Privacy Policy (Plugin)

  • Home
  • Privacy Policy (Plugin)

Last Updated: 17/12/2025

1. Introduction

All DashAI WP (“we”, “our”, “the Plugin”) is designed to operate entirely inside your WordPress environment while giving you optional integrations with third-party services and AI-powered tools. We prioritize privacy, transparency, and security in every part of the plugin.

This Privacy Policy explains what information the plugin processes when it is installed, when optional Freemius opt-in or license activation occurs, and when AI features or OAuth integrations communicate with our secure cloud endpoints.

This Privacy Policy includes disclosures required by the Google API Services User Data Policy, including the Limited Use requirements.

2. Information We Collect

We only collect information necessary to operate the plugin or information that you explicitly authorize via integrations or opt-ins.

2.1 Information You Provide

OpenAI API Key (Optional)

  • Stored locally in your WordPress database (encrypted).
  • Never transmitted to our servers.

OAuth Tokens (Google, GitHub, Bitbucket, Jira)

  • Used for optional integrations.
  • Access tokens and refresh tokens are stored locally in your WordPress database (encrypted).
  • Refresh tokens are sent to our secure backend endpoint only when required to refresh access.
  • OAuth Client ID and Client Secret remain only on our server and are never shipped inside the plugin.

Configuration Data

Stored locally in your WordPress database, including:

  • Repository URLs
  • Jira project keys
  • Google Analytics property IDs
  • Other settings you manually enter

2.2 Automatically Collected Information

Plugin Usage Data (Freemius SDK)

If you accept the optional Freemius opt-in, Freemius may collect:

  • WordPress and PHP version
  • Plugin version and activation status
  • Website URL
  • Locale
  • Name and email address of the WordPress administrator performing the opt-in
  • Optional list of installed plugins and themes

This data is used exclusively for license management, product analytics, security notifications, and support.

If you skip the opt-in, the plugin continues to function normally and no environment information is shared with Freemius.

Local Error Logs

  • PHP warnings
  • Plugin-generated errors
  • Database errors

Logs are stored locally and limited to 100 entries.

2.3 Information Accessed Through Third-Party Integrations

We only access data that integrations explicitly provide via OAuth authorization.

Google Analytics

  • Read-only access to Google Analytics 4 reporting data.
  • Metrics are displayed inside the plugin interface and cached locally for performance.
  • No Google Analytics data is stored permanently on our servers.

GitHub / Bitbucket

  • Read-only access to repository commits and metadata.
  • No source code or repository data is stored.

Jira

  • Read-only access to issues and related metadata.
  • Issue content is used temporarily when you request AI-generated summaries.
  • No Jira data is stored permanently.

3. AI Features and Cloud Endpoints

Some features of All DashAI WP allow you to send selected text or data to our secure backend endpoint in order to generate AI-powered summaries or reports.

We only receive content that you explicitly choose to send, including:

  • Logs
  • Commits
  • Jira issues
  • Analytics summaries
  • System information

We do NOT collect:

  • Visitor-level analytics data
  • WordPress post or page content
  • Private website information
  • Credentials
  • Any data without explicit user action

AI Data Retention

  • Data is processed temporarily.
  • Data is not stored permanently.
  • Data is not used to train AI models.
  • Data is deleted automatically after processing.

When Analytics AI features are used, only aggregated and non-identifiable reporting metrics (such as total users, sessions, page views, and similar summary statistics) are sent. We do not send raw Google Analytics event-level data, visitor identifiers, or Google account credentials to AI providers.

4. How We Use Your Information

  • Provide plugin functionality
  • Refresh OAuth access tokens
  • Display analytics dashboards, commits, logs, and Jira issue summaries
  • Generate AI-based insights when explicitly triggered by the user
  • Process license activation and updates via Freemius
  • Improve product stability and support

We do not perform automated profiling, behavioral tracking, advertising, or marketing based on Google user data.

