Last updated: December 2025. AI Search is committed to protecting your privacy. This policy explains how our WordPress plugin handles data between your website and our external AI service.
What Data We Collect
Content Data (for embeddings)
- Post titles and content
- Custom field values (only fields you select)
- WooCommerce product data (descriptions, categories, attributes)
This content is sent to our AI service to generate vector embeddings for semantic search.
Where Data Is Processed
AI Search Service
- Hosted on Railway (US-based infrastructure)
- Content is processed to generate embeddings only
- We do not store your content after processing
- Embeddings are returned to your site and stored locally
Your WordPress Database
- Embeddings stored as post meta
- Analytics stored in a custom table
- All data remains on your server
What We Don’t Collect
- Personal user information (names, emails)
- Payment or billing data
- User accounts or passwords
- Browsing history beyond search queries
- Data from non-search pages
Data Retention
- Embeddings: Stored indefinitely until you clear cache or delete posts
- Analytics: Stored until you manually clear them
- Transient cache: Auto-expires after 30 days
Your Rights
Site Administrators can:
- Clear all cached embeddings via Settings → AI Search → Cache
- Use their own OpenAI API key instead of our service. In this case, we don’t handle any data.
Site Visitors:
- Search queries are logged anonymously
- No personal identification is possible from stored data
Third-Party Services
AI Search Service (default)
- Endpoint:
https://ai-search-service-production.up.railway.app/ - Purpose: Generate text embeddings
- Data sent: Text content only
- No data retention after processing
OpenAI
- Used only if you provide your own API key
- Subject to OpenAI’s Privacy Policy
GDPR Compliance
AI Search is designed with privacy in mind:
- Data can be deleted at any time
- No personal data collection from visitors
- IP addresses are hashed before storage
- Site owners control all data