Special Offer — Get 30% OFF our Gladiator plan! Unlock Offer →

Privacy Policy

Privacy Policy

Last Updated: March 1, 2026

wpresstheme (“we”, “us”, “our”) operates the website at https://wpresstheme.online. We are committed to protecting your privacy and handling your data responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Services.

1. Information We Collect

1.1. Account Information: When you register, we collect your username, email address, and display name. Email is verified via One-Time Password (OTP) during registration.

1.2. Payment Information: Payments are processed by Whop. We do not directly store credit card numbers, CVVs, or full payment card data. We receive transaction confirmations, plan identifiers, and payment amounts from Whop.

1.3. Usage Data: We collect download history (products, timestamps), login activity, IP addresses, browser/device information, and API key usage logs. This data is essential for service delivery, security, and dispute resolution.

1.4. API Key Data: When a membership is activated, we generate and store a unique API key tied to your account, along with usage metrics (download counts, last used timestamp).

1.5. Cookies & Session Data: We use essential session cookies for authentication and user preferences. We do not use third-party tracking cookies for advertising.

1.6. Communication Data: Emails sent to you (OTP codes, membership confirmations, expiration notices) are logged for delivery verification.

2. How We Use Your Information

  • Service Delivery: Process membership activations, serve downloads, issue API keys
  • Account Security: Verify identity via OTP, detect unauthorized access, enforce rate limits
  • Transaction Processing: Coordinate payments with Whop, manage billing cycles
  • Communication: Send transactional emails (activation, expiration, payment confirmation, OTP codes)
  • Dispute Resolution: Maintain proof-of-delivery records for chargeback defense
  • Platform Improvement: Generate anonymized analytics to improve service quality
  • Legal Compliance: Fulfill regulatory and legal obligations

3. Legal Basis for Processing (GDPR)

We process your data based on: (a) Contract performance — to deliver membership services you purchased; (b) Legitimate interests — security, fraud prevention, service improvement; (c) Legal obligations — tax, financial record-keeping; (d) Consent — where explicitly given (e.g., marketing communications).

4. Data Retention

  • Account data: Retained while your account is active
  • Transaction & delivery records: Retained for minimum 24 months (required for payment dispute resolution)
  • Download logs: Retained for 12 months, then automatically purged
  • Activity logs: Retained for 12 months
  • Revoked API keys: Key records retained for audit trail; the key itself cannot be re-used
  • OTP codes: Automatically deleted after 10 minutes or upon successful verification

5. Data Sharing & Third Parties

5.1. Whop (Payment Processor): Receives necessary payment and account data to process transactions. Their privacy policy governs payment data handling.

5.2. Email Services: Transactional emails are sent via our server’s mail system.

5.3. We do NOT sell, rent, or share your personal information with third parties for marketing purposes.

5.4. We may disclose data if required by law, court order, or to protect our rights and safety.

6. Security Measures

  • SSL/TLS encryption (HTTPS) for all data in transit
  • Secure password hashing (WordPress native bcrypt)
  • Rate limiting on login, registration, and OTP requests
  • Honeypot bot protection on forms
  • API key authentication for programmatic access
  • Regular security monitoring and access controls

While we implement industry-standard security measures, no system is 100% secure. We cannot guarantee absolute data security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request limitation of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time

To exercise these rights, contact us at admin@wpresstheme.com. We will respond within 30 days.

8. Children’s Privacy

Our Services are not directed to individuals under 16. We do not knowingly collect data from children. If we become aware of such collection, we will delete the data promptly.

9. International Data Transfers

Your data may be processed in jurisdictions different from your own. By using our Services, you consent to such transfers. We ensure appropriate safeguards are in place.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or prominent site notice. The “Last Updated” date above reflects the most recent revision.

11. Contact Us

For privacy inquiries, data requests, or concerns, contact our Data Protection team at admin@wpresstheme.com.