Where guest data goes, what you spend money on, and how the Concierge behaves when things go wrong. Most procurement teams will want to read this page.
Where guest data goes #
When a guest types a query or chat message into your site, the following happens:
- The text is sent from the guest’s browser to your WordPress server (HTTPS).
- Your WordPress server constructs a prompt that combines the guest’s message with your property catalog data, brand voice, knowledge base entries, and recent conversation context.
- That prompt is sent to OpenRouter (
openrouter.ai) over HTTPS. - OpenRouter routes the request to the language model you’ve selected (default: Anthropic’s Claude Sonnet 4.5).
- The model’s response comes back the same path: model → OpenRouter → your server → guest’s browser.
OpenRouter does not retain queries beyond the immediate request. They don’t train models on your data and don’t log query content. The underlying model providers (Anthropic, OpenAI, etc.) follow their own published data policies, which OpenRouter’s terms inherit.
What guest data is sent #
Each request includes:
- The guest’s message
- Recent conversation context (typically the last 5–10 exchanges in the same session)
- Your property catalog snapshot relevant to the query (titles, descriptions, amenities, photos extracted by Photo Analysis)
- Your brand voice configuration
- Knowledge base entries for properties referenced in the conversation
What is not sent:
- Guest names, emails, or phone numbers (unless the guest types them into a chat message, which is their choice)
- Booking PII (credit cards, addresses on reservations, etc.)
- Your operator credentials
- Any WordPress admin data
If you have specific regulatory requirements (HIPAA, GDPR DPA, SOC 2 audit support), contact sales@homerunner.io. We can provide documentation and customer agreements as needed.
Where Concierge data lives #
All AI Concierge configuration and historical data lives in your WordPress database:
- License key and validation status
- Brand voice text
- Knowledge base entries (per-property)
- Photo Analysis output
- Chat session log
- Search history
- Performance metrics
Nothing is stored at HomeRunner, OpenRouter, or the model provider beyond the inflight request. If you cancel your subscription, all this data remains in your WordPress database; you can re-enable it later or export it via the standard WordPress data tools.
Cost controls #
AI Concierge is priced as a flat percentage of your HR Core fee (see Pricing & Plans). You don’t pay per query.
The cost layer that can vary is the underlying language model, and we manage that for you by default.
Default cost handling #
During your trial and on most subscription tiers, AI Concierge uses a shared OpenRouter API key that HomeRunner provides. We absorb the model API costs as part of your subscription. There’s no per-query surcharge.
This works for the vast majority of operators. We size capacity against expected fleet usage and adjust subscription tiers if model costs ever materially change.
In-product cost dashboard #
The Performance tab in the admin panel shows your cost trajectory and per-feature breakdown so you can see exactly where spend is going.
Built-in cost-saving features #
These are on by default and shrink your per-query cost without affecting quality:
- Prompt caching: identical queries within a short window are served from cache, not re-routed to the model
- Token budgets per call: ceilings prevent runaway prompts from being submitted
- Selective context inclusion: only the relevant property records are included in each prompt, not the whole catalog
- Self-assessment sampling: quality grading runs on a sampled fraction of responses, not every one
Reliability and fail-safe behavior #
What happens if the AI service is down #
If OpenRouter or the underlying model is briefly unreachable:
- The Concierge logs the error silently (no admin notice, no error banner shown to guests)
- The search request falls back to standard HomeRunner search. The guest still gets results, just via the regular search engine.
- On the chat drawer, an apology message is shown (“I’m having trouble responding right now, please try again in a moment”)
- Once the service is reachable again, the Concierge resumes normally
Guests never see a broken experience. There’s no operator intervention required.
What happens if your license expires or fails to validate #
The plugin has a 30-day grace period built in:
- If license validation fails (network error, expired key, server issue), the Concierge continues working for up to 30 days
- During grace, the License tab shows a warning so you know to reconcile
- After 30 days of failed validation, the Concierge gracefully disables. Search and chat fall back to HomeRunner Core behavior.
This means you can’t be locked out of your own site by a temporary licensing issue. It also means you have time to renew without a service interruption.
What happens if the plugin crashes #
AI Concierge is built with defensive error handling on every customer-visible code path. If a fatal error occurs:
- The chat drawer hides itself rather than showing a broken UI
- Search falls back to HR Core search
- The plugin logs the error to your WordPress error log
- The rest of your WordPress site is unaffected
If you ever see broken behavior, deactivating the plugin instantly restores normal HR Core operation. Reactivation restores your settings exactly as they were. Nothing is lost.
Updates and version stability #
The plugin self-updates via WordPress’s standard plugin-update mechanism. Releases are tested on HomeRunner’s own flagship sites before being made available to subscribers. We follow semantic versioning: minor versions are backwards-compatible, major versions are announced in advance with migration guidance.
You can disable auto-update on the WordPress Plugins page if you prefer manual control over update timing.
Multi-site considerations #
If you operate multiple HomeRunner sites (multiple brands, multi-property-group setups, or franchise networks):
- Each site requires its own license activation slot
- Brand voice, knowledge base, and analytics are per-site. No cross-site data sharing by default.
- Volume discounts available. Contact sales@homerunner.io.
Compliance summaries #
For procurement, security, or legal review:
- GDPR: AI Concierge is GDPR-compliant when used as documented. We can provide a Data Processing Agreement (DPA) on request.
- CCPA: same as GDPR. No guest data is sold or used beyond the immediate request.
- PCI-DSS: AI Concierge does not handle payment data. PCI scope is unaffected.
- SOC 2: HomeRunner can provide a SOC 2 attestation summary for active subscribers. Contact support.
Questions about data, security, or cost? #
- General contact: support@homerunner.io
- Procurement / legal: sales@homerunner.io
- Security disclosure: security@homerunner.io
Last updated: 2026-05-17 · AI Concierge v1.49.4