E-commerce
July 1, 2026
"The bot says my data is in China even though the app policy doesn't mention it." "The AI promises GDPR erasure when I just want to delete my scale history." "Chatbot confuses Bluetooth pairing #673 and cloud sensor questions." Three failures where a poorly calibrated connected product privacy bot invents data categories, mixes up shop DSAR #383 and device usage.
A connected product e-commerce privacy AI chatbot does not replace CONNDATA agents (#675) or the DPO. It reads CONNDATA-MAP, cites data_categories_collected retention_period_copy opt_out_settings_path, guides Tier 1 usage deletion, and handoffs complex DSAR383 DPO issues.
This #676 guide covers intents bot_conn_data_*, flow CONNDATAbot, and KPI conn_data_bot. Pair bot from the CONNDATA playbook (#675). AI use case: reassure about app device usage IoT data.
Summary
Why automate connected product privacy with a bot?
"What data does my watch collect?", "how do I disable analytics tracking?" and "delete my app usage history" come up as soon as a connected device is activated. A calibrated bot cites CONNDATA-MAP data_categories_collected retention_period_copy opt_out_settings_path privacy_policy_url without invented categories or agent legal advice.
What the tier 1 bot resolves for connected data
What collected: data_categories_collected map
Why purpose: legal_basis_copy map
Retention: retention_period_copy map
Third party: third_party_processors map
Opt-out guide: opt_out_settings_path map
The CNIL points out that connected objects must provide clear information about collected data and individuals' rights (CNIL, connected objects). Without a grounded CONNDATA-MAP bot, tier 1 privacy overburdens agents or invents answers.
CONNDATAbot vs CONNDATA #675, DSAR #383/#384, privacy #154 and COMPAPP #673
Six pieces of content, six distinct data and support scopes.
Quick Matrix
#676 CONNDATAbot: bot tier 1 what retention opt-out delete usage handoff
#675 CONNDATA: DPO agents escalate DSAR383 CD-7
DSAR #383: deletion export global shop multi-tool
DSAR bot #384: triage GDPR shop GDPR-BOT distinct usage device
Privacy #154: general chatbot support data usage
COMPAPP #673: pairing sync technical distinct privacy data
Pipeline: #676 bot what retention opt-out tier 1 → #675 DPO agents DSAR383 health sensitive escalate.
Which bot_conn_data_* intents should be configured?
Eight connected product data bot intents mapped to conn_data_* typologies #675.
Eight bot_conn_data intents
bot_conn_data_what: data_categories_collected map
bot_conn_data_why: legal_basis_copy map
bot_conn_data_retention: retention_period_copy map
bot_conn_data_third_party: third_party_processors map
bot_conn_data_opt_out: opt_out_settings_path map
bot_conn_data_delete_usage: data_deletion_steps map
bot_conn_data_export: export usage or handoff #675
bot_conn_data_handoff: DSAR383 health DPO → #675 or #384
Tier 1 auto: what, why, retention, third_party, opt_out, delete_usage if CONNDATA-MAP + device SKU lookup.
bot_conn_data_handoff global store deletion → DSAR383-REROUTE-BOT #384 GDPR-BOT. conn_data_health health_data_flag Y → #675 agents SENSITIVE #597.
How to consume CONNDATA-MAP #675?
The bot reads CONNDATA-MAP #675: conndata_program_id, parent_product_skus, app_name, data_categories_collected, legal_basis_copy, retention_period_copy, third_party_processors, opt_out_settings_path, data_deletion_steps, health_data_flag, privacy_policy_url, dsar_handoff_policy, customer_communication_copy.
Lookup grounded
DEVICE-SKU-CITE-BOT: order email API SKU before privacy respond
WHAT-CITE-BOT: data_categories_collected cite map only
RETENTION-CITE-BOT: retention_period_copy cite map only
OPTOUT-CITE-BOT: opt_out_settings_path data_deletion_steps cite map
NO-DATA-INVENT-BOT: no data categories outside map whitelist
NO-LEGAL-ADVICE-BOT: cite map privacy_policy_url no legal interpretation
DSAR383-REROUTE-BOT: global deletion export → #384 GDPR-BOT triage
COMPAPP673-REROUTE-BOT: technical sync pairing → #674 COMPAPPbot distinct privacy
CONNDATA675-HANDOFF-BOT: health DPO litigation → #675 agents CD-6 CD-7
Alignment anti-hallucination (#123): categories retention opt-out = CONNDATA-MAP whitelist only.
CONNDATABOT-SUP policy in six rules
Six rules bot privacy secure connected product.
CONNDATA-MAP-GROUNDED-BOT: categories retention opt-out from map only
DEVICE-SKU-CITE-BOT: order email API SKU before respond
RETENTION-CITE-BOT: retention_period_copy cite map only
OPTOUT-CITE-BOT: opt_out_settings_path data_deletion_steps cite map
NO-LEGAL-ADVICE-BOT: cite privacy_policy_url not agent legal interpretation
EXCEPTION-HANDOFF-BOT: DSAR383 health DPO → #384 #675 handoff
Flow CONNDATAbot CDB-1 to CDB-8
Flow eight steps connect product data bot.
