Jhyro AI Legal
Privacy Policy
Effective date: July 16, 2026
1. Who operates Jhyro AI
Jhyro AI is operated by Sanjay Gallimore, trading as Jhyro AI, in Jamaica. In this Privacy Policy, “Jhyro,” “Jhyro AI,” “we,” “us,” and “our” refer to the operator of the Jhyro AI service.
Privacy questions and requests may be sent to:
galli.aiassistant@gmail.com2. What Jhyro AI does
Jhyro AI provides AI-powered business communication, customer-support, scheduling, memory, and automation services. Businesses may connect services such as WhatsApp and Google Calendar so Jhyro can answer customer messages, provide approved business information, and manage appointments.
Businesses using Jhyro are responsible for their own relationships with their customers and for providing any privacy notices or obtaining any consents required by law.
3. Information we collect
Account information
We may collect a business owner’s name, email address, login details, account identifiers, business name, telephone number, address, timezone, services, prices, opening hours, booking rules, and AI preferences.
Customer and conversation information
When a business uses Jhyro to communicate with its customers, we may process customer names, telephone numbers, message content, conversation history, inquiries, preferences, customer memories, and conversation summaries.
Booking information
We may process selected services, requested dates and times, appointment status, service duration, booking history, cancellation information, and related customer details.
Integration information
When a business connects an integration, we may process provider account identifiers, connection status, configuration details, authorization tokens, calendar identifiers, messaging identifiers, and synchronization metadata.
Secret tokens are used to provide the requested integration and are not intentionally displayed publicly.
Payment and subscription information
We may receive subscription identifiers, plan names, payment status, payment dates, failed-payment notices, and billing-period information from PayPal. Jhyro does not intentionally store complete payment-card numbers.
Technical information
We and our service providers may process IP addresses, device and browser information, timestamps, request logs, error reports, security events, and information needed to maintain and protect the service.
4. How we use information
We may use information to:
- Create and manage Jhyro accounts.
- Respond to customer messages on behalf of a connected business.
- Answer questions using business-provided settings and knowledge.
- Create, update, prevent conflicts for, and manage appointments.
- Remember relevant customer details requested by the business.
- Synchronize Jhyro bookings with connected calendars.
- Process subscriptions and enforce billing status.
- Detect abuse, troubleshoot problems, and protect the service.
- Comply with legal obligations and enforce our agreements.
5. Google Calendar data
If a business connects Google Calendar, Jhyro may request permission to:
- Identify the connected Google account and calendar.
- Read free/busy information for the selected time range.
- Create, update, and delete calendar events associated with Jhyro bookings.
- Store the connected calendar identifier, authorization credentials, event identifiers, and synchronization status.
Jhyro uses Google Calendar data only to provide and improve the user-facing scheduling and calendar synchronization features requested by the connected business.
Jhyro does not use Google Calendar data for advertising, does not sell Google user data, and does not use Google Calendar data to train generalized AI or machine-learning models.
Jhyro AI’s use and transfer to any other application of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
A user may revoke Google access through their Google Account permissions or request deletion by contacting us.
6. WhatsApp and Meta data
When a business connects WhatsApp, Jhyro may process WhatsApp Business Account identifiers, phone-number identifiers, access tokens, customer telephone numbers, incoming and outgoing messages, message timestamps, delivery information, and information needed to route messages to the correct business.
This information is used to provide automated customer support, business information, booking, memory, and human-handoff features.
Businesses must follow WhatsApp and Meta rules, including applicable customer opt-in requirements. Meta and WhatsApp process information under their own policies.
Learn about WhatsApp data privacy and security7. Artificial intelligence processing
Jhyro may send relevant message content, recent conversation history, business information, booking context, and customer details to OpenAI’s API to generate replies, identify booking details, summarize conversations, or extract useful memories.
Jhyro is designed to send only information reasonably needed for the requested AI feature. Businesses should not ask customers to submit passwords, complete payment-card numbers, government identification numbers, medical records, or other unnecessary sensitive information through Jhyro.
OpenAI states that API business data is not used to train its models by default unless the customer explicitly opts in.
Read about OpenAI business data privacy8. Service providers and disclosures
We may disclose information to service providers when necessary to operate Jhyro, including:
- Supabase for database, authentication, and backend infrastructure.
- Vercel for application hosting, deployment, and operational services.
- OpenAI for AI-powered message and information processing.
- Meta and WhatsApp for connected business messaging.
- Google for authentication and connected Calendar services.
- PayPal for subscriptions, payments, and billing status.
These providers may process information under their own agreements and privacy policies.
PayPal may act as an independent controller for information it processes in connection with its payment services. Review the PayPal Privacy Statement.
9. Legal bases and business instructions
Depending on the applicable law and context, we process information to perform a contract, follow the instructions of a Jhyro business customer, obtain consent, comply with legal obligations, and pursue legitimate interests such as operating, securing, and improving the service.
For customer conversations processed on behalf of a business, that business generally determines why and how the information is used. Jhyro generally acts as a service provider or processor for that business.
10. Data retention
We retain account, integration, customer, conversation, memory, and booking information for as long as reasonably necessary to provide Jhyro, maintain the business account, comply with legal obligations, resolve disputes, and protect the service.
Google authorization tokens are retained while the Calendar connection remains active. A user may revoke access or request deletion.
When an account or eligible information is deleted, we aim to remove it from active systems within 30 days, subject to legal, security, fraud-prevention, backup, and technical requirements. Billing records may be retained for the period required by applicable tax, accounting, and payment laws.
11. Security
We use reasonable technical and organizational measures intended to protect information, including access controls, protected server-side credentials, encrypted network connections, authentication, and separation of business records.
No internet service is completely secure. Users must protect their login credentials and immediately report suspected unauthorized access.
12. International processing
Jhyro and its service providers may process information in Jamaica, the United States, and other countries where our service providers operate. Those countries may have different data-protection laws from the user’s country.
13. Your rights and choices
Depending on applicable law, individuals may have rights to request access, correction, deletion, restriction, portability, or objection regarding their personal information.
A customer of a business using Jhyro should normally contact that business first. The business may ask Jhyro to assist with the request.
Requests may also be sent to galli.aiassistant@gmail.com. We may need to verify the requester’s identity and authority before completing a request.
View data-deletion instructions →14. Children and account eligibility
Jhyro business-owner accounts are intended for individuals who are at least 18 years old. Jhyro is not directed to children, and businesses must not knowingly use Jhyro to collect children’s information without an appropriate legal basis and any required parental or guardian consent.
15. Sale of information and advertising
Jhyro does not sell personal information or Google user data. Jhyro does not use connected Google Calendar data or private WhatsApp message content for targeted advertising.
16. Changes to this policy
We may update this Privacy Policy as Jhyro changes or legal requirements evolve. We will update the effective date and provide additional notice when required.
17. Contact
Sanjay Gallimore
Trading as Jhyro AI
Jamaica