Privacy Policy

Last Updated: October 10, 2025

1. Introduction

A.Scope of This Policy

This Privacy Policydescribes how X-ORIGIN-AI, Inc., doing business as X-Origin ("X-Origin","we", "us", or "our"), collects, uses, anddiscloses your personal information when you visit, use our services, or make apurchase from xorigin.ai (the "Site") or otherwise communicate withus (collectively, the "Services"). For the purposes of this PrivacyPolicy, "you" and "your" means you as the user of theServices, whether you are a customer, website visitor, or another individualwhose information we have collected pursuant to this Privacy Policy.

Please read this PrivacyPolicy carefully. By using and accessing any of the Services, you agree to thecollection, use, and disclosure of your information as described in thisPrivacy Policy. If you do not agree to this Privacy Policy, please do not useor access any of the Services.

This policy appliesspecifically to the data processing activities related to our e-commercewebsite and associated services. Our AI-powered robotics products and theirrelated software applications may be governed by a separate privacy policy,which will be provided to you when you purchase or activate those products.

B. About Us (The Data Controller)

For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the data controller of your personal information is X-ORIGIN-AI, Inc., registered at 651 N Sepulveda Blvd #2086, BEL AIR, CA, 90049, US. As the data controller, we are responsible for determining the purposes and means of processing your personal information.

C. Policy Summary

This summary provides a quick overview of our data practices. It does not replace reading the full Policy, which contains more detailed information.

  • What We Collect: We collect information you provide (e.g., contact, account, and payment details), information generated automatically when you use our Services (e.g., device and usage data), and information from third parties (e.g., service providers).
  • Why We Collect It: We use your information to provide and improve our Services, process your orders, for marketing and advertising, for security and fraud prevention, and to comply with legal obligations.
  • Who We Share It With: We may share your information with service providers (like Shopify), business and marketing partners, our affiliates, and in connection with business transactions or legal requirements.
  • Your Key Rights: Depending on your location, you have rights including access, correction, and deletion of your personal information, and the right to opt out of marketing. You can exercise your rights by contacting us as described in this Policy.

2. The Personal Information We Collect

To provide full transparency in line with regulations like the California Consumer Privacy Act (CCPA), this section details the categories of personal information we have collected over the past 12 months, their sources, and the business or commercial purposes for their collection and use.

A. Overview of Your Data

The following table provides a comprehensive view of the personal information we collect, linking it to its sources and our purposes for using it.

Category of Personal Information (as defined by CCPA)
Examples of What We Collect
Source(s) of Information
Our Business and Commercial Purposes
Identifiers
Name, postal address, billing address, email address, phone number, IP address, account username, unique personal or online identifiers (e.g., cookie IDs).
Directly from you: When you create an account, place an order, subscribe to marketing, contact customer service, or submit a feedback form.

Automatically: Collected via cookies and similar technologies when you visit our site.
From third parties: Such as our service provider, Shopify.
To provide and manage Services; process orders and payments; marketing and advertising; security and fraud prevention; communicate with you.
Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Name, address, phone number, credit card number, debit card number, or other financial information.
Directly from you: During the checkout and ordering process.
To provide and manage Services; process orders and payments; security and fraud prevention.
Commercial Information
Records of products you view, add to cart, add to a wishlist, purchase, return, or exchange; past transaction history.
Directly from you: When you interact with our website.

Automatically:
Logged by our service platform (e.g., Shopify).
To provide and manage Services; personalize your shopping experience; marketing and advertising; analytics and service improvement.
Internet or Other Electronic Network Activity Information
Browsing history, search history, information regarding your interaction with our website or advertisements (e.g., clickstream data, time spent on pages, navigation paths).
Automatically:
Via cookies, pixels, and other tracking technologies as you browse our site.
To personalize your shopping experience; marketing and advertising; analytics and service improvement; security and fraud prevention.
Geolocation Data
Approximate geolocation (e.g., country or city level) inferred from your IP address.
Automatically: From your device information when you visit our site.
To provide localized content; analytics and service improvement; security and fraud prevention.
Audio, electronic, visual, or similar information
If you upload photos or videos with a product review.
Directly from you: When you submit a product review containing media files.
To provide and manage Services (e.g., displaying your review on the site).
Inferences
Profiles generated from your purchase history, browsing behavior, and preferences to reflect your interests and characteristics for product recommendations.
Internally generated: By analyzing other categories of personal information we collect (like Commercial Information and Network Activity).
To personalize your shopping experience; marketing and advertising; analytics and service improvement.
Sensitive Personal Information
Credit or debit card number and other financial account information; account log-in credentials (username and password).
Directly from you: During checkout or when creating/logging into an account.
To process orders and payments; provide and manage Services; security and fraud prevention.

