SecureAuditