Privacy Policy
Last Updated: June 14, 2026
Effective Date: June 14, 2026
Admantis Media LLP ("Admantis", "we", "us", or "our") operates the Cosmos Omni Channel Platform ("Cosmos", "the Platform", "the Service"), a SaaS product designed for D2C and SMB brands. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you interact with our services.
1. Introduction and Scope
This Privacy Policy applies when you:
- Visit our website at www.admantis.com or any associated subdomain;
- Register for or use the Cosmos platform at cosmosfrontend.pcgamer.in or any successor URL;
- Interact with our Shopify application or Meta (Facebook/Instagram) application integrations;
- Receive services from us as a brand client, end-user, or customer of a brand using Cosmos;
- Communicate with us via email, social media, or any other channel.
By using the Platform, connecting your Shopify store, connecting your Meta/Instagram account, or submitting your information to us, you agree to the terms of this Privacy Policy.
2. Data Controller / Data Processor Identity
Admantis Media LLP is registered in India and operates from:
- Registered Office: Kharghar, Navi Mumbai, Maharashtra, India
- General Contact: hello@admantis.com
- Website: https://www.admantis.com
Admantis acts as:
- Data Controller when we process personal information of our registered users, brand clients, and website visitors for our own business purposes.
- Data Processor when we process personal data of end-users (customers of our brand clients) on behalf of those clients. In this case, the brand client is the Data Controller and Admantis processes data under their instruction per our Data Processing Agreement.
3. Information We Collect
3.1 Information You Provide Directly
When you create an account, onboard as a client, or contact us, we collect:
- Account registration data: name, email address, password (hashed), company name, role.
- Brand profile information: brand name, category, product/service descriptions, brand voice and identity statements, URLs, target audience descriptions, tone preferences, and negative keyword lists ("Brand Knowledge Engine" data).
- Billing information: invoicing details, GST/tax IDs. Note: payment card processing is handled by third-party processors; we do not store full card numbers.
- Communications: emails, support tickets, feedback, chat messages sent to us.
- User-generated content: blog drafts, SEO keyword strategies, chatbot training inputs, and other content created within the Platform.
3.2 Information Collected Automatically
- Log data: IP addresses, browser type, operating system, referrer URLs, pages visited, timestamps.
- Usage data: features used, workflow completions, approval actions, session duration, error logs.
- Cookies and similar technologies: session cookies (required for authentication), preference cookies, and analytics cookies. See Section 10 for details.
- Device information: device identifiers, screen resolution, timezone.
3.3 Information Collected via Third-Party Integrations
When you connect third-party platforms to Cosmos, we collect information necessary to deliver the integration:
Meta (Facebook/Instagram) Integration
When you connect your Instagram Business Account or Facebook Page via our Meta app:
- Instagram account information: username, profile details, follower count, account type.
- Instagram content analytics: post reach, impressions, likes, comments, shares, saves, watch time, audience demographics (age, gender, geography aggregates), and views by audience type (followers vs. non-followers).
- Instagram Direct Messages (DMs): message content, sender information, conversation threads — collected solely to enable automated DM responses and the DM management hub within Cosmos. Block/Normal filtering statuses are stored.
- Instagram comments: comment text, commenter username — used for AI-moderated comment management.
- Page insights: engagement data, reach, and performance metrics for connected pages.
We access Meta data only with your explicit authorization via Meta's OAuth flow and only request permissions necessary for the features you enable. We comply with Meta's Platform Terms of Service and Platform Data Use Policy. Instagram DM data is used exclusively for providing the DM automation service and is not sold, used for advertising targeting, or shared with third parties beyond what is necessary to operate the service.
Shopify Integration
When you connect your Shopify store via our Shopify app:
- Store information: store name, domain, plan type, currency, timezone, country.
- Product catalog: product titles, descriptions, variants, pricing, inventory levels, SKUs, images, and product URLs — used to train the Brand Knowledge Engine and power Inventory Management features.
- Order data: order IDs, status, fulfillment status, line items, shipping destination (city/region level), and order timestamps — used for inventory velocity tracking and chatbot order-status queries. We access only the minimum data required.
- Customer data (limited): when end-customers query order status via the Cosmos chatbot, the chatbot may retrieve order information associated with that customer's query. This is processed on behalf of the brand (you) as the Data Controller.
- Analytics data: sales metrics, revenue, conversion data — surfaced in Custom Dashboards.
Our Shopify app requests only the scopes necessary to deliver the features you have enabled. We do not access, store, or process Shopify customer payment information. We comply with Shopify's Partner Program Agreement and API Terms of Service.
WordPress, Wix, and CMS Integrations
- App tokens and store/site IDs necessary to authenticate and publish content.
- Confirmation metadata for content publishing actions (post IDs, publication timestamps).
Google Ads / Meta Ads (Dashboard Module)
- Campaign performance metrics: impressions, clicks, spend, ROAS, conversions — surfaced in Custom Dashboards only. We do not modify or manage ad campaigns without explicit authorization.
3.4 Information About End-Users (Customers of Our Brand Clients)
When consumers interact with a chatbot powered by Cosmos (on a brand's website, Instagram, or WhatsApp), we may process:
- Conversation content: messages sent by the consumer to the brand's chatbot.
- Intent classifications: AI-generated tags applied to the conversation (e.g., "Order Tracking", "Returns").
- Tone assessments: AI-applied sentiment classifications used to route conversations.
- Order query identifiers: order IDs referenced in conversations (e.g., #BBxxxxx format for supported clients).
This data is processed on behalf of the brand client (who is the Data Controller) under their instructions. Brand clients are responsible for providing consumers with their own privacy notices disclosing Cosmos's involvement as a data processor.
4. How We Use Your Information
4.1 Providing and Operating the Platform
- Creating and managing user accounts and workspaces.
- Operating the Brand Knowledge Engine, AI Blog Writing System, Social Media Chatbot, Custom Dashboards, and Inventory Management modules.
- Delivering automated DM and comment responses on Instagram and the website chatbot widget on behalf of brand clients.
- Processing multi-stage blog approval workflows (Ideation → Keywords/Tone → Content Generation → Approval).
- Enabling direct CMS publishing to Shopify, WordPress, and Wix.
- Generating SEO-optimized blog content using brand-specific keyword and tone configurations.
4.2 Improving and Developing the Platform
- Analyzing usage patterns to identify performance bottlenecks and prioritize features.
- Training and fine-tuning AI models that power Cosmos features — using aggregated, anonymized data only. We do not use individual brand knowledge data to train models that serve other clients.
- Running A/B tests on interface elements.
- Monitoring error logs and diagnosing technical issues.
4.3 Communication and Support
- Responding to support requests, bug reports, and feedback.
- Sending transactional emails: account verification, password reset, approval notifications, billing receipts.
- Sending product update announcements and feature release notes (opt-out available).
- Conducting onboarding calls and check-ins for new clients.
4.4 Legal, Safety, and Compliance
- Complying with applicable laws, regulations, and legal obligations.
- Enforcing our Terms of Service and acceptable use policies.
- Detecting and preventing fraud, abuse, and security incidents.
- Meeting Meta Platform Terms requirements including data deletion and access controls.
- Meeting Shopify Partner Program requirements for data handling and security.
4.5 Legal Bases for Processing (GDPR / UK GDPR)
For users subject to GDPR or UK GDPR, we rely on the following legal bases:
- Contract performance: processing necessary to provide the Platform services you have signed up for.
- Legitimate interests: product improvement, security monitoring, fraud prevention — where not overridden by your rights.
- Consent: marketing communications, non-essential cookies — withdraw at any time.
- Legal obligation: where processing is required to comply with applicable law.
5. Sharing and Disclosure of Information
We do not sell, rent, or trade your personal information. We share information only in the following circumstances:
5.1 Service Providers (Sub-Processors)
We engage third-party vendors to help operate the Platform. These providers process data only on our instructions and are bound by data processing agreements:
- Cloud infrastructure providers (hosting, storage, databases).
- AI/LLM API providers: used to power content generation and chatbot responses. Prompts submitted to LLM APIs may contain brand knowledge data. We use providers with enterprise-grade data handling commitments.
- Email delivery providers: for transactional and notification emails.
- Analytics and monitoring tools: for platform performance and error tracking, using anonymized or pseudonymized data.
- Payment processors: for handling subscription billing. We share only billing-relevant data.
5.2 Meta (Facebook/Instagram)
Data you authorize us to access from Meta is processed in accordance with Meta's Platform Terms. We do not share your Meta data with third parties beyond the sub-processors necessary to operate the integration. Instagram DM content is not used for advertising, profiling, or any purpose other than delivering the DM automation service you have configured.
5.3 Shopify
Data accessed via the Shopify API is processed in accordance with Shopify's Partner Program Agreement. We do not share Shopify store data, customer data, or order data with third parties except sub-processors needed to operate the service. We do not use Shopify data for purposes beyond those disclosed to you.
5.4 Brand Clients (for End-User Data)
When Cosmos processes end-user (consumer) data on behalf of a brand client, that data is shared with and accessible by the brand client as the Data Controller. Admantis acts only as a Data Processor in this context.
5.5 Business Transfers
If Admantis Media LLP undergoes a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the successor entity. We will notify affected users and, where required by law, seek consent before completing any such transfer.
5.6 Legal Requirements
We may disclose information where required by law, court order, or government authority, or where necessary to protect the rights, property, or safety of Admantis, our clients, or the public.
6. Data Retention
- Account and brand knowledge data: retained for the duration of your active subscription plus 90 days following termination, to allow data export.
- Instagram DM and comment data: retained for a maximum of 90 days from collection unless you configure a shorter retention period. Post-retention data is permanently deleted.
- Shopify product and order data: retained for as long as the Shopify integration is active. Upon disconnection, data is deleted within 30 days.
- End-user (chatbot) conversation data: retained for 60 days by default. Brand clients may configure shorter retention periods. Data is deleted automatically at expiry.
- Usage and analytics logs: aggregated and anonymized after 12 months; raw logs deleted after 90 days.
- Billing and financial records: retained for 7 years to comply with applicable accounting and tax regulations.
When you request account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate dispute resolution.
7. Data Security
We implement technical and organizational measures designed to protect your information against unauthorized access, loss, alteration, or disclosure:
- Encryption in transit: all data transmitted between your browser, the Cosmos platform, and our APIs uses TLS 1.2 or higher.
- Encryption at rest: sensitive data fields (credentials, tokens, personal identifiers) are encrypted at rest using AES-256.
- Access controls: Role-Based Access Control (RBAC) limits access to data within the Platform. Admin-level access is restricted and audited.
- API token management: third-party integration tokens (Meta, Shopify, CMS) are stored encrypted and never exposed in plaintext via the UI.
- Audit logging: administrative actions affecting user accounts and integrations are logged.
- Incident response: we maintain a process for detecting, reporting, and responding to personal data breaches. Where required, we will notify affected individuals and relevant authorities within legally required timeframes.
No security system is impenetrable. While we employ industry-standard safeguards, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at hello@admantis.com.
8. International Data Transfers
Admantis operates across the globe and uses cloud infrastructure and sub-processors that may be located around the world. When we transfer personal data internationally, we rely on:
- Standard Contractual Clauses (SCCs) for transfers from the EU/EEA to third countries, where applicable.
- Adequacy decisions by the European Commission, where applicable.
- Binding service agreements with sub-processors that include data protection obligations equivalent to those required by applicable law.
