Privacy Policy for WP AI Blogger Server
(Internal Tool)

This Privacy Policy outlines how the “WP AI Blogger Server” WordPress plugin (“the Plugin”) collects, uses, and protects data when connecting to Google services via OAuth.

Purpose of the Plugin:
The Plugin is an internal-use tool deployed on our dedicated WordPress site. Its function is to facilitate advanced content generation and AI model management using Google’s Generative AI services for our internal development and content teams. This plugin is not publicly accessible or distributed to end-users. It specifically supports advanced capabilities such as managing AI model instances, fine-tuning custom models, and integrating retrieval-augmented generation (RAG) from internal knowledge bases.

Data Collected via Google OAuth:
When an internal administrator or developer authorizes the Plugin through Google OAuth, the Plugin requests and collects access to the following Google user data, which is essential for its operation:

  • Google Account Email Address (email scope): This identifies the authorizing internal team member’s Google account for authentication with the Google Generative AI and Cloud Platform APIs. It links the Plugin’s API usage to our Google Cloud Project for management, monitoring, and billing.
  • Basic Profile Information (profile scope): Includes the name associated with the Google account. This information may be used internally for administrative purposes or to personalize the Plugin’s interface within the WordPress admin (e.g., “Welcome, [Admin Name]!”).
  • Authentication Data (openid scope): This is standard data required for secure user authentication as part of the Google Sign-In process.
  • Google Cloud Platform Access (https://www.googleapis.com/auth/cloud-platform): This broad scope is necessary for the Plugin to manage and interact with core Google Cloud Platform resources that underpin our advanced AI content generation infrastructure. This includes accessing AI model instances, managing training datasets in associated storage buckets (e.g., Google Cloud Storage), and overseeing other cloud resources directly related to our generative AI workflows within our designated Google Cloud Project.
  • Generative Language Tuning Access (https://www.googleapis.com/auth/generative-language.tuning): This scope allows the Plugin to manage and initiate the fine-tuning of custom Gemini models. This enables us to train specialized AI models with our proprietary datasets, enhancing the quality and relevance of generated content for specific internal needs.
  • Generative Language Retriever Access (https://www.googleapis.com/auth/generative-language.retriever): This scope provides access to Google’s Generative Language Retriever services. The Plugin leverages this to implement Retrieval-Augmented Generation (RAG) by accessing designated internal knowledge bases, ensuring the AI content is factual and aligns with our specific information requirements.
  • Offline Access (offline_access scope): This provides a refresh token, allowing the Plugin to maintain a persistent connection to Google services for continuous operation without requiring manual re-authentication by an administrator.

How Data is Used:

The collected data is used exclusively for:

  • Authenticating the Plugin’s access to Google’s Generative AI and Cloud Platform APIs.
  • Linking API usage to our Google Cloud Project for internal management, monitoring, and billing.
  • Enabling the Plugin’s core functionality of AI content generation, including advanced model tuning and RAG capabilities.
  • Maintaining a persistent, authorized connection to Google services for uninterrupted internal operations.
  • Providing basic personalization within the WordPress admin dashboard for internal team members.

Data Storage and Security:
All authentication tokens (access and refresh tokens) and minimal profile data are stored securely within our WordPress database on our server. We implement appropriate technical and organizational security measures to protect this data from unauthorized access, disclosure, alteration, or destruction. Access to this data is restricted to authorized personnel only.

Data Sharing:
No personal data collected via this Google OAuth integration is shared, sold, or rented to any third parties. The Plugin does not process or collect any personal data from our end-users who consume content via our separate services, as its operation is purely internal.

Data Retention:
We retain the collected Google OAuth data (such as refresh tokens and associated identifiers) only for as long as necessary to maintain the Plugin’s authorized connection to Google APIs and fulfill its operational purposes. Data is deleted when no longer required or upon de-authorization of the Plugin.

User Rights:
Internal administrators whose Google accounts are linked to the Plugin can review, manage, or revoke the Plugin’s access to their Google account at any time through their Google Account security settings. De-authorizing the Plugin will remove the stored credentials from our system.

Changes to This Privacy Policy:
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify admins of any significant changes.

Contact Information:
For any questions or concerns regarding this Privacy Policy or our data practices, please contact our internal IT department at [wpsolvex@gmail.com] or [http://wpsolvex.com/].