Skoro

Legal

Privacy Policy

Last updated: June 2026

Skoro (“Skoro”, “we”, “us”) builds an AI chat widget for service businesses. We respect your privacy and only collect what we need to run the product. This policy explains what we collect, why, and your rights.

1. Data we collect

From the businesses who use Skoro (our customers):

  • Account info: business name, owner email, password (stored as a bcrypt hash).
  • Billing info: name, email, and last 4 digits of card — processed by Stripe. We never store full card numbers.
  • Configuration data: pricing catalog, custom branding, knowledge-base content.
  • Usage logs: lead counts, API requests, sign-in events.

From website visitors who chat with the widget (our customers' customers):

  • Information you type into the chat: name, phone, email, project details, photos you upload.
  • Session metadata: timestamp, IP-derived country (not IP itself), browser type.

2. How we use it

  • To run the AI chat, generate quotes, and save leads to the business's dashboard.
  • To send transactional emails (verification, password reset, billing receipts, lead notifications).
  • To improve product quality and detect abuse.
  • We do not sell or rent your data. We do not train AI models on your data.

3. Sub-processors

We use a small number of trusted third parties to operate the service:

  • OpenAI — powers the AI chat. Conversations are sent to OpenAI's API. OpenAI does not train on API data.
  • Stripe — payment processing. Card data flows to Stripe, never to us.
  • Resend (or your configured SMTP) — outbound email delivery.
  • Cloud hosting providers for our database and servers.

4. Where data is stored

Data is stored on encrypted servers in the EU and US. We use industry-standard encryption in transit (TLS) and at rest. Authentication tokens are signed with HMAC-SHA256.

5. How long we keep data

  • Account + billing data: as long as your account is active, plus 7 years for tax records.
  • Lead data: as long as the business's account is active. Businesses can delete leads at any time.
  • Conversation logs: 90 days, then purged unless attached to a saved lead.
  • Backup retention: 30 days.

6. Your rights (GDPR / CCPA)

You have the right to:

  • Access a copy of your data.
  • Correct inaccurate data.
  • Delete your account and all associated data.
  • Port your data to another service.
  • Object to processing, including opting out of analytics.

Email privacy@meetskoro.com with any of these requests — we respond within 30 days.

7. Cookies

We use a small number of strictly-necessary cookies (authentication tokens, session preferences). No tracking or advertising cookies. See our cookie banner on first visit.

8. Changes to this policy

We'll email all active customers before any material changes. Continued use after the update means you accept the new terms.

9. Contact

Questions or requests: privacy@meetskoro.com
Mailing address: Skoro, Sofia, Bulgaria