Privacy Policy

Last updated: April 2026

AI WP Coder ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our platform and services, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data We Collect

We collect the following personal data when you register and use our services:

  • Account information: name, email address, company name (optional)
  • Billing information: address (line 1, line 2, city, county, postcode, country), phone number, VAT number (optional)
  • Payment information: payment details are processed securely by Stripe. We do not store your full card details on our servers. We store only a Stripe customer ID for recurring transactions.
  • Order data: details of the plugins/themes you request, including specifications and uploaded files
  • Technical data: IP address, browser type, and usage data collected automatically when you visit our site

2. How We Use Your Data

We use your personal data for the following purposes:

  • To create and manage your account
  • To process and fulfil your orders
  • To process payments via Stripe
  • To communicate with you about your orders and change requests
  • To provide customer support
  • To send marketing communications (only where you have opted in)
  • To improve our services and platform
  • To comply with legal obligations

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: processing necessary to fulfil our contract with you (e.g., processing orders, delivering products)
  • Legitimate interest: processing necessary for our legitimate business interests (e.g., improving our services, preventing fraud)
  • Consent: where you have given consent (e.g., marketing communications)
  • Legal obligation: where processing is required by law (e.g., tax records)

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. Specifically:

  • Account data is retained while your account remains active
  • Order data is retained for 7 years for tax and legal compliance
  • Marketing preferences are retained until you withdraw consent

You may request deletion of your account and associated data at any time, subject to our legal retention obligations.

5. Cookies

Our platform uses essential cookies to maintain your session and ensure the site functions correctly. These are strictly necessary and do not require consent. We do not use advertising or tracking cookies.

6. Third Parties

We share your data with the following third-party services, only as necessary to provide our services:

  • Stripe: payment processing. Stripe acts as an independent data controller for payment data. See Stripe's Privacy Policy.
  • Redmine: internal project management for tracking orders and change requests. Access is restricted to authorised staff.

We do not sell your personal data to any third parties.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate data
  • Right to erasure: request deletion of your data (subject to legal obligations)
  • Right to restrict processing: request limitation of how we use your data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to processing based on legitimate interests or for marketing
  • Right to withdraw consent: withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at the details below. We will respond within one month.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/SSL), secure server infrastructure, and access controls.

9. International Transfers

Your data is primarily stored and processed within the United Kingdom. Where data is transferred outside the UK (e.g., via Stripe), appropriate safeguards are in place in accordance with UK GDPR requirements.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "last updated" date at the top of this page indicates when the policy was last revised.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Last updated: 3 April 2026