B. Detailed Sources of Personal Information

We collect your personal information from three main sources :

Directly from You: We collect information you provide when you:

  • Create or modify your account, including setting a username and password.
  • Make a purchase, manage addresses, or process a return.
  • Communicate with our customer support team via online chat, email, or contact forms.
  • Subscribe to our marketing newsletters or submit feedback.
  • Post a product review on our site.

Automatically: We use cookies, pixels, web beacons, and similar technologies to automatically collect certain information when you interact with our Services. This includes your IP address, device type, browser information, your browsing and clicking behavior on our site, and how you interact with our Services.

From Our Service Providers and Partners: We work with third parties to operate our business and provide the Services. For example, our e-commerce platform is powered by Shopify, which collects and processes information on our behalf. We may also receive information from payment processors, data analytics providers, and marketing partners.

3. How and Why We Use Your Personal Information

We process your personal information for the following specific purposes:

To Provide and Manage Our Services: This includes creating and maintaining your account, processing your payments and orders, arranging for shipping, handling returns, publishing your product reviews, and providing customer support. For instance, when you place an order, we need your contact and address details to fulfill the delivery and your payment information to process the transaction.

For Marketing, Advertising, and Personalization: We use your information to send you emails, text messages, or postal mail about our products, services, and promotions. We may also use your purchase history and website browsing behavior to show you personalized product recommendations and targeted advertisements on our Services and other websites. Our data flow analysis shows we share data with advertising partners like Google for these purposes.

For Analytics and Service Improvement: We analyze how users interact with our Services to understand user preferences, identify trends, diagnose technical problems, and improve the functionality and user experience of our website. This may involve analyzing aggregated traffic data and user behavior patterns.

For Security and Fraud Prevention: We use your information to verify your account, secure payment transactions, and detect, investigate, and prevent potential fraudulent, illegal, or malicious activity. For example, we use services like Cloudflare and hCaptcha to protect our website from automated attacks.

To Comply with Legal Obligations and Exercise Legal Rights: We may need to process your information to comply with applicable laws and regulations, such as responding to valid legal process from law enforcement or government agencies (e.g., subpoenas or court orders), fulfilling tax and accounting obligations, or exercising or defending our legal rights in a legal proceeding.

4. Disclosure and Sharing of Personal Information

In certain circumstances, we may disclose your personal information to third parties for the legitimate purposes described in this Policy. We are committed to disclosing it only when necessary and ensuring that recipients provide adequate data protection. The following are the categories of third parties to whom we disclose personal information, along with the categories of personal information disclosed to them in the past 12 months, to meet the detailed disclosure requirements of the CCPA.

Our Service Providers and Vendors: These are third-party companies that perform business functions on our behalf. They may only process your information according to our instructions and are contractually obligated to protect its confidentiality and security.

Examples:

  • E-commerce Platform: Our website is powered by Shopify, which provides us with core online store functionality, payment processing, and data analytics services.
  • Payment Processors: To process your credit and debit card payments.
  • Logistics and Shipping Partners: To deliver the products you purchase.
  • Cloud Storage and IT Management Services: To provide data storage and technical infrastructure support.
  • Customer Support Tools: Such as the online chat feature provided by Shopify to communicate with you.

Categories of Personal Information Disclosed: Identifiers, California Customer Records Information, Commercial Information, Internet Activity Information, Sensitive Personal Information (e.g., financial information shared with payment processors to process payments).

Analytics Partners: These partners help us measure and analyze traffic and usage trends for our Services.

  • Examples: Google Analytics.
  • Categories of Personal Information Disclosed: Internet or Other Electronic Network Activity Information, Geolocation Data, Identifiers.

Security and Fraud Prevention Partners: We use third-party services to protect our website from spam and abuse.

  • Examples: Cloudflare and hCaptcha.
  • Categories of Personal Information Disclosed: Internet or Other Electronic Network Activity Information, Identifiers (e.g., IP address).

Our Affiliates: We may share information within our corporate group for internal administration, reporting, and to provide unified services.

  • Categories of Personal Information Disclosed: Identifiers, Commercial Information, Account Information.

Third Parties in a Business Transaction: If X-Origin is involved in a business transaction such as a merger, acquisition, bankruptcy, reorganization, or sale of assets, your personal information may be transferred to a successor entity or acquirer as part of that transaction.

  • Categories of Personal Information Disclosed: All categories of personal information we collect may be disclosed in such a transaction.

