Legal

Privacy policy

How SmartHoneyAI limits, protects, retains, and deletes security telemetry during the controlled pilot.

Effective date: 12 July 2026

What we collect

We store account and organization details needed to operate the service, site connection health, audit activity, and suspicious security events reported by connected plugins. Normal WordPress browsing traffic is not collected.

Security event minimization

Cookies, authorization headers, passwords, session identifiers, credentials, and tokens are removed. Headers and request excerpts are capped. External AI inference receives redacted normalized evidence and never receives a visitor IP address.

Purpose and retention

Security events and full IP addresses are retained for up to 30 days for detection and investigation. Non-identifying aggregate analytics may be retained for 13 months, and audit records for 400 days.

Service providers and transfers

Approved infrastructure and AI providers process limited data under contractual safeguards. Where processing crosses borders, we disclose the provider and apply controls consistent with Malaysia's personal data protection principles.

Your choices

Organization owners can request access, correction, export, or deletion of personal data. Certain security and audit records may be retained where necessary to protect the service or meet legal obligations.

Contact

Privacy questions may be sent to privacy@smarthoneyai.xyz.