Learn how Wysor collects, uses, and protects your personal information.
Last updated: December 23, 2024
Wysor, operated by AAA LLC, is committed to protecting your privacy while providing innovative AI agent technology. This policy explains how we collect, use, and protect your personal information when you use our AI agents platform.
At Wysor, we believe in complete transparency about our data practices, giving you full control over your data and agent configurations, and providing enterprise-grade security protection for all information. We only collect information that's necessary for our services, use your data solely for the purposes we specify, and we never sell your personal information to third parties.
Our platform is designed as an AI agents ecosystem where users create, deploy, and interact with intelligent AI agents. These agents can process various types of data to provide business automation, customer service, data analysis, and other AI-powered services that help businesses and individuals achieve their goals more efficiently.
When you use Wysor, we collect several types of information to provide and improve our services. For your account and profile, we gather basic registration information including your name and email address, along with business information if you're setting up a business account. We also collect your contact details and communication preferences, subscription and billing information, and details about your user role and permissions within your organization. Professional information helps us better serve your needs, so we may collect your job title and department, company size and industry, your specific use cases and business needs, and your level of technical expertise.
Our platform tracks how you interact with AI agents and use our services. This includes your chat conversations with AI agents, the configuration and customization settings you choose for your agents, performance metrics and analytics about your agents, your usage patterns and how frequently you interact with different features, and your preferences for various platform capabilities. When you use our APIs and integrations, we log API calls and usage statistics, track integration configurations and connections, monitor webhook events and responses, track rate limiting and quota usage, and maintain error logs and debugging information to help resolve issues.
The data that flows through your AI agents is also important for providing our services. This includes any data you provide to your AI agents for processing, customer inquiries and support tickets that your agents handle, documents and files that your agents analyze, data from business systems you've connected, and results from workflow automation. We also collect analytics and performance data such as agent response times and accuracy metrics, user satisfaction scores and feedback, conversion rates and business outcomes, system performance and reliability data, and usage trends that help us provide optimization recommendations.
From a technical perspective, we collect information about your device and browser, IP addresses and connection information, session duration and activity logs, security event logs and access attempts, and platform performance and error data. For security monitoring, we track authentication events and access patterns, detect suspicious activity, monitor API security events, maintain logs of data access and modifications, and collect compliance monitoring data to ensure we meet regulatory requirements.
We use the information we collect to provide our core platform services effectively. For agent creation and management, we enable you to build and customize AI agents according to your specifications, store your agent configurations and personality settings, process data through your agents as you've configured them, provide analytics and insights about agent performance, and facilitate the deployment and hosting of your agents on our secure infrastructure.
Communication and interaction capabilities rely on this data to enable chat conversations with AI agents, process and respond to user queries accurately, maintain conversation history and context for better interactions, provide personalized agent responses based on your preferences, and support multi-user conversations and collaboration within your organization.
Our business operations depend on your information for subscription management, including processing payments and billing, managing subscription tiers and features, calculating usage-based charges, providing invoicing and financial records, and handling subscription changes and cancellations. Customer support services use your information to respond to support inquiries, troubleshoot technical issues, provide platform guidance and training, process feature requests and feedback, and deliver comprehensive account assistance.
We continuously work to improve our platform by analyzing usage patterns to enhance features, optimizing AI agent performance and accuracy, developing new capabilities and integrations, enhancing user experience and interface design, and improving platform reliability and scalability. Our research and development efforts use aggregated, anonymized data to advance AI agent technology, test new features and capabilities, improve natural language processing, enhance integration capabilities, and develop industry-specific solutions that better serve our users.
Understanding how AI agents process data is crucial to your privacy. When you interact with an agent, you first configure what data your agents can access, then users interact with agents through chat or our API. The agents process data according to your specific settings, generate and deliver responses, and store conversation data according to the retention settings you've established.
Our AI agents have sophisticated processing capabilities including natural language understanding and response generation, document analysis and summarization, data extraction and categorization, sentiment analysis and intent recognition, and integration with business systems and workflows. You maintain complete control over this process by defining what data types your agents can access, setting data retention periods for conversations, configuring privacy settings and access controls, determining integration permissions and scope, and specifying data processing rules and limitations.
Each agent can have specific settings including custom personality and response styles, domain-specific knowledge and capabilities, language and communication preferences, specialized function configurations, and integration-specific data handling rules. When processing business data such as customer service inquiries and support tickets, sales leads and prospect information, marketing content and campaigns, financial data and transactions, and operational documents and reports, we maintain strict safeguards including role-based access controls, data encryption in transit and at rest, audit trails for all data access, compliance with data protection regulations, and regular security assessments and monitoring.
We implement comprehensive security measures to protect your information. Our technical safeguards include end-to-end encryption for sensitive data, secure cloud infrastructure with redundancy, multi-factor authentication for account access, regular security audits and penetration testing, and real-time threat monitoring and response capabilities. Access controls ensure that only authorized individuals can access your data through role-based permissions for team members, API key management and rotation, session management and timeout controls, admin controls for enterprise accounts, and granular data access permissions.
Our storage infrastructure utilizes primary data centers in the United States with encrypted databases and file storage, regular automated backups, disaster recovery procedures, and geographic distribution for reliability. We maintain clear retention policies where account data is retained while your account is active, conversation data is retained according to your specific settings, analytics data is aggregated and anonymized over time, backup data is retained for disaster recovery purposes, and deleted data is permanently removed within 30 days.
Your data is primarily stored in secure facilities in the United States, with options for data residency selection available for Enterprise plans. We ensure compliance with regional data protection requirements and implement appropriate safeguards for any international transfers that may be necessary.
To provide our comprehensive services, we work with various third-party service providers. Our core infrastructure relies on cloud hosting providers like AWS and Google Cloud, payment processing through Stripe, authentication services, email and communication services, and analytics and monitoring tools. For AI and machine learning capabilities, we work with large language model providers, natural language processing services, and machine learning infrastructure providers.
Our platform supports numerous business integrations including customer relationship management systems, email marketing platforms, business communication tools, document management systems, and analytics and reporting platforms. When you enable these integrations, data is shared only as you configure it, with secure authentication and authorization, granular permission controls, audit logs for integration activity, and the ability for you to revoke access at any time.
We require all our vendors to meet strict contractual privacy and security obligations, undergo regular compliance audits and assessments, maintain data protection certifications and standards, implement incident response and notification procedures, and enter into data processing agreements that meet regulatory requirements.
You have comprehensive rights regarding your data and how it's used. You can access all personal data we have about you, export your data in common formats, receive copies of agent configurations, download conversation histories, and obtain analytics and usage reports. Our self-service data export tools provide multiple format options including JSON, CSV, and PDF, with bulk export capabilities for organizations, API access to your data, and migration assistance for large datasets.
For data management, you can update personal information through account settings, correct inaccurate data or information, delete specific conversations or interactions, remove agent configurations and customizations, and request complete account and data deletion. Our deletion process provides immediate removal from active systems, a 30-day recovery period for accidental deletions, permanent deletion from backups and archives, retention of only legally required records, and confirmation when the process is complete.
You have granular privacy controls that let you control what data your agents can access and process, set retention periods for different data types, configure sharing permissions for team members, manage integration access and permissions, and customize privacy settings for different use cases. Communication preferences allow you to choose types of notifications to receive, set frequency for marketing communications, opt out of non-essential emails, customize alert and update preferences, and manage SMS and phone communication settings.
For organizational data management, we provide enterprise controls including administrator oversight of team member access, centralized data governance and policies, bulk user management and permissions, organization-wide security settings, and compliance reporting and audit capabilities. Data governance includes clear data ownership and responsibility, defined data lifecycle management, regular access reviews and updates, incident response procedures, and data classification and handling standards.
We maintain compliance with industry standards including SOC 2 Type II compliance, GDPR compliance for EU data subjects, CCPA compliance for California residents, HIPAA compliance options for healthcare data, and industry-specific regulatory compliance. Business compliance features include data processing agreements, business associate agreements for healthcare, custom compliance reporting, audit trail and logging capabilities, and regular compliance assessments.
When international data transfers are necessary, we use appropriate legal safeguards including Standard Contractual Clauses for EU transfers, adequacy decisions where applicable, Binding Corporate Rules for multinational organizations, and specific authorization for sensitive data transfers. We implement additional transfer safeguards including enhanced encryption for international transfers, access controls and monitoring, regular compliance audits, data mapping and flow documentation, and impact assessments for high-risk transfers.
For European Union data subjects, we ensure GDPR compliance, provide Data Protection Officer contact information, respect your right to lodge complaints with supervisory authorities, implement specific protections for international transfers, and offer local data residency options. We also maintain compliance with local data protection laws in other jurisdictions, implement appropriate safeguards for data transfers, provide local support for data subject requests, and coordinate with local regulatory authorities as needed.
Our legal basis for processing your information includes contractual necessity for processing required to provide Wysor services, account management and billing, customer support and service delivery, and security and fraud prevention. We also rely on legitimate interests for platform improvement and optimization, business analytics and insights, marketing and communication with opt-out options, and security monitoring and threat detection. Where required, we obtain your consent for marketing communications, optional features and integrations, research participation, and data sharing beyond service provision.
You have comprehensive data subject rights including the right to be informed about data processing, access to personal data, rectification of inaccurate data, erasure or "right to be forgotten," restriction of processing, data portability, objection to processing, and rights related to automated decision-making. You can exercise these rights by contacting us through multiple channels, though identity verification is required for security. We respond within legally required timeframes, provide clear explanations of actions taken, and respect your right to appeal or file complaints.
For general privacy questions, you can reach us through our contact form at wysor.com/contact, email us at [email protected], or use our support portal if you're a logged-in user. For data subject requests, we provide a dedicated privacy request portal with a secure submission process, identity verification requirements, and status tracking and updates.
Our Data Protection Officer is available at [email protected] and responds within 5 business days for initial responses. They're available for privacy consultations and guidance on data protection matters.
If you're in the EU and have concerns about our data practices, you may contact your local data protection authority or our lead supervisory authority. Contact information for relevant data protection authorities in other jurisdictions is available upon request.
We may update this policy to reflect legal changes or platform improvements. Material changes will be communicated via email and platform notifications, with 30 days advance notice. We'll provide clear explanations of changes and their impact, with options to object or terminate service if you disagree, and assistance with data export if needed. Continued use of our services constitutes acceptance of updated terms, and previous versions are available upon request.
Company Information: Wysor AAA LLC 8 The Green STE A Dover, DE, 19901
Effective Date: January 1, 2025 Last Updated: January 1, 2025
Wysor is a trademark of AAA LLC. All rights reserved.