Privacy Policy

We collect information you provide directly when you create an account, communicate with us, or use our services. This includes: • **Account information:** name, email address, company name, and password (stored as a hashed value). • **Billing information:** processed and stored by our payment processor (Stripe). We do not store full card numbers. • **Usage data:** license provisioning events, dashboard interactions, API call logs, and download history. • **Communications:** emails and support messages you send to us. We also collect limited technical data automatically, including IP addresses, browser type, referring URLs, and session identifiers for security and diagnostic purposes.

We use collected information to: • Operate and maintain the WP-Themer platform and member dashboard. • Process license purchases, provisioning requests, and renewals. • Send transactional emails: purchase confirmations, license keys, and renewal notices. • Respond to support requests and account inquiries. • Detect, prevent, and investigate fraud, abuse, and security incidents. • Comply with legal obligations and enforce our Terms of Service. We do not sell, rent, or share your personal information with third parties for marketing purposes.

We retain your account data for as long as your account is active. If you close your account, we will delete your personal data within 90 days, except where we are required to retain it for legal, tax, or audit purposes. License purchase records are retained for a minimum of 7 years for financial compliance.

We use a limited set of third-party services to operate the platform: • **Stripe** — payment processing. Subject to the Stripe Privacy Policy. • **Postmark** — transactional email delivery. • **Cloudflare** — DDoS protection and CDN. Cloudflare may process request metadata. • **Hetzner / AWS** — cloud infrastructure hosting. All third parties are contractually bound to process data only as directed by us and in compliance with applicable data protection law.

We use strictly necessary session cookies to authenticate logged-in users. We do not use advertising cookies or third-party tracking pixels. A session cookie is deleted when you close your browser or log out.

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; restrict or object to processing; and request data portability. To exercise any of these rights, email legal@wp-themer.com. We will respond within 30 days.

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, and role-based access controls on all internal systems. We conduct regular security reviews and promptly investigate any reported vulnerabilities.

We may update this Privacy Policy from time to time. If material changes are made, we will notify account holders by email at least 14 days before the change takes effect. Continued use of the platform after that date constitutes acceptance of the updated policy.

For privacy-related questions or requests, contact us at legal@wp-themer.com or write to: WP-Themer Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.