Privacy Policy

Privacy for WordPress site owners and cloud teams

Effective date: June 29, 2026. This policy explains how Web Plura handles website, account, plugin, payment, and cloud workflow data across product-scoped services.

Plain-language summary

We separate local plugin behavior from optional cloud workflows, avoid collecting cloud passwords inside WordPress admin screens, and use product-scoped retention, deletion, and support paths. Payment processing and card handling are handled by the configured payment provider for paid subscriptions.

Scope

What this policy covers

This policy applies to Web Plura public pages, cloud account services, product account views, support flows, and plugin-connected workflows when a site owner enables them.

Who may interact with Web Plura

  • Website visitors reviewing public content, pricing, SiteCheck, documentation, or contact flows.
  • WordPress administrators using Web Plura plugins as local site agents.
  • Cloud account users managing subscriptions, reports, sites, billing, support, or product workflows.
  • Security researchers, support contacts, and legal/privacy requesters.

What this policy does not replace

Product documentation, plugin readme disclosures, the Data Processing Addendum, and customer contracts may provide additional details for specific integrations, subprocessors, service commitments, or enterprise arrangements.

Data Categories

What Web Plura may process

Account and access data

Information needed to create accounts, authenticate users, protect sessions, support teams, and enforce tenant boundaries.

  • Name, email, organization, role, and account status
  • Authentication/session metadata and security events
  • Support conversations and legal notices

Site and product workflow data

Product-scoped operational data generated when a WordPress admin chooses to use plugin workflows or cloud-connected services.

  • Site identity, product activation state, entitlement context
  • Scan, backup, restore, report, alert, and incident metadata
  • Configuration choices, job status, audit events, and retention/deletion state

Public website and diagnostic data

Limited website, form, and diagnostic data used to run public pages, route requests, prevent abuse, and improve reliability.

  • Contact and SiteCheck form submissions
  • Cookie, preference, analytics, and abuse-prevention signals
  • Request metadata such as IP address, user agent, timestamps, and error logs

Payment and subscription data

Limited billing records needed to operate paid subscriptions, customer access, invoices, taxes, refunds, and support for payment-provider-processed payments.

  • Product, plan, subscription, checkout, invoice, and transaction identifiers
  • Purchaser contact, billing country, tax, currency, and payment-status metadata
  • Refund, cancellation, chargeback, and support records related to subscription handling

Payments

How payment-provider data is handled

WPlura uses a configured payment provider for paid subscription checkout, taxes, receipts, payment processing, and payment-related buyer communications. WPlura does not directly collect or store full card numbers.

What WPlura receives

WPlura may receive billing metadata from the configured payment provider such as customer email, product, plan, subscription status, checkout, invoice or transaction identifiers, currency, tax status, refund status, cancellation status, and payment outcome. This information is used to provide account access, Pro downloads, support, receipts, cancellation, refund review, tax/legal compliance, fraud prevention, dispute handling, and accounting records.

What the payment provider controls

For payment-provider-processed transactions, the provider handles checkout, card processing, payment-method data, payment authentication, tax calculation where applicable, receipts, refund routing, and buyer billing communications. Privacy requests about provider-controlled payment data may also be submitted through that provider's privacy request tools where available.

Controls

How privacy is handled by design

Local-first where the plugin can stay local

Web Plura products are designed so local plugin capability is not automatically treated as cloud processing. Product pages and plugin disclosures explain where cloud workflows begin.

Consent and activation before cloud workflow

Cloud processing is tied to account, product, entitlement, and activation flows. The WordPress plugin must not ask for or store cloud account passwords.

Purpose-limited processing

We process data for requested product workflows, security operations, billing, support, abuse prevention, tax/legal compliance, and service reliability.

Bounded retention and deletion controls

Operational records are retained only as needed for product, security, compliance, or account purposes, with product-specific cleanup and deletion workflows.

Active Product Annexes

Product-specific privacy notes

Only Diagnostics and Revenue Shield are currently shown as active free and Pro product families on the pricing page.

Web Plura Revenue Shield

  • Revenue Shield Free and Revenue Shield Pro are the active revenue product editions currently presented on the pricing page.
  • Local processing consent and cloud processing consent are separate where the product supports both modes.
  • Customer-owned deletion controls may block plugin/cloud sync while deletion is pending or running.

Web Plura Diagnostics

  • Diagnostics Free and Diagnostics Pro are the active diagnostics product editions currently presented on the pricing page.
  • Core diagnostics are local-first where the free plugin supports local behavior.
  • Diagnostics Pro account records are used for entitlement, private download access, support, and hosted workflow history.

Rights and Contact

Access, correction, deletion, objection, and support

Data controller legal name
WPlura
Privacy email
privacy@wplura.com
Support email
support@wplura.com
Payment processor
The configured payment provider handles checkout, card processing, and payment-method data for configured paid subscriptions.
Provider privacy request path
Use the privacy request tools supplied by the payment provider for provider-controlled payment data.
Postal address
House 14, Road 1, Block A, Section 11, Mirpur, Dhaka, Bangladesh
Privacy rights request path
/contact