Affplugin GDPR Compliance

Comprehensive guide to data protection rights and how to exercise them

Understanding Your Data Rights

The General Data Protection Regulation gives you substantial control over how your personal information gets handled. These aren’t just theoretical rights—they’re practical tools you can use whenever you need them.

Whether you’re using our WordPress plugins, managing your account, or just browsing our website, these protections follow you around automatically. No special setup required, no fine print to worry about.

Access Your Data

Want to see everything we know about you? You can request a complete copy of your personal information, including:

  • Account details and license information
  • Plugin usage patterns and preferences
  • Support conversations and technical logs
  • How we originally got your information

Timeline: You’ll get everything within 30 days, completely free.

Fix Incorrect Information

Spot something wrong in your account? You can correct any inaccurate or outdated information we have on file.

  • Update contact details instantly
  • Fix billing or license information
  • Complete missing profile details

How: Most changes can be made directly in your account dashboard.

Delete Your Data

Ready to move on? You can request complete removal of your personal information from our systems.

  • Full account deletion
  • Plugin usage history removal
  • Support communication cleanup

Note: Some records might stay around for legal reasons (like tax documentation), but everything else goes.

Restrict Processing

Sometimes you might want us to pause certain activities with your data while keeping your account active.

  • Temporary data processing limits
  • Selective restrictions on specific uses
  • Maintain access while limiting processing

When useful: During data accuracy disputes or when processing feels unnecessary.

Take Your Data Elsewhere

Want to switch to another service? You can get your information in a format that works with other systems.

  • Account data in JSON or CSV format
  • Plugin configurations and settings
  • Generated content and reviews

Formats available: Standard file types that import easily into other platforms.

Object to Processing

Not comfortable with certain ways we use your data? You can object to specific processing activities.

  • Marketing communications opt-out
  • Analytics and tracking preferences
  • Automated decision-making controls

Marketing: One-click unsubscribe links in every email make this simple.

How We Handle Your Information

Legal Basis for Processing

European law requires us to have valid reasons for processing your personal data. Here’s what we rely on:

Contract Performance: Most of what we do falls under this category—delivering the plugins you purchased, managing your license, providing customer support. This stuff has to happen for the service to work.

Legitimate Interests: Some activities benefit both of us, like improving our plugins based on usage patterns, preventing fraud, or keeping our systems secure. We balance these interests against your privacy rights.

Your Consent: For optional things like marketing emails or advanced analytics, we ask for your permission first. You can withdraw this consent anytime.

Legal Compliance: Sometimes the law requires us to keep certain records, like transaction data for tax purposes or responding to valid legal requests.

What Data We Actually Process

Let’s be specific about what information we handle and why:

Account Management: Your email, name, and license details help us verify you’re authorized to use the plugins and provide support when you need it. We keep this stuff as long as your account exists, plus seven years for business records.

Plugin Operations: When you generate casino reviews, we temporarily process website URLs and content through our AI services. This data doesn’t stick around on our servers—it gets processed and deleted.

Customer Support: Support conversations and technical logs help us solve problems and improve the plugin experience. We hold onto these for three years to maintain service quality.

International Data Transfers

Some of our service providers operate outside Europe, which means your information occasionally travels internationally. Here’s how we keep it protected during these transfers:

Adequacy Decisions

When possible, we work with companies in countries that the European Commission has already approved as having strong data protection standards. Think of it as pre-approved destinations for your data.

Standard Contractual Clauses

For other destinations, we use legally binding contracts that require the same level of protection as if your data never left Europe. These contracts are standardized by the European Commission and regularly updated.

Service Provider Oversight

Every company that handles your data on our behalf signs comprehensive agreements covering data security, breach notification, and compliance monitoring. We don’t just hope they’ll do the right thing—we make it contractually required.

Making Privacy Requests

Need to exercise one of your rights? The process is straightforward:

Send Your Request

Email [email protected] with your request. Be specific about which right you want to exercise and include enough information for us to locate your account.

Identity Verification

We’ll confirm you are who you claim to be using information from your account. For sensitive requests like data deletion, we might ask for additional verification.

Request Processing

Most requests get handled within 30 days. Complex situations might take up to 60 days, but we’ll let you know if that’s the case.

Response Delivery

You’ll get a complete response addressing your request. For data access requests, we’ll provide everything in a clear, structured format that’s easy to understand.

No Hidden Costs

Privacy requests don’t cost you anything. We’ve never charged fees for these requests and don’t plan to start. The only exception would be truly excessive requests (which we’ve never encountered), and even then we’d discuss it with you first.

Data Security Measures

Protecting your information isn’t just a legal requirement—it’s fundamental to running a trustworthy business. Here’s what we do to keep your data secure:

Technical Protections

  • Encryption everywhere: Your data gets encrypted when it travels between systems and when it sits in our databases
  • Access controls: Only team members who actually need access to specific data can get to it
  • Regular security audits: We test our systems regularly to find and fix potential vulnerabilities
  • Automated monitoring: Our systems watch for suspicious activity around the clock

Organizational Safeguards

  • Team training: Everyone on our team learns about data protection and security best practices
  • Privacy impact assessments: New features get evaluated for privacy implications before they go live
  • Incident response procedures: Clear protocols for handling any security issues that might arise
  • Vendor due diligence: We carefully vet any company that processes data on our behalf

Data Breach Response

Despite our best efforts, data breaches can happen to any company. If one affects your personal information, here’s what we’d do:

Immediate Response

Within 72 hours of discovering a breach, we’d notify the relevant European data protection authorities with details about what happened, how many people were affected, and what we’re doing about it.

User Notification

If the breach poses significant risk to your privacy or security, we’d contact you directly without delay. You’d get a clear explanation of what happened, what information was involved, and specific steps you could take to protect yourself.

Remediation

Beyond legal notifications, we’d focus on fixing the underlying problem, strengthening our security measures, and preventing similar incidents from happening again.

Changes to Our Practices

Privacy practices evolve as technology and regulations change. When we update how we handle your data:

  • Significant changes get announced via email to all account holders
  • We post clear notices on our website explaining what’s different
  • You get reasonable time to review changes before they take effect
  • For major changes that affect your rights, we might ask for renewed consent

We don’t make changes lightly, and we always prioritize your privacy interests when considering modifications to our data practices.

Get in Touch

Questions about your privacy rights? Need help with a data request? We’re here to help.

GDPR Requests

Email: [email protected]

Response time: Within 30 days

Include “GDPR Request” in your subject line along with which right you want to exercise.

Privacy Questions

Email: [email protected]

Response time: Within 48 hours

For general questions about how we handle your data or our privacy practices.

Technical Support

Email: [email protected]

Response time: Within 24 hours

For plugin-related issues or account management help.

Scroll to Top