chord is small enough that the same person handles ops + privacy requests)
10X AI Technology Pte Ltd · 6 Raffles Quay, #14-06 · Singapore 048580 · UEN 202245757M