Last Updated: February 6, 2026
This Privacy Policy describes how WP Plugin Magic (“WPPM,” “we,” “us,” or “our”) collects, uses, and protects your personal information when you visit wppluginmagic.com (“the Website”), make purchases, participate in our community, or interact with our services.
For information about data collected by our WordPress plugins when installed on your site, please see our separate Plugin Privacy Policy.
1. Information We Collect
1.1 Information You Provide
Account registration: When you create an account on wppluginmagic.com, we collect your name, email address, and password.
Purchases: When you purchase a plugin license, we collect your name, email address, and billing information. Payment card details are processed directly by Stripe and are never stored on our servers.
Community participation: When you post in our Fluent Community, send direct messages, or interact with other members, we collect the content you create, your display name, and your profile information.
Support requests: When you contact us for support, we collect your name, email address, and the content of your communications.
Email subscriptions: If you subscribe to product updates or marketing emails through FluentCRM, we collect your email address and any preferences you provide.
1.2 Information Collected Automatically
Server logs: Our web server automatically records your IP address, browser type, operating system, referring URL, pages visited, and timestamps. These logs are used for security monitoring and troubleshooting.
Analytics: We use privacy-friendly analytics (no personal tracking, no cookies for analytics) to understand general site usage patterns such as page views and traffic sources. We do not track individual users or create behavioral profiles.
Essential cookies: We use cookies that are strictly necessary for the Website to function, including session cookies (to keep you logged in), shopping cart cookies, and security cookies. These do not require consent.
1.3 Information from Third Parties
Stripe: When you make a purchase, Stripe may share transaction confirmation details with us (such as payment status and transaction ID). We do not receive or store your full credit card number.
2. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Process your purchases and deliver license keys | Contractual necessity |
| Provide technical support | Contractual necessity |
| Send purchase confirmations and license key delivery emails | Contractual necessity |
| Manage your account on wppluginmagic.com | Contractual necessity |
| Operate and moderate the Fluent Community | Legitimate interest |
| Send product update emails (new features, security patches) | Legitimate interest |
| Send marketing emails (new plugins, promotions) | Consent (opt-in required) |
| Detect and prevent fraud or abuse | Legitimate interest |
| Comply with legal obligations (tax records, legal requests) | Legal obligation |
| Improve the Website and our services | Legitimate interest |
3. How We Share Your Information
We do not sell, rent, or trade your personal information to third parties.
We share your information only with the following service providers, who process data on our behalf:
| Service Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Name, email, payment details (processed by Stripe directly) |
| Hosting provider | Website hosting and infrastructure | All data stored on our servers |
| FluentCRM (self-hosted) | Email marketing and customer communications | Name, email, purchase history, subscription preferences |
| Gravatar (Automattic) | Community profile avatar images | MD5-hashed email address |
FluentCRM runs on our own server — it is not a third-party cloud service. Your subscriber data stays on our infrastructure.
We may also disclose information if required by law, court order, or governmental regulation, or to protect the rights, property, or safety of WPPM, our users, or the public.
4. Community and User-Generated Content
4.1 Public Content
When you post content in the Fluent Community (discussions, comments, replies), that content is visible to other community members. Your display name and profile avatar are shown alongside your posts.
Do not share sensitive personal information in community posts. Public posts may be indexed by search engines.
4.2 Direct Messages
Direct messages within the community are private between participants but are not end-to-end encrypted. We may access message content if required for safety, legal compliance, or in response to a valid content report.
4.3 Content You Share
You retain ownership of content you post in the community. By posting, you grant us a limited license to display, distribute, and store your content within the platform as described in our Terms of Service.
5. Cookies
5.1 Cookies We Use
We use only essential cookies required for the Website to function:
| Cookie | Purpose | Duration |
|---|---|---|
| Session cookie | Keeps you logged in | Session (cleared when browser closes) |
| Cart / checkout cookie | Maintains your shopping cart | Session |
| CSRF token | Protects against cross-site request forgery | Session |
| Cookie consent preference | Remembers your cookie choice | 1 year |
5.2 Cookies We Do NOT Use
- No advertising or targeting cookies
- No third-party tracking cookies
- No social media tracking pixels
- No Google Analytics or similar user-tracking analytics
5.3 Your Cookie Choices
Since we only use essential cookies, no cookie consent banner is required under GDPR. However, if we add non-essential cookies in the future, we will implement a cookie consent mechanism before doing so.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | As long as your account is active, plus 30 days after deletion request |
| Purchase records | 7 years (tax and accounting obligations) |
| License validation logs | 12 months |
| Support correspondence | 3 years after last interaction |
| Community posts | As long as the post exists (you may delete your own posts) |
| Direct messages | As long as the conversation exists (participants may delete messages) |
| Server logs | 90 days |
| Email marketing data | Until you unsubscribe, then deleted within 30 days |
After the retention period, data is deleted or anonymized.
7. Your Privacy Rights
7.1 Rights for All Users
Regardless of your location, you may:
- Access a copy of the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and personal data
- Unsubscribe from marketing emails at any time
7.2 Additional Rights for EU/EEA/UK Residents (GDPR)
If you are in the EU, EEA, or UK, you also have the right to:
- Data portability: Receive your data in a structured, machine-readable format
- Restrict processing: Request that we limit how we use your data
- Object to processing: Object to processing based on legitimate interest
- Withdraw consent: Withdraw consent for marketing emails at any time (without affecting the lawfulness of prior processing)
- Lodge a complaint: File a complaint with your local data protection authority
Response timeline: We will respond to data subject requests within 30 days. If a request is complex, we may extend by up to 60 additional days with notice.
7.3 Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know what personal information we have collected about you
- Delete your personal information
- Correct inaccurate personal information
- Opt out of sale or sharing: We do not sell or share your personal information. If this changes, we will provide a “Do Not Sell or Share My Personal Information” link.
- Non-discrimination: We will not discriminate against you for exercising your rights
Response timeline: We will acknowledge your request within 10 business days and respond substantively within 45 calendar days.
7.4 Global Privacy Control (GPC)
We honor Global Privacy Control (GPC) browser signals. If your browser sends a GPC signal, we will treat it as a valid opt-out request under applicable law.
7.5 How to Exercise Your Rights
To make a privacy request, contact us at:
- Online: wppluginmagic.com/contact
We may need to verify your identity before processing your request. We will use reasonable methods proportionate to the sensitivity of the data involved.
8. International Data Transfers
Your data is processed and stored on servers in the United States. If you are located outside the United States (including in the EU/EEA or UK), your data will be transferred to the US.
Transfer mechanisms: For personal data transferred from the EU/EEA to the United States, we rely on the EU-U.S. Data Privacy Framework where applicable, or Standard Contractual Clauses (SCCs) approved by the European Commission.
Stripe: Stripe processes payment data in accordance with its own data transfer mechanisms. See Stripe’s privacy policy at https://stripe.com/privacy.
9. Data Security
We implement reasonable technical and organizational measures to protect your personal information, including:
- HTTPS encryption for all data in transit
- Secure password hashing for account credentials
- Regular software updates and security patches
- Limited access to personal data (only authorized personnel)
No method of transmission or storage is 100% secure. If we become aware of a data breach that poses a risk to your rights and freedoms, we will notify the relevant authorities within 72 hours (GDPR requirement) and notify affected users without undue delay.
10. Children’s Privacy
wppluginmagic.com and our community are intended for users aged 18 and older. We do not knowingly collect personal information from children under 13 (or under 16 in the EU). If we learn that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us through our contact page.
11. Third-Party Links
The Website and our community may contain links to third-party websites, plugins, or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.
12. Email Communications
12.1 Transactional Emails
We send transactional emails related to your account and purchases (purchase confirmations, license key delivery, password resets, account notifications). These are necessary for the services you’ve requested and are not marketing.
12.2 Marketing Emails
With your consent, we may send marketing emails about new plugins, features, or promotions via FluentCRM. You can unsubscribe at any time by clicking the unsubscribe link in any marketing email or by contacting us.
12.3 CAN-SPAM Compliance
All commercial emails include our physical mailing address, accurate sender identification, and a clear unsubscribe mechanism. We honor unsubscribe requests within 10 business days.
13. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email to registered users and/or by posting a notice on the Website. The “Last Updated” date at the top indicates the most recent revision.
14. Contact
For questions about this Privacy Policy or to exercise your privacy rights:
WP Plugin Magic
Website: https://wppluginmagic.com/contact
This Privacy Policy applies to wppluginmagic.com and its associated services. For data collected by our WordPress plugins on your site, see our Plugin Privacy Policy. For terms governing your use of our Website and community, see our Terms of Service. For plugin licensing terms, see our Software License Agreement.