California Privacy Rights

Your comprehensive guide to CCPA protections and how to use them

For California Residents

The California Consumer Privacy Act gives you specific rights over how businesses handle your personal information. These protections apply whether you’re using our WordPress plugins, managing your account, or just visiting our website.

We’ve designed our systems to make exercising these rights straightforward. No bureaucratic runaround, no hidden fees, no unnecessary delays. Your privacy rights should be practical tools you can actually use when you need them.

Your California Privacy Rights

Know • Access • Delete • Correct • Opt-Out • Limit

K
Know What We Collect

You can find out exactly what personal information we’ve collected about you, including:

  • Account information and license details
  • Plugin usage patterns and settings
  • Support communications and technical logs
  • Payment information processed through our payment provider
  • Website analytics and interaction data

How to request: Email [email protected] with “Information Request” in the subject line. We’ll provide a comprehensive report within 45 days at no charge.

A
Access Your Data

Get a complete copy of your personal information in a portable format that you can use elsewhere. This includes:

  • All account and profile information
  • Plugin configurations and preferences
  • Generated content and review data
  • Communication history with our team

Format options: We can provide your data in JSON, CSV, or XML formats depending on your needs.

D
Delete Your Information

Request removal of your personal information from our systems. We’ll delete:

  • Account information and preferences
  • Plugin usage history and logs
  • Support communications
  • Generated content stored on our systems

Important note: Some information might be retained for legal compliance (like transaction records for tax purposes), but we’ll delete everything else within 45 days.

C
Correct Inaccurate Data

Fix any incorrect personal information we have on file. You can update:

  • Contact information and account details
  • License and billing information
  • Communication preferences
  • Plugin settings and configurations

Quick updates: Many corrections can be made directly through your account dashboard without needing to submit a formal request.

O
Opt-Out of Data Sharing

We don’t sell your personal information for money, but we do share some data with service providers. You can opt out of:

  • Analytics and tracking for marketing purposes
  • Data sharing with advertising partners
  • Cross-context behavioral advertising
  • Third-party integrations for non-essential services

Global Privacy Control: We automatically honor GPC browser signals, so enabling this setting in your browser opts you out automatically.

L
Limit Use of Sensitive Information

We generally don’t collect sensitive personal information, but when we do, you can limit how we use it. This covers:

  • Account login credentials (used only for authentication)
  • Payment information (processed only for transactions)
  • Support communications containing personal details

Current practice: We already limit sensitive information use to necessary business purposes only.

Making Privacy Requests

Identity Verification

To protect your privacy, we need to verify you’re authorized to make requests about specific personal information:

For Basic Information Requests:

We’ll match at least two pieces of information from your account (like email address and account creation date).

For Sensitive Requests (deletion, detailed data access):

We’ll match at least three pieces of information and may ask for additional verification to ensure account security.

For Account Holders:

If you have an active account with us, we’ll use your existing login credentials as the primary verification method.

Request Timeline

  • Acknowledgment: We’ll confirm receipt of your request within 10 business days
  • Response: Most requests are completed within 45 days
  • Complex requests: May take up to 90 days (we’ll notify you if this applies)
  • Opt-out requests: Processed within 15 business days

Authorized Representatives

Someone else can make privacy requests on your behalf if they have:

  • Written authorization from you (signed and dated)
  • Proof of their authority (power of attorney or similar documentation)
  • Their own identity verification

We may also require direct confirmation from you before processing requests from authorized representatives.

What Information We Collect

Here’s what personal information we’ve collected in the past 12 months and how we use it:

Identifiers

What: Name, email address, account username, IP address

Sources: Directly from you during account creation, automatically from your device

Use: Account management, customer support, service delivery, security monitoring

Shared with: Customer support tools, email service providers

Commercial Information

What: Purchase history, license information, subscription details, plugin preferences

Sources: Transaction records, account settings, plugin usage

Use: License verification, billing management, product improvement, customer support

Shared with: Payment processors, license verification systems

Internet Activity

What: Website browsing patterns, plugin interactions, feature usage, technical logs

Sources: Website analytics, plugin telemetry, server logs

Use: Product improvement, bug fixes, user experience optimization, security monitoring

Shared with: Analytics platforms (with data processing agreements)

Professional Information

What: Company name, website URL, business type (for business customers only)

Sources: Voluntarily provided during account setup or support interactions

Use: Customer service, product recommendations, business development

Shared with: Customer support platforms only

Information We Don’t Collect

We don’t intentionally collect sensitive personal information like:

  • Social Security numbers or government ID numbers
  • Financial account details (beyond what’s processed by our payment provider)
  • Health or medical information
  • Biometric or genetic data
  • Precise geolocation data
  • Personal communications content (unless you contact our support team)

Service Providers and Data Sharing

We work with several categories of service providers who process personal information on our behalf:

Required Contractual Protections

Every service provider must agree to:

  • Use your information only for the specific services they provide to us
  • Implement appropriate security measures
  • Not retain your information longer than necessary
  • Not share your information with unauthorized parties
  • Notify us immediately of any data security incidents
  • Return or delete your information when our contract ends

Categories of Service Providers

Payment Processing

Provider: LemonSqueezy and associated payment processors

Data processed: Transaction information, billing details

Purpose: Secure payment processing and subscription management

AI and Content Services

Providers: OpenRouter.ai, Anthropic, screenshot service APIs

Data processed: Website content for review generation, screenshots for visual content

Purpose: AI-powered content creation and visual asset generation

Cloud Infrastructure

Purpose: Website hosting, data storage, backup services

Data processed: All categories of personal information (as subprocessors)

Protections: Enterprise-grade security, encryption, access controls

Customer Support

Purpose: Help desk operations, communication management

Data processed: Support requests, account information, communication history

Access level: Limited to support team members only

Data Retention

We keep your personal information only as long as necessary for business purposes and legal requirements:

  • Account information: Active subscription period plus 90 days, then archived for 7 years (business records)
  • Plugin usage data: 24 months, then aggregated and anonymized
  • Support communications: 3 years for service quality and training purposes
  • Transaction records: 7 years for tax and regulatory compliance
  • Marketing data: Until you opt out or 3 years of inactivity, whichever comes first
  • AI processing data: Immediately deleted after content generation (no retention)
  • Security logs: 12 months for incident investigation and prevention

Secure Deletion Process

When we delete your information:

  • Data is permanently removed from active systems using secure deletion methods
  • All service providers are instructed to delete their copies
  • Information is removed from backup systems during regular rotation cycles
  • We maintain deletion logs for audit purposes (without storing the deleted data)

Non-Discrimination Policy

We will not discriminate against you for exercising your California privacy rights. This means we won’t:

  • Deny service: You’ll continue to have full access to our plugins and features
  • Change pricing: No different rates or charges based on privacy requests
  • Reduce service quality: Same level of support and functionality for everyone
  • Suggest penalties: No implications that exercising rights will hurt your experience

Financial Incentive Programs

We may offer occasional promotions that involve personal information (like email signup discounts). These programs are:

  • Voluntary: You can participate or not, entirely your choice
  • Clearly disclosed: Terms, benefits, and data use explained upfront
  • Withdrawable: Opt out anytime without penalty
  • Proportional: Benefits reasonably related to the value of information provided

Global Privacy Control

We automatically recognize and honor Global Privacy Control (GPC) signals from your browser or device. When GPC is enabled:

  • We automatically opt you out of data sharing for advertising purposes
  • No additional verification or manual requests needed
  • Settings are processed immediately when we detect the signal
  • Applies to all future data sharing until you change your GPC settings

Enabling GPC

Most modern browsers and privacy tools support GPC through:

  • Browser privacy settings or preferences
  • Privacy-focused browser extensions
  • Mobile app privacy controls
  • Operating system-level privacy settings

Updates and Changes

We review our privacy practices regularly and update them when necessary. For any material changes that affect your rights:

  • Email notification: Sent to all active account holders
  • Website notice: Prominent banner on our homepage for 30 days
  • Grace period: 30 days before changes take effect
  • Opt-out options: Additional choices if changes involve new data uses

We don’t make privacy changes lightly, and we always consider the impact on your rights and expectations when evaluating potential modifications.

California Privacy Contacts

Questions about your rights? Need help with a privacy request? We’re here to make the process simple.

Privacy Rights Requests

Email: [email protected]

Subject line: Include which right you want to exercise

Response time: Acknowledgment within 10 days, completion within 45 days

General Privacy Questions

Email: [email protected]

Response time: Within 48 hours

For questions about our privacy practices or how we handle California resident data.

Technical Support

Email: [email protected]

Response time: Within 24 hours

For plugin-related issues, account management, or technical assistance.

Scroll to Top