9. Your Privacy Rights
9.1 Rights Available to All Users
- Access: request a copy of the personal data we hold about you.
- Correction: request correction of inaccurate or incomplete data.
- Deletion: request deletion of your personal data, subject to legal retention requirements.
- Portability: receive your data in a structured, machine-readable format.
- Opt-out of marketing: unsubscribe from non-transactional communications at any time via the unsubscribe link in emails or by contacting us.
9.2 Meta Platform Data Rights
In compliance with Meta's Platform Terms, you may request deletion of all data Admantis has received from Meta about you or your Meta properties. To submit a data deletion request for Meta-sourced data, email hello@admantis.com with subject line "Meta Data Deletion Request." We will complete the deletion within 30 days and confirm by email.
9.3 Shopify Data Rights
If you are a customer of a brand using Cosmos (i.e., you interacted with a Cosmos-powered chatbot on a Shopify store), your data rights should be directed to the brand (Shopify merchant) who is the Data Controller for your data. If you have a request regarding data processed by Admantis as a processor, you may also contact us at hello@admantis.com.
9.4 How to Exercise Your Rights
Submit requests to: hello@admantis.com
We will acknowledge your request within 5 business days and complete it within 30 days (extendable by an additional 30 days for complex requests with prior notice).
10. Cookies and Tracking Technologies
We use cookies and similar technologies on the Cosmos platform and the admantis.com website:
- Strictly necessary cookies: session authentication, CSRF protection, load balancing. These cannot be disabled as they are required for the Platform to function.
- Preference cookies: save your UI preferences (language, theme, dashboard layout). Can be disabled via cookie settings.
- Analytics cookies: help us understand how users navigate the Platform (e.g., page views, feature usage). We use anonymized/aggregated data and do not build individual behavioral profiles. Can be disabled via cookie settings.
We do not use advertising or tracking cookies for ad targeting purposes on our own platform. Where we embed third-party tools, those tools may set their own cookies subject to their respective privacy policies.
To manage cookie preferences, visit the cookie settings panel on the Platform or use your browser's built-in cookie controls.
11. Children's Privacy
The Cosmos Platform is intended for business users and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided personal data without parental consent, we will delete that data promptly. If you believe a child has submitted data to us, contact hello@admantis.com.
12. Third-Party Links and Services
The Platform may contain links to third-party websites, platforms, or services (including Meta, Shopify, Google). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party service you connect or visit. Admantis is not responsible for the privacy practices of external services.
13. Meta Platform Compliance
Admantis's Meta application complies with Meta's Platform Terms, Developer Policies, and applicable Data Use Policies. The following disclosures are made in connection with our Meta app review and ongoing operation:
13.1 Permissions and Data Use
Our Meta app requests the following permissions, used only for the stated purposes:
- instagram_manage_messages: to read and respond to Instagram Direct Messages within the Cosmos DM Hub on behalf of connected brand accounts.
- instagram_manage_comments: to read Instagram comments for the Social Media Chatbot comment moderation feature.
- instagram_basic, instagram_content_publish: to access basic account info and publish content on behalf of connected accounts where authorized.
- pages_messaging: to manage Facebook Page messaging features.
- ads_read: to retrieve advertising performance data for Custom Dashboard display only — no campaign modification.
- pages_read_engagement: to read Page-level engagement metrics for the analytics dashboard.
We do not request permissions beyond those necessary for the features you enable.
13.2 Data Restrictions
We confirm the following commitments in compliance with Meta's Restricted Data Use requirements:
- Instagram DM content will not be used to target users with advertising on any platform.
- Meta platform data will not be sold, licensed, or transferred to data brokers or advertising networks.
- Meta data will not be used to build or augment user profiles for purposes unrelated to providing the Cosmos service.
- Meta data will not be shared with third parties except sub-processors necessary to operate the Cosmos service under data processing agreements.