Legal and Law Enforcement Agencies: We may disclose your personal information when we believe in good faith that it is necessary to comply with a legal obligation, respond to valid legal process (such as a search warrant, court order, or subpoena), protect our rights, property, or safety, and the safety of our users or the public.

  • Categories of Personal Information Disclosed: Any relevant categories of personal information, depending on the specifics of the legal request.

Third Parties with Your Consent or at Your Direction: When you explicitly direct us or consent to us disclosing your information to a third party. For example, when you use social media widgets or login integrations.

  • Categories of Personal Information Disclosed: Depends on your specific direction.

5. Cookies and Other Online Tracking Technologies

To provide functionality, analyze user behavior, and deliver personalized advertising, we and our third-party partners use cookies, pixel tags (also known as web beacons), and similar technologies on our Services. This section details the types of technologies we use, their purposes, and how you can control them, addressing the need for greater transparency regarding cookies in our policy.

A cookie is a small text file that is stored on your computer or mobile device when you visit a website. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

A. Types of Cookies We Use

Our website uses several types of cookies, which, in the EU and similar jurisdictions, require your consent before being placed, unless they are "strictly necessary". We classify them in our cookie consent management tool as follows:

Cookie Category
Purpose Description
Example Cookies and Providers (Based on Detection)
Strictly Necessary Cookies
These cookies are essential for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.
_shopify_essential (Shopify), __cf_bm (Cloudflare)
Functionality Cookies
These cookies enable the website to provide enhanced functionality and personalization. For example, they can remember your region or currency preferences. If you do not allow these cookies, then some of these services may not function properly.
localization (Shopify), cart_currency (Shopify), test_cookie (DoubleClick/Google)
Performance/Analytics Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.
_shopify_y (Shopify)
Targeting/Advertising Cookies
These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They work by uniquely identifying your browser and internet device.
_shopify_s (Shopify), _gcl_au (Google), NID (Google), IDE (DoubleClick/Google)

B. Your Choices and How to Manage Cookies

We respect your right to privacy. You can manage your cookie preferences in the following ways:

  • Browser Settings: Most web browsers allow you to control most cookies through their settings. You can set your browser to block cookies or to alert you when cookies are being set. Please note that if you block all cookies (including strictly necessary cookies), you may not be able to access all or parts of our site.
  • Advertising Industry Opt-Out Tools: You may opt out of interest-based advertising from many companies that participate in programs like the Digital Advertising Alliance or the Network Advertising Initiative by visiting their opt-out pages.

6. Data Security and Retention

A. Data Security

We are committed to the security of your personal information. We have implemented appropriate technical, administrative, and physical security measures designed to protect the personal information we collect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include, but are not limited to:

  • Using SSL/TLS technology to encrypt data during transmission.
  • Encrypting sensitive data at rest, such as payment information.
  • Implementing strict access controls to ensure that only authorized personnel have access to personal information.
  • Regularly conducting security assessments and vulnerability scans to identify and remediate potential security risks.

While we employ robust security measures, please be aware that no security system is perfect or impenetrable. We cannot guarantee "absolute security." In addition, any information you send to us over the internet may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

B. Data Retention

The length of time we retain your personal information depends on various factors, including the purpose for which the information was collected, our ongoing relationship with you (e.g., whether you have an active account), our legal and regulatory obligations, and whether retention is necessary to resolve potential disputes.

We do not retain personal information indefinitely. Our data retention policies are designed to ensure that we retain data only for as long as is necessary to fulfill the purposes for which it was collected. Our specific retention periods or criteria are as follows :

  • Account Information: We retain your account information for as long as your account is active. If you close your account, we will retain your information for a reasonable period to handle any follow-up matters (such as returns, warranty claims, or legal disputes), after which it will be deleted or anonymized.
  • Customer Support Communications: We retain records of your communications with customer support for a period sufficient to allow us to track and resolve your issue, and for internal training and quality assurance purposes.
  • Marketing Information: If you consent to receive marketing communications from us, we will retain your contact information until you opt-out.
  • Cookie Data: The retention periods for cookies vary. Please refer to the "Cookies and Other Online Tracking Technologies" section above for details.

7. Children's Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect any personal information from children in this age group. If you are a parent or guardian and discover that your child has provided us with personal information, please contact us immediately, and we will take steps to delete that information.

As required by the CCPA, we hereby state that we do not have actual knowledge that we “sell” or “share” the personal information of consumers under 16 years of age.

8. Third-Party Websites and Links

Our Services may contain links to websites, applications, or other online platforms operated by third parties. If you click on these links and leave our Services, you should review the privacy and security policies and terms and conditions of those third parties. This Privacy Policy does not apply to the privacy practices of such third-party sites or platforms. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on them.

9. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes, we will post the updated policy on this page and revise the "Last Updated" date at the top. For material changes, we may provide you with additional notice, such as via email or a prominent notice on our website. We encourage you to review this Policy periodically to stay informed about our information practices and the ways you can help protect your privacy.

10. How to Contact Us

If you have any questions, comments, or concerns about our privacy practices or this Privacy Policy, or if you would like to exercise any of your available rights, please contact our Privacy Office at:

  • Company Name: X-ORIGIN-AI, Inc.,
  • Email: service@xorigin.ai
  • Mailing Address:
    X-ORIGIN-AI, Inc.,
    Attn: Privacy Office
    651 N Sepulveda Blvd #2086
    BEL AIR, CA, 90049
    United States

We will address your requests and inquiries in a timely manner and in accordance with applicable law.

11. Region-Specific Disclosures

A. Notice for Residents of Europe (EEA, UK, and Switzerland)

This section provides additional information for residents of the European Economic Area (EEA), the United Kingdom (UK), and Switzerland.

Legal Basis for Processing

We process your personal information based on the following legal bases under the General Data Protection Regulation (GDPR) :

  • Performance of a Contract: When we process your information to provide our Services, such as fulfilling your orders or managing your account.
  • Your Consent: When you have given us consent to process your information for a specific purpose, such as for sending marketing communications or placing non-essential cookies.
  • Legitimate Interests: When we process your information for our legitimate interests, such as for service improvement, security, and fraud prevention, provided that these interests are not overridden by your rights and interests.
  • Legal Obligation: When we need to process your personal information to comply with a legal obligation.

Your Rights

You have the following rights under the GDPR:

  • Right of Access: The right to obtain confirmation as to whether or not personal data concerning you is being processed, and where that is the case, access to the personal data.
  • Right to Rectification: The right to obtain the rectification of inaccurate personal data concerning you.
  • Right to Erasure (‘Right to be Forgotten’): The right to obtain the erasure of personal data concerning you under certain conditions.
  • Right to Restriction of Processing: The right to obtain restriction of processing under certain conditions.
  • Right to Data Portability: The right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.
  • Right to Object: The right to object at any time to processing of personal data concerning you which is based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.
  • Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

International Data Transfers

Your personal information will be transferred to, and processed in, countries outside of the EEA, UK, or Switzerland, including the United States and Canada.

  • For transfers to Canada, we rely on the European Commission's adequacy decision.
  • For transfers to the United States, we rely on recognized transfer mechanisms such as the Standard Contractual Clauses (SCCs), and we conduct Transfer Impact Assessments (TIAs) to ensure your data receives an equivalent level of protection.

Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee compliance with data protection laws. You may contact our DPO at:

Email: service@xorigin.ai

Complaints

If you have a complaint about how we process your personal information, please contact us first. You also have the right to lodge a complaint with your local data protection authority.

B. Notice for California Residents

This section supplements the information contained in our Privacy Policy and applies solely to visitors, users, and others who reside in the State of California. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).

Your California Privacy Rights

You have the following rights under the CCPA/CPRA:

  • Right to Know/Access: You have the right to request that we disclose what personal information we collect, use, disclose, and sell or share.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain exceptions.
  • Right to Correct: You have the right to request the correction of inaccurate personal information.
  • Right to Opt-Out of Sale / Sharing: We do not “sell” or “share” personal information as those terms are defined under applicable privacy laws. This means we do not exchange your personal information for monetary or other valuable consideration, nor do we disclose it for cross-context behavioral advertising purposes. Therefore, there is no need for you to take any action to opt out of such activities.
  • Right to Limit Use and Disclosure of Sensitive Personal Information: We collect sensitive personal information, including your account log-in credentials and financial account/payment card information. We use and disclose this information only for purposes that are necessary to provide the goods or services you requested, to ensure security and integrity, to prevent fraud, and to verify your account, all of which are purposes permitted under California Code of Regulations, title 11, section 7027(m). Because our use and disclosure of your sensitive personal information is consistent with these exceptions, we are not required to provide a “Limit the Use of My Sensitive Personal Information” link.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

Exercising Your Rights

To exercise the rights described above, please submit a verifiable consumer request to us by emailing service@xorigin.ai. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.

Join a better future

Be the first to receive our latest product updates, newest offerings, and free product trials.
2025 X-Origin®. All rights reserved.
Explore
AIPiYonboCreator Hub
Yonbo
AIPi
Life with X-Origin
Behind the Build
Company
About UsContact Us
Resources
SupportUser stories
Legal
User AgreementPrivacy Policy