persona-brand-logo

Pier39.ai Data Overview

Introduction

Pier39.ai helps e-commerce merchants unlock incremental revenue and boost retention by displaying high-performing, personalized offers to shoppers after checkout. Our machine learning engine leverages purchase data, behavioral signals, and partner-provided attributes to make each offer more relevant—without ever compromising user privacy.

You retain full control over the data you choose to share with Pier39.ai. Our technology respects your customers’ privacy, complies with relevant laws, and ensures that data is used only to optimize the offer experience on your behalf.

How Data Flows Through Pier39.ai

Data Ingestion

  • We ingest structured and semi-structured data via secure APIs and webhooks from your e-commerce platform (Shopify, WooCommerce, or custom APIs).
  • Real-time purchase events (order value, product SKUs, session metadata) are streamed via Pub/Sub → Dataflow → BigQuery for immediate personalization.
  • Batch syncs (loyalty tiers, customer segments) are handled via Cloud Storage ingestion pipelines orchestrated with Airflow.

Data Processing & Transformation

  • PII (emails, phone numbers) is hashed (SHA-256) or tokenized before entering Pier39's systems.
  • The data pipeline applies schema validation, normalization, and enrichment via Cloud Functions + BigQuery ML pipelines.
  • Behavioral logs are aggregated into event-level features — e.g., last purchase date, discount sensitivity, and click sequence embeddings.

Model Training & Inference

Processed data feeds predictive ML models that calculate:

  • Propensity-to-click and propensity-to-purchase scores
  • Offer relevance based on shopper profile and product affinity
  • Optimal reward type (discount, cashback, store credits)
  • Model inference occurs on GCP, with responses served via low-latency APIs (<200ms).
  • All ML training data is anonymized and scoped to each merchant — models learn patterns, not identities.

Data Storage & Security Controls

  • Data is stored in BigQuery and Cloud Storage (us-central-1) with AES-256 encryption at rest and TLS 1.3 in transit.
  • Role-Based Access Control (RBAC) with IAM ensures strict internal permissions.
  • Cloud Audit Logs monitor all data access and modifications, with alerts for anomalies.

Data Scaling

Pier39.ai's architecture is designed for both horizontal and vertical scalability to support enterprise-grade e-commerce throughput. Event ingestion uses Pub/Sub streams that auto-scale under variable load, while Dataflow pipelines handle parallel ETL jobs across multiple shards. We use BigQuery's partitioned and clustered tables to optimize storage and query latency, keeping average query times under 1 second even with billions of records.

Model training workloads run on GCP with auto-scaling GPU/TPU clusters, allowing dynamic expansion during training peaks and automatic downscaling during idle periods. This elasticity ensures consistent performance, cost efficiency, and reliability as our merchant base grows globally.

Use Cases for Your Data

Pier39.ai allows you to safely use your first-party data to:

Personalize the Experience

  • Tailor post-checkout offers using the shopper’s name, loyalty status, or location
  • Adapt messages based on historical behavior
  • Hide irrelevant or previously-declined offers to improve UX

Maximize Relevance & Conversion

  • Predict which offers are most likely to convert for each shopper
  • Suppress offers that are regionally restricted or previously declined
  • Build anonymized interest segments based on behavior (e.g., discount buyers, pet owners)

Fulfill Offer Expectations

  • Send rewards emails when an offer is completed (typically with a promo code or instructions)
  • Optionally trigger reminder emails 24–48 hours later to boost redemption
  • Ensure shoppers can access and claim their rewards easily

Classes of Data

Pier39.ai processes four categories of data to power relevant offer experiences while ensuring that personally identifiable information (PII) is never shared with advertisers.

CategoryDescription
Partner Data (Your Data)Includes identifiers (e.g., email address, name), purchase data (e.g., cart value, product IDs), and shopper attributes (e.g., loyalty status). This is collected during or after checkout and is used only to personalize experiences on your behalf. You retain full ownership of this data.
Derived Data (Pier39.ai Data)Engagement behavior (e.g., clicked offer ID, timestamp, session activity) is logged to help us optimize future experiences. This data may be used to build anonymized interest segments or inform our ML models. It is pseudonymized and never shared externally.
Advertiser DataAudience definitions, creative IDs, and conversion events tied to a specific campaign. Advertisers own this data and it is used only to serve or measure their offers.
Licensed DataSelect third-party data (e.g., pet owners, deal-seekers) may be licensed outside the EU/UK to improve segmentation and relevance. This data is pseudonymous and used only for campaign targeting.

Data Isolation & Governance

  • Your data is kept separate and never commingled with other partner or advertiser datasets.
  • Pier39.ai acts solely as a neutral intermediary between e-commerce merchants and advertisers.
  • No partner’s user data is ever sold or shared with an advertiser.
  • All audience segments are pseudonymized and comply with applicable privacy laws.
  • Data Governance & Controls: Pier39.ai maintains an enterprise-grade data governance framework that ensures full traceability and accountability across all datasets.
  • Data Processing Agreements (DPAs): We execute DPAs with all partners and subprocessors.
  • Audit Logging: All data access, modification, and deletion events are logged and reviewed regularly.
  • Data Retention Policy: Personal data is retained only for the minimum time necessary to fulfill contractual obligations, typically 90 days unless otherwise required by law.
  • Right to Audit: Enterprise clients may request a security and privacy audit or review of Pier39.ai’s controls under NDA.

Data Storage & Security

Pier39.ai uses Google Cloud Platform (GCP) for secure hosting, with cloud infrastructure currently located exclusively in the United States(us-central-1).

Key Security Measures:

  • AES-256 encryption at rest
  • TLS 1.2+ encryption for all data in transit
  • Pseudonymization of email addresses and phone numbers (e.g., hashing)
  • Role-based access control with audit trails
  • Regular penetration testing and third-party security audits
  • Detailed logs and audit trails for all data access and modifications
  • Regular data backups to ensure quick recovery in case of failures
  • Load balancing solutions to distribute workloads evenly across servers, enhancing system availability and performance.
  • Real-time monitoring solutions to detect anomalies
  • Google Cloud CDN with HTTPS to secure data in transit between end-users and applications
  • Fine-grained access controls to limit who can access data based on roles and permissions.

Enterprise Security Certifications & Practices

  • SOC 2 Type II certification in progress
  • ISO 27001 alignment: Policies and procedures adhere to ISO 27001 standards.
  • Data Residency Options: U.S.-based data storage by default; EU data residency options available upon request.
  • Zero Trust Architecture: All internal services use authenticated and encrypted communications with least-privilege access.
  • Disaster Recovery & Business Continuity: Data is replicated across multiple availability zones with a defined RPO < 1 hour and RTO < 4 hours.
  • Annual Penetration Testing: Conducted by an independent third party; summary report available to enterprise customers under NDA.
  • Vendor Security Reviews: All subprocessors undergo security due diligence prior to onboarding.

Compliance

Pier39.ai adheres to GDPR, CCPA, and other applicable privacy laws. Our legal basis for processing includes:

  • Consent, where applicable (e.g., for cookie-based tracking)
  • Legitimate interests, such as personalizing offers, fulfilling engagements, or measuring performance

Regulatory Readiness

  • GDPR, CCPA, and CPRA compliant, with EU Standard Contractual Clauses (SCCs) in place for international data transfers.
  • HIPAA & PCI Awareness: While Pier39.ai does not process PHI or payment data directly, our systems are designed to coexist securely with PCI-DSS compliant environments.
  • Privacy Impact Assessments (PIAs): Conducted for major feature updates or new data flows.
  • Data Subject Rights Automation: We provide mechanisms for data access, rectification, and deletion requests via API or email.

Content & Offer Standards

We hold all advertiser campaigns to rigorous content and user experience guidelines:

  • No campaign goes live without review and approval
  • Offers must be legally compliant, clearly worded, and fulfillable
  • We prohibit misleading claims, adult content, or aggressive tactics
  • Pier39.ai monitors offer quality and suspends underperforming or non-compliant campaigns

Customer Confirmation Emails

If a customer accepts a third-party offer that includes a time-sensitive reward or coupon:

  • A reward email is sent within 24–48 hours
  • A reminder email may optionally be sent to boost redemption
  • No email is sent when a shopper ignores or skips an offer

Enterprise Agreements & SLAs

  • Custom Terms: Enterprise clients may execute a Master Services Agreement (MSA) or Data Processing Agreement (DPA) to supplement these Terms.
  • Service Levels: Pier39.ai guarantees ≥ 99.9% uptime measured monthly, excluding planned maintenance.
  • Support Commitments: Dedicated technical support and integration assistance are available under enterprise contracts.
  • Indemnification & Liability: Mutual indemnification and limitation of liability are available for enterprise engagements.
  • Change Management: Material changes to the platform or data handling practices are communicated 30 days in advance.

Financial / Liability Safeguards

  • Credit / Reward Liability Structure: The funding model ensures brands are never exposed to consumer credit obligations.
  • Continuity in Extreme Scenarios: In the event of insolvency or ownership change, data custody and ongoing support obligations are maintained through escrow agreements and transition protocols.

Summary

With Pier39.ai, you can:

  • Generate incremental revenue after every transaction
  • Use your data safely and effectively to personalize experiences
  • Rely on strong encryption, compliance, and transparency standards
  • Deliver high-quality offers that respect your shoppers’ time and trust

Our goal is to create win-win experiences for your brand, your customers, and the advertisers funding the rewards.

persona-brand-logo
E-commerce PartnerAdvertisersBlogCase Studies
FAQsPrivacy Policy
persona-brand-logo
persona-brand-logo© 2024 Pier39, Inc