Privacy Policy – WP Auto Post
Privacy Policy
Last Updated: February 26, 2026
WP Auto Post (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the WP Auto Post mobile application (“App”). Please read this policy carefully. By using the App, you consent to the practices described herein.
1. Information We Collect
1.1 Information You Provide Directly
- Account Information: When you create an account, we collect your email address and encrypted password through our authentication provider (Supabase).
- WordPress Credentials: If you connect your WordPress site, we collect your site URL, WordPress usernames, and application passwords for your author profiles.
- WooCommerce API Credentials: If you use WooCommerce features, we collect your Consumer Key and Consumer Secret.
- Author Profiles: Names, bios, topics, content feed URLs, and writing preferences you configure for your AI author personas.
- Content Data: Articles, product descriptions, and other content you generate, edit, or publish through the App.
- Product Data: Product images, categories, brands, and other product-related information you save or manage.
1.2 Information Collected Automatically
- Device Information: Device type, operating system version, and unique device identifiers.
- Usage Data: Features used, actions taken, timestamps, and interaction patterns within the App.
- Crash and Performance Data: Error logs, crash reports, and performance metrics to help us improve the App.
- Subscription Information: Your subscription tier, purchase history, and credit/lookup balances (managed through RevenueCat and the Apple App Store / Google Play Store).
1.3 Information from Third Parties
- Authentication Providers: We use Supabase for authentication and may receive basic profile information associated with your account.
- Payment Processors: Subscription and purchase information is processed by the Apple App Store and Google Play Store via RevenueCat. We do not directly collect or store your payment card details.
- AI Service Providers: Content you submit for AI generation is processed by OpenAI. Please refer to OpenAI’s privacy policy for information on how they handle data.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the App and its features
- Process your account registration and manage your account
- Generate AI-powered articles and product content on your behalf
- Publish content to your WordPress and WooCommerce sites
- Process subscriptions and in-app purchases
- Track and manage your usage quotas (lookups, articles, credits)
- Send you service-related communications (account verification, security alerts, subscription changes)
- Improve, personalize, and optimize the App experience
- Detect, prevent, and address technical issues, fraud, and security threats
- Comply with legal obligations and enforce our Terms and Conditions
- Respond to your support requests and inquiries
3. How We Share Your Information
We do not sell, rent, or trade your personal information. We may share your information with:
3.1 Service Providers:
- Supabase: Authentication and database services (stores your account data, author profiles, articles, and configurations)
- OpenAI: AI content generation (receives text prompts and content for processing)
- RevenueCat: Subscription and purchase management
- Apple / Google: Payment processing through their respective app stores
3.2 Your WordPress Site: When you publish content, your articles, author information, and product data are transmitted directly to your WordPress/WooCommerce site using the credentials you provide.
3.3 Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of WP Auto Post, our users, or the public.
3.4 Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
4. Data Storage and Security
4.1 Storage: Your data is stored securely using Supabase’s cloud infrastructure with encryption at rest and in transit. Database access is restricted through Row Level Security (RLS) policies ensuring you can only access your own data.
4.2 Credentials: Your WordPress usernames, application passwords, and WooCommerce API keys are stored in our secure database. We recommend using application-specific passwords rather than your main WordPress password.
4.3 Security Measures: We implement industry-standard security measures including:
- Encrypted data transmission (HTTPS/TLS)
- Secure authentication with email verification
- Row Level Security for database access control
- Secure credential storage
- Regular security assessments
4.4 No Absolute Security: While we strive to protect your information, no method of electronic storage or transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.
5. Data Retention
- Account Data: We retain your account information for as long as your account is active or as needed to provide you the Service.
- Content Data: Articles, author profiles, and product data are retained until you delete them or your account is terminated.
- AI Processing Data: Content sent to OpenAI for generation is processed according to OpenAI’s data retention policies. We do not retain copies of AI prompts beyond what is stored in your generated articles.
- Transaction Data: Subscription and purchase records are retained as required for accounting and legal purposes.
- Post-Deletion: After account deletion, we may retain anonymized or aggregated data that cannot identify you. Some data may be retained as required by law or for legitimate business purposes (e.g., fraud prevention).
6. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights:
6.1 Access and Portability: You can access your personal data through the App at any time. You may request a copy of your data in a portable format.
6.2 Correction: You can update your account information and author profiles directly through the App.
6.3 Deletion: You can delete individual articles, authors, and saved data through the App. You may also request complete account deletion by contacting us.
6.4 Withdrawal of Consent: Where processing is based on consent, you may withdraw consent at any time by discontinuing use of the relevant feature or contacting us.
6.5 Objection and Restriction: You may object to or request restriction of certain processing activities.
6.6 Subscription Management: You can manage or cancel your subscription through the Apple App Store or Google Play Store settings.
To exercise any of these rights, please contact us at the email address provided below.
7. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction.
Where required by applicable law, we ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms.
By using the App, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.
8. GDPR Compliance (European Economic Area Users)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland:
- Legal Basis: We process your data based on: (a) your consent, (b) performance of our contract with you, (c) compliance with legal obligations, and (d) our legitimate interests in operating and improving the Service.
- Data Protection Officer: For data protection inquiries, contact us at the address below.
- Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority.
- Data Minimization: We only collect data that is necessary for the purposes described in this policy.
9. CCPA Compliance (California Residents)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out of Sale: We do not sell your personal information. If this changes, we will provide an opt-out mechanism.
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
To submit a CCPA request, contact us at the email address below.
10. Children’s Privacy
The App is not intended for use by children under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us immediately.
11. Third-Party Links and Services
The App may interact with third-party services (WordPress, WooCommerce, OpenAI, Yoast SEO). This Privacy Policy does not cover the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you connect with through the App:
- OpenAI: https://openai.com/privacy
- Supabase: https://supabase.com/privacy
- RevenueCat: https://www.revenuecat.com/privacy
- WordPress/Automattic: https://automattic.com/privacy
12. Cookies and Tracking Technologies
The App itself does not use cookies. However, third-party services integrated into the App (such as Supabase authentication and RevenueCat) may use their own tracking technologies. When accessing the App via web browser, standard web technologies may be used to maintain your session.
13. Push Notifications
We may send you push notifications related to your account and the Service. You can opt out of push notifications through your device settings at any time.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:
- Posting the updated policy within the App
- Updating the “Last Updated” date
- Sending a notification through the App for significant changes
Your continued use of the App after changes take effect constitutes acceptance of the updated Privacy Policy.
15. Data Breach Notification
In the event of a data breach that affects your personal information, we will notify you and the relevant authorities as required by applicable law, within the timeframes mandated by the applicable regulations (e.g., 72 hours under GDPR).
16. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
WP Auto Post
Email: privacy@wpautop.com
For data protection inquiries from EEA residents:
Email: dpo@wpautop.com
We will respond to your inquiry within 30 days (or sooner if required by applicable law).