13.3 Data Deletion
Upon revocation of Meta permissions or deletion of a Cosmos account, all Meta-sourced data (including DM content, analytics data, and account information) will be deleted within 30 days. Users may also request immediate deletion via hello@admantis.com.
14. Shopify Partner Program Compliance
Admantis's Shopify app is built and operated in accordance with Shopify's Partner Program Agreement, API Terms of Service, and applicable Shopify Policies. The following disclosures apply:
14.1 Scopes and Data Use
Our Shopify app requests only the API access scopes necessary to deliver enabled features:
- read_products, write_products: to sync product catalog data with the Brand Knowledge Engine and to support Inventory Management features.
- read_inventory: to track inventory levels and velocity for the Inventory Management module.
- read_orders: to support order-status queries via the Cosmos chatbot on behalf of the merchant.
- read_analytics: to surface store performance metrics in Custom Dashboards.
- write_publications, write_content: to enable direct blog publishing to Shopify from the AI Blog Writing System, only upon explicit merchant authorization.
We do not request write access to orders, customers, or financial data.
14.2 Merchant Data Handling
- Shopify store data is processed solely to provide the Cosmos services the merchant has enabled.
- We do not share Shopify merchant or customer data with advertising networks, data brokers, or third parties beyond our sub-processors.
- Customer order data accessed for chatbot order-tracking queries is not retained beyond 60 days.
- Merchants may revoke Shopify access at any time via the Shopify admin. Upon revocation, we delete Shopify-sourced data within 30 days.
14.3 Shopify GDPR Webhooks
Our Shopify app supports the mandatory Shopify GDPR/privacy webhook endpoints:
- customers/redact: we process customer data redaction requests from merchants within 30 days.
- customers/data_request: we respond to customer data access requests forwarded by Shopify within 30 days.
- shop/redact: upon merchant account deletion, we delete all associated shop data within 30 days.
15. AI Processing and Automated Decision-Making
Cosmos uses AI/LLM technologies to power its core features. The following disclosures apply:
- Brand Knowledge Engine: processes brand-provided information (not personal data of individuals) to configure AI outputs. Brand data is isolated per client workspace and is not used to train shared models serving other clients.
- AI Blog Writing System: generates content based on brand configuration. No individual personal data is required or used for blog generation.
- Social Media Chatbot: processes consumer messages to generate automated responses. Message content is used only for generating the relevant response and is not used for profiling or targeting.
- DM filtering (Block/Normal): applies rule-based filtering to Instagram DMs. The "Block" designation prevents automated AI responses to flagged senders but does not automatically take action on the underlying Instagram account.
- Intent classification: AI-applied tags (e.g., "Order Tracking", "Returns") are used to route chatbot conversations. These do not constitute automated decisions with legal or significant effects on individuals.
Cosmos does not make fully automated decisions with legal or similarly significant effects on individuals. All AI-generated content passes through a human approval workflow before publication. If you have concerns about AI processing of your data, contact hello@admantis.com.
16. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or Platform features. When we make material changes:
- We will update the "Last Updated" date at the top of this document.
- We will notify registered users via email at least 14 days before material changes take effect.
- For significant changes affecting Meta or Shopify data processing, we will provide in-platform notification.
Your continued use of the Platform after the effective date of any update constitutes acceptance of the revised policy. If you do not agree to the changes, you may close your account before the effective date.
17. Contact Us
For any questions, concerns, or requests related to this Privacy Policy or your personal data:
- Company: Admantis Media LLP
- Email: hello@admantis.com
- Website: https://www.admantis.com/privacy-policy
- Registered Address: Kharghar, Navi Mumbai, Maharashtra, India
This Privacy Policy was prepared by Admantis Media LLP. It is provided for informational purposes and does not constitute legal advice. Admantis recommends consulting qualified legal counsel for jurisdiction-specific compliance requirements.
© 2026 Admantis Media LLP. All rights reserved.