5. Data Storage and Security

Local WordPress Storage

  • API keys
  • OAuth tokens
  • Plugin configuration
  • Logs

All sensitive data is stored encrypted.

Freemius Storage

  • License activation details
  • Account and billing information
  • Optional usage analytics (if opted-in)

Freemius privacy policy: https://freemius.com/privacy/

Cloud Server (AI & OAuth Refresh)

  • No long-term personal data is stored.
  • OAuth credentials are kept in environment variables.
  • Refresh tokens are used only during renewal and not persisted.

6. Data Retention

  • All plugin data remains in your WordPress database until you uninstall or reset the plugin.
  • Freemius retains data according to its own privacy policy.
  • AI processing data is never retained beyond the request lifecycle.
  • Local logs are capped at 100 entries and automatically purged.

6.1 Google User Data Retention and Deletion

  • Google OAuth tokens and basic account information are stored only while the Google Analytics integration is active.
  • If you disconnect Google Analytics, access tokens, refresh tokens, and cached account data are deleted from your WordPress site.
  • Analytics reporting data is cached locally for a short period and expires automatically.
  • No Google Analytics reporting data is stored permanently on our servers.

You may revoke All DashAI WP’s access to your Google account at any time at:
https://myaccount.google.com/permissions

7. Your Rights (GDPR)

  • Right to access
  • Right to deletion
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Right to withdraw Freemius opt-in at any time

To exercise your rights, contact: support@alldashai.com

8. Cookies

  • The plugin itself does not use cookies.
  • Freemius may use cookies for licensing and checkout flows.
  • OAuth authentication flows may use temporary state cookies.

No tracking or marketing cookies are set by All DashAI WP.

9. Children’s Privacy

The plugin is not intended for individuals under 18 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of this page reflects the most recent version.

11. Contact Us

Email: support@alldashai.com
Website: https://alldashai.com

12. Google OAuth Data Disclosure

All DashAI WP uses Google OAuth only when you choose to connect optional integrations such as Google Analytics.

We comply with the Google API Services User Data Policy, including the Limited Use requirements.

12.1 Categories of Google User Data We Access

  • Basic Google account profile information (such as email address and display name) used solely to identify the connected account.
  • Google Analytics 4 reporting data (aggregated metrics and dimensions) for the properties you explicitly configure.

We do not access Gmail content, Google Drive files, Calendar data, Contacts, or any other Google user data outside the scopes required for Analytics reporting.

12.2 How Google User Data Is Used

  • Display analytics dashboards inside WordPress.
  • Maintain the Analytics connection via OAuth refresh tokens.
  • Generate insights and summaries only when requested.

12.3 Storage of OAuth Tokens

  • Stored locally in your WordPress database (encrypted).
  • Sent to our backend only during token refresh.
  • Never stored permanently on our servers.

12.4 Revoking Access

You may revoke the plugin’s access to your Google account at any time at:
https://myaccount.google.com/permissions

12.5 Minimum Scope Usage

We request only the minimum OAuth scopes required for the selected feature. If a feature is not enabled, no scopes are requested.

12.6 Sharing and Disclosure of Google User Data

We do not sell, rent, or trade Google user data.

Google user data is not transferred or disclosed to third parties, except in the following strictly limited contexts:

  • On your own WordPress site, where OAuth tokens and configuration are stored locally.
  • On our backend service at api.alldashai.com, operated by the same organization, solely to securely refresh OAuth tokens and maintain the Analytics connection.
  • By Google itself, as the provider of OAuth and Google Analytics APIs.

When AI-based analytics features are used, only aggregated and non-identifiable metrics are included in prompts sent to OpenAI using your own API key. We do not send Google account emails, raw Analytics events, or visitor-level identifiers to OpenAI.

12.7 Compliance

  • Google API Services User Data Policy
  • Limited Use Requirements
  • OAuth Verification Requirements
  • GDPR (where applicable)