Overview
YoRo AI provides a hosted API service that can be connected to WordPress and WooCommerce through the YoRo AI Core plugin. This policy explains the data the service may receive when a site administrator configures and uses that connection.
Data We May Receive
Depending on the workflow used by an authorized WordPress user, YoRo AI API may receive:
- Site URL, plugin version, language settings, timezone, and connection status.
- WooCommerce settings and store context needed to understand a request.
- Order, product, coupon, inventory, fulfillment, and customer data relevant to the requested task.
- Customer names, email addresses, order details, message snippets, and email body text when needed for customer service or email drafting workflows.
- Mailbox connection details provided by an administrator when connecting an inbox, plus mailbox thread data used by inbox workflows.
- Chat instructions, structured action plans, approved action metadata, execution results, diagnostics, and conversation history.
How We Use Data
We use received data to provide YoRo AI workflows, understand user requests, create guarded action plans, draft responses, sync connected mailbox workflows, maintain conversation continuity, diagnose service issues, and improve service reliability and safety.
Administrator Consent
The YoRo AI Core plugin does not contact YoRo AI API until an administrator configures a service URL and site key or starts the account connection flow. Site owners are responsible for ensuring they have permission to process and send the store, customer, and mailbox data they choose to connect.
Service Providers
YoRo AI may use infrastructure, hosting, logging, security, email, and AI model providers to operate the service. These providers process data only as needed to provide and protect YoRo AI.
Retention
YoRo AI may retain account, connection, conversation, diagnostic, and execution records for service operation, security, support, and continuity. WordPress site owners should also review the local data retained by the YoRo AI Core plugin in their own WordPress database.
Security
YoRo AI is intended to be used over HTTPS in production. Site administrators should protect site keys, mailbox credentials, and WordPress administrator accounts, and should revoke or rotate credentials if they believe access has been exposed.
Your Choices
You can stop sending new data to YoRo AI by disabling the plugin connection, disconnecting mailboxes, clearing saved service credentials, or deactivating the WordPress plugin. For privacy or account requests, contact support.
Contact
Privacy questions can be sent to support@yorohq.com.