Who this is for
The extension is used by AILA's customers (“vendors”) to connect their own accounts. It is not intended for, and does not knowingly collect data from, anyone who is not an authenticated AILA vendor acting on their own accounts. AILA is a business tool and is not directed to children.
What the extension accesses
- Your AILA sign-in.
- When you sign in (with Google or an email and password), the extension receives a Firebase authentication token and your email address to identify your AILA account.
- Your WeddingPro / The Knot Pro session.
-
On those sites, while you are logged in, the extension reads your own session cookie
(
TK_SESSION) so AILA can retrieve and answer your leads. - Your Zola vendor session.
- Zola authenticates its vendor console with tokens sent as request headers rather than a cookie. On zola.com, the extension reads those tokens (an id token, a refresh token, and a CSRF token) from your own outgoing requests for the same purpose.
The extension only reads credentials for accounts you are logged into. It does not read your browsing history, and it does not access any site other than the lead sources listed above and AILA's own services.
Calendar access (Google and Microsoft)
To offer tour and consultation times and put booked appointments on your calendar, you can connect a Google Calendar or a Microsoft (Outlook) calendar to AILA through the provider's own consent screen (OAuth). With that permission, AILA:
- checks availability on the calendars you select, so it only offers times that are open, and
- creates, updates, and cancels events for the tours and consultations booked through AILA.
Calendar access tokens are stored encrypted and used only for the purposes above. Your calendar data is never used for advertising, is never sold, and is not used to develop, improve, or train generalized AI or machine-learning models. Our staff do not read your calendar data except with your permission (for example, to resolve a support issue you raise), when necessary for security or abuse investigations, or where required by law.
AILA's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We apply the same commitments to data accessed from your Microsoft account.
You can disconnect a calendar at any time from the AILA console, or revoke AILA's access directly from your Google Account permissions or your Microsoft account's app permissions.
How the information is used
These credentials are used solely to operate the service you signed up for: connecting your lead-source accounts to AILA so the assistant can read incoming inquiries and send replies on your behalf. They are not used for advertising, profiling, or any purpose unrelated to running AILA.
How it is stored and transmitted
- All data is sent over HTTPS to AILA's API and nowhere else.
- On AILA's servers, channel and calendar credentials are stored encrypted and used only to poll and reply to your leads and to manage the bookings AILA makes.
- In the extension, your long-lived Zola refresh token is held only in memory and is never written to disk. Only your AILA session token, your vendor identifier, and a non-sensitive “connected” flag are kept in the browser's local extension storage, and they are cleared when you sign out.
Sharing
We do not sell your data, and we do not share it with third parties for their own purposes. Data is processed by the infrastructure providers that run AILA (Google Cloud and Firebase, and Anthropic for AI responses) strictly to deliver the service.
Your control
You can disconnect a channel or calendar, or pause AILA, at any time from the AILA console; you can revoke calendar access from your Google or Microsoft account settings; and you can sign out of the extension to clear its stored credentials. To request deletion of your account and associated data, contact us at the address below.
Cookies on this website
This website (bookwithaila.com) sets no cookies and runs no third-party analytics or advertising trackers.
Changes to this policy
If we make material changes, we will post the updated policy here and revise the effective date at the top of this page.
Contact
Questions about this policy or your data: [email protected]