CDB-1 Classify : bot_conn_data_* intent detect device app question
CDB-2 Collect : order_ref device SKU app version question
CDB-3 CONNDATA-MAP : categories retention opt-out deletion third party
CDB-4 Device lookup : email order API parent_product_skus map
CDB-5 Guardrail : WHAT RETENTION OPTOUT NO-DATA-INVENT NO-LEGAL-ADVICE
CDB-6 Respond : TPL-CONNDATAbot grounded map privacy_policy_url
CDB-7 Handoff : DSAR383 health DPO → #384 #675 payload
CDB-8 Log : intent conndata_program_id tag conn_data_bot resolved Y/N
Example TPL-CONNDATAbot-WHAT
« Device [parent_product_skus map] app [app_name map]: data [data_categories_collected map]. Purposes: [legal_basis_copy map]. Retention: [retention_period_copy map]. [customer_communication_copy map]. Details: [privacy_policy_url map]. WHAT-CITE-BOT map only. NO-DATA-INVENT-BOT. »
TPL-CONNDATAbot and touchpoints templates
Four essential templates.
TPL-CONNDATAbot-WHAT
Program [conndata_program_id] device [parent_product_skus API] app [app_name map]: data [data_categories_collected map]. Purposes [legal_basis_copy map]. Subprocessors [third_party_processors map]. [privacy_policy_url map]. WHAT-CITE-BOT.
TPL-CONNDATAbot-RETENTION
Usage retention [app_name map]: [retention_period_copy map]. RETENTION-CITE-BOT map only.
TPL-CONNDATAbot-OPTOUT
Disable analytics: [opt_out_settings_path map]. Delete usage: [data_deletion_steps map]. OPTOUT-CITE-BOT. App remains functional according to map.
TPL-CONNDATAbot-DSAR-HANDOFF
Global erasure or export of all shop data: GDPR request [dsar_handoff_policy map] → #384 GDPR-BOT. Device-only usage deletion: TPL-CONNDATAbot-OPTOUT.
Touchpoints
Widget app settings privacy CTA: bot_conn_data_what proactive
Email onboarding device: bot_conn_data_retention entry
Chat keyword delete my scale data: bot_conn_data_delete_usage trigger
privacy_policy_url landing: bot_conn_data_opt_out assist
Edge cases and reroutes
Five cases outside tier 1 bot privacy connected standard.
Global store erasure: DSAR383-REROUTE-BOT #384 GDPR-BOT distinct device usage
Wearable health data: #597 SENSITIVE health_data_flag → #675 agents
Technical pairing sync: COMPAPP673-REROUTE-BOT #674 distinct sensors cloud
CNIL lawyer legal dispute: CONNDATA675-HANDOFF-BOT DPO NO-LEGAL-ADVICE-BOT
General privacy chatbot: #154 distinct IoT device data
Bot never confirms global GDPR erasure without #384 GDPR-BOT: NO-AUTO-DELETE-BOT.
Essential conn_data_bot KPIs
Five CONNDATAbot monitoring metrics.
conn_data_bot_what_deflect: what collected resolved without agent
conn_data_bot_optout_guide_rate: guided opt-out / bot_conn_data_opt_out
conn_data_bot_retention_cite_rate: RETENTION-CITE-BOT / bot_conn_data_retention
conn_data_bot_dsar_reroute_rate: reroute #384 / bot_conn_data_delete global export
conn_data_bot_data_invent_violations: categories out of target audit map 0
Target: conn_data_bot_data_invent_violations 0 and conn_data_bot_what_deflect greater than 60%.
CONNDATAbot anti-patterns
Five common mistakes bot privacy connected product.
Invented data categories: WHAT-CITE-BOT data_categories_collected map
Bot legal advice: NO-LEGAL-ADVICE-BOT privacy_policy_url cite map
Confusing DSAR #383/#384: delete usage device vs global shop erasure
Confusing COMPAPP #673/#674: pairing sync distinct privacy sensors
Opt-out without path map: OPTOUT-CITE-BOT opt_out_settings_path map only
CONNDATAbot with Qstomy
Qstomy on Shopify: detect bot_conn_data intent, CONNDATA-MAP RAG grounded, order email device SKU lookup, WHAT RETENTION OPTOUT cite, handoff #675 DPO DSAR383 #384 payload.
Pipeline: #676 bot what retention opt-out tier 1 → #675 agents DPO health sensitive escalate.
Explore AI Support and request a demo.
Checklist, FAQ and going further
CONNDATAbot Checklist (8 steps)
Sync CONNDATA-MAP #675: RAG bot widget app privacy CTA
Policy CONNDATABOT-SUP: 6 rules WHAT RETENTION OPTOUT NO-LEGAL-ADVICE
8 intents bot_conn_data_*: flow CDB-1 to CDB-8
4 templates TPL-CONNDATAbot-*: WHAT RETENTION OPTOUT DSAR-HANDOFF
Order email API device SKU sync: Shopify metafield bot agents
privacy_policy_url index: RAG categories grounded audit
Red team 10 prompts: invented categories elements legal advice DSAR confused pairing
Dashboard KPI: conn_data_bot_* section 9
FAQ
Difference #675?
#675 = DPO agents escalate DSAR383 health sensitive CD-6 CD-7. #676 = bot tier 1 what retention opt-out delete usage handoff.
Difference DSAR #384?
#384 = GDPR triage global shop GDPR-BOT. #676 = device usage data connected app CONNDATA-MAP.
Delete bot usage data?
TPL-CONNDATAbot-OPTOUT data_deletion_steps map. Global shop → TPL-CONNDATAbot-DSAR-HANDOFF #384.
Bot legal advice?
No. NO-LEGAL-ADVICE-BOT quotes privacy_policy_url map. Dispute → CONNDATA675-HANDOFF-BOT.
Going further
This week: index CONNDATA-MAP RAG, embed widget app privacy CTA, red team invented categories bot.

Enzo
July 1, 2026





