Last Updated: February 6, 2026
This Plugin Privacy Policy describes what data WP Plugin Magic (“WPPM,” “we,” “us,” or “our”) plugins collect, transmit, and store when installed on your WordPress site. This policy covers all plugins developed and sold by WP Plugin Magic.
This policy is separate from our Website Privacy Policy (which covers wppluginmagic.com) and our Software License Agreement. For questions about data collected when you visit our website or make a purchase, see our Website Privacy Policy.
1. Overview
WP Plugin Magic plugins are designed to respect your privacy and the privacy of your site’s users. Our guiding principles:
- No telemetry. We do not collect usage analytics, track user behavior, or monitor how you use our plugins.
- Minimal data transmission. The only routine data sent to our servers is for license key validation.
- No selling of data. We do not sell, rent, or share any data collected by our plugins with third parties.
- Local-first. Most plugin data stays in your WordPress database and never leaves your server.
2. License Validation (All Plugins)
All WP Plugin Magic plugins with a License Key periodically contact our server to verify your license status.
2.1 When Validation Occurs
- On plugin activation
- On periodic checks (cached for 1-3 hours to minimize requests)
- On plugin deactivation
- When checking for available updates
2.2 Data Transmitted
| Data | Purpose |
|---|---|
| License Key | Verify your purchase is valid |
| Site URL (WordPress home_url) | Confirm the site is within your license tier’s site limit |
| WordPress version | Ensure update compatibility |
| PHP version | Ensure update compatibility |
| Plugin item ID | Identify which plugin is checking in |
| Plugin version | Determine if an update is available |
2.3 What We Do NOT Collect
- No site content, posts, pages, or media
- No user accounts, names, emails, or passwords from your site
- No visitor or traffic data
- No server IP addresses, hostnames, or hosting provider information
- No information about other installed plugins or themes
2.4 Where This Data Goes
License validation requests are sent to https://wppluginmagic.com/ and processed on our servers. This data is used solely for license management and is not shared with any third party.
3. Plugins That Store or Transmit Personal Data
Most WPPM plugins store only configuration settings locally. The following plugins handle data that may include personal information.
3.1 FC Partner
What it does: Manages a partner/affiliate program within FluentCommunity.
Personal data involved:
- Partner name, email address, and avatar (read from FluentCRM subscriber data)
- Lifetime value (LTV) and monthly revenue (stored as FluentCRM custom fields)
- Gravatar avatar images (retrieved using MD5-hashed email address)
Where data is stored: Your WordPress database (via FluentCRM custom fields). No additional custom tables are created.
External connections:
- Gravatar (gravatar.com): MD5-hashed email addresses are sent to Gravatar to retrieve avatar images. Gravatar is operated by Automattic. Their privacy policy: https://automattic.com/privacy/
- wppluginmagic.com: License validation only (see Section 2)
Public display: Partner names, avatars, and tier badges may be displayed publicly on your community portal, depending on your configuration. Financial metrics (LTV, monthly revenue) are used internally for tier calculations and are not displayed publicly.
3.2 DMs for FluentCommunity
What it does: Bridges FluentCRM automations with FluentCommunity direct messaging.
Personal data involved:
- Accesses FluentCRM subscriber data (email, name, SmartCode fields) to send targeted direct messages within FluentCommunity
Where data is stored: This plugin does not create its own data storage. It reads existing FluentCRM subscriber data and sends messages through FluentCommunity’s built-in messaging system.
External connections: License validation only (see Section 2). No other external connections.
3.3 Unique Codes for FluentCart
What it does: Generates and manages unique coupon codes for FluentCart, with optional assignment to specific users.
Personal data involved:
- Email addresses stored in a custom database table (
wp_ucfc_codes), tied to coupon codes
Where data is stored: Your WordPress database in two custom tables. Email addresses are stored when codes are assigned to specific users.
External connections: License validation only (see Section 2). No other external connections.
3.4 AI Content Curator (Free and Pro)
What it does: Fetches RSS feed content and uses AI to summarize or rewrite articles.
Personal data involved: This plugin does not collect personal data from your site’s users. However, it transmits content to external AI services.
Where data is stored: Article content and feed configurations are stored in your WordPress database in two custom tables (wp_aicc_articles, wp_aicc_feeds). API keys are stored encrypted using AES-256-CBC.
External connections:
| Service | When | Data Sent |
|---|---|---|
| Google Gemini (Free + Pro) | On-demand during article summarization | Article content (up to 95K characters), prompt instructions, your API key |
| Anthropic Claude (Pro only) | On-demand during article summarization | Article content, prompt instructions, your API key |
| OpenAI (Pro only) | On-demand during article summarization | Article content, prompt instructions, your API key |
| xAI / Grok (Pro only) | On-demand during article summarization | Article content, prompt instructions, your API key |
| Mistral (Pro only) | On-demand during article summarization | Article content, prompt instructions, your API key |
Important: You provide your own API keys for these services. Content is only sent when you initiate a summarization action — never automatically. Each AI provider has its own privacy policy and data retention practices. We recommend reviewing the privacy policy of whichever AI service you choose to use.
4. Plugins That Do NOT Handle Personal Data
The following plugins store only configuration settings in your WordPress database and make no external connections beyond license validation.
| Plugin | What It Stores | Storage Location |
|---|---|---|
| Weather for FluentCommunity | Latitude, longitude, location name, display settings | wp_options |
| Theme Switcher with MDI | Theme settings, icon configurations | wp_options (server) + localStorage (browser) |
| Price Widget for FluentCart | Widget display configurations | Custom table (wp_pwfc_widgets) |
| Product Manager for FluentCart | Product variations, bundles, bump settings | wp_options |
Weather data: The Weather widget fetches weather information from weather.gov via client-side JavaScript in the user’s browser. This request goes directly from the visitor’s browser to weather.gov — it does not pass through your server or ours.
5. Data Retention
5.1 License Validation Logs
We retain license validation logs on our servers for up to 12 months for the purpose of license management, abuse detection, and technical troubleshooting. Logs include the data described in Section 2.2.
5.2 Plugin Data on Your Site
All data stored by WPPM plugins in your WordPress database remains under your control. You can delete plugin data by:
- Deactivating and deleting the plugin (some plugins include a “delete data on uninstall” option)
- Manually removing custom database tables created by the plugin
- Using WordPress database management tools
5.3 AI Content Curator Content
Article content cached by AI Content Curator is stored indefinitely in your WordPress database until you manually delete it. We recommend periodically reviewing and removing articles you no longer need.
6. Data Subject Rights (GDPR / CCPA)
6.1 For Data on Our Servers
If you are a WPPM customer and wish to exercise your data rights regarding license validation data stored on our servers:
- Access: Request a copy of the data we hold about your license
- Deletion: Request deletion of your license validation logs
- Rectification: Request correction of inaccurate data
- Data portability: Request your data in a structured, machine-readable format
- Opt-out of sale/sharing (CCPA): We do not sell or share your personal information with third parties. If this ever changes, we will provide a clear opt-out mechanism.
Contact us through our contact page. We will respond within 30 days (GDPR) or 45 days (CCPA).
6.2 For Data on Your Site
WPPM plugins store data in your WordPress database, on your server. You are the data controller for this data. We do not have access to your WordPress database.
If one of your site’s users makes a data subject request (e.g., asking to see or delete their data), you are responsible for fulfilling that request. The following plugins may contain personal data relevant to such requests:
- FC Partner: Partner name, email, LTV data in FluentCRM custom fields. Note: This plugin does not currently include a built-in data deletion or export tool. To remove partner data, you will need to delete the relevant FluentCRM custom fields and subscriber data manually.
- Unique Codes for FluentCart: Email addresses tied to coupon codes in the
wp_ucfc_codestable. Note: This plugin does not currently include a built-in data deletion tool. To remove email data, you will need to delete records from the database table directly. - DMs for FluentCommunity: Messages sent through FluentCommunity’s messaging system
7. Children’s Privacy
WP Plugin Magic plugins are tools for WordPress site administrators and developers. They are not directed at children under 13 (or under 16 in the EU). We do not knowingly collect personal data from children through our plugins.
8. International Data Transfers
License validation data is transmitted to and processed on servers in the United States. If you are located in the EU/EEA or UK, this constitutes an international data transfer.
Legal basis: The lawful basis for this processing is legitimate interest (license management and software anti-piracy). The transfer is necessary for the performance of your license agreement with us.
Transfer mechanism: For EU/EEA personal data transferred to the United States, we rely on the EU-U.S. Data Privacy Framework where applicable, or Standard Contractual Clauses (SCCs) approved by the European Commission. If you require a copy of the applicable transfer mechanism, contact us through our contact page.
If you use AI Content Curator, article content is transmitted to the AI provider you configure. The data transfer terms for those services are governed by your direct agreement with each provider, as you supply your own API key.
9. Security
We take reasonable measures to protect data transmitted during license validation:
- All license validation requests use HTTPS (encrypted in transit)
- API keys stored by AI Content Curator are encrypted at rest using AES-256-CBC
- We do not store passwords, payment information, or sensitive personal data from your site
10. Changes to This Policy
We may update this Plugin Privacy Policy to reflect changes in our plugins, data practices, or legal requirements. Material changes will be communicated via our website and/or email to active license holders. The “Last Updated” date at the top indicates the most recent revision.
11. Contact
For questions about this Plugin Privacy Policy or how our plugins handle data:
WP Plugin Magic
Website: https://wppluginmagic.com/contact
This policy applies to all WP Plugin Magic plugins listed in Section 3 and Section 4. Launch for FluentCart (FC Launch) is currently in development and not yet available for sale. When released, this policy will be updated to cover its data practices. As other new plugins are released, this policy will also be updated accordingly.