Privacy Policy
Last updated: November 18, 2025
The privacy of your data—and it is your data, not ours!—is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights with respect to your data. We promise we never sell your data: never have, never will.
Scope of this Policy
This policy applies to the information we collect about you (our customers, site visitors, and plugin users) when you use our websites (e.g., woosalesally.com) and our SalesAlly Plugin.
Important Note Regarding Buyer Data: This policy does NOT cover information about your end users (your buyers/customers) that SalesAlly processes on your behalf (e.g., buyer chat logs, order details). SalesAlly processes such “Buyer Data” strictly under your instructions as a Data Processor. Our obligations regarding Buyer Data are defined in our http://woosalesally.com/data-processing-agreement/, not this policy.
What We Collect and Why
Our guiding principle is to collect only what we need. Here’s what that means in practice:
1. Identity and Access
When you sign up for a SalesAlly account, we ask for identifying information such as your name and email address. That’s so you can personalize your new account, and we can send you product updates and essential information.
2. Billing Information
If you sign up for a paid SalesAlly plan, you will be asked to provide your payment information and billing address. Credit card information is submitted directly to our payment processor (e.g., Stripe) and doesn’t hit SalesAlly servers. We store a record of the transaction for invoicing and support.
3. Plugin & Service Interactions
When you connect the SalesAlly Plugin to our Services, we collect and store:
- Your Website URL: Used to verify your license, provide support, and fetch public page content to train the AI about your store.
- Your Email Address: Used for support communication (including support related to buyer inquiries).
- WooCommerce REST API Keys: Encrypted and stored to allow our AI service to sync your store data. We specifically fetch: Products, Orders, Coupons, Shipping Zones & Methods, and Payment Gateways.
- Brand Documents: Any documents you voluntarily upload to the AI Knowledge Base (e.g., brand story, return policy) to help the AI introduce your brand to buyers.
- Plugin Settings: Your chatbot customization settings (color, welcome message, etc.).
- Usage Data: We log API usage (e.g., number of AI sessions) to bill you correctly and prevent abuse.
4. Website Interactions
We collect information about your browsing activity on woosalesally.com for analytics, such as your browser version, IP address, and pages visited. This helps us improve our website design.
When We Access or Disclose Your Information
We do not sell your data. We only access or disclose your information in the following limited circumstances:
- To Provide Services: We use trusted third-party sub-processors to run our application, specifically Tencent Cloud (infrastructure), Google Gemini, and Doubao (AI models). You can view our list of sub-processors here http://woosalesally.com/sub-processors-list/.
- To Help You Troubleshoot: If you reach out for support, we may need to access your account to see what’s going on. We will always ask for your permission first.
- To Comply with the Law: As a UK company, we only preserve or share customer data if compelled by a legally binding order under UK law, or in limited emergency circumstances.
Your Rights (GDPR & CCPA)
Regardless of where you live, we grant you the same high standard of privacy rights:
- Right to Access: You can request a copy of your personal data.
- Right to Correction: You can update your personal information in your account settings.
- Right to Erasure: You can ask us to delete your personal data. (Note: This may require closing your account).
- Right to Portability: You can request your data in a structured, machine-readable format.
To exercise any of these rights, please contact us at info@woosalesally.com.
How We Secure Your Data
- Encryption: All data transmitted between your browser/plugin and our servers is encrypted via SSL/TLS.
- Encryption at Rest: Sensitive data (like your API Keys) is encrypted in our database.
- Access Control: Access to our production servers and customer data is strictly limited to specific software development engineers within our team who require access to perform their duties, and requires Multi-Factor Authentication (MFA).
Data Retention
We keep your information for the time necessary to provide the Services to you.
- Account Data: Kept as long as your account is active.
- Deleted Accounts: If you cancel your account, your data (including synchronized store data) will be purged from our active systems within 30 days and from backups within 60 days.
Location of Site and Data
Our servers and data infrastructure are primarily located in the United States. By using our Services, you acknowledge that your data will be transferred to and stored in this location.
International Transfers
When transferring data from the EU/UK to other countries, we rely on Standard Contractual Clauses (SCCs) or equivalent legal mechanisms to ensure your data remains protected.
Changes and Questions
We may update this policy as needed to comply with relevant regulations. We will notify you of any significant changes.
Have any questions? Please contact us by sending emails to **info@woosalesally.com or mail to LondonIP28 7DE82a James Carter Road, Mildenhall, Bury St. Edmunds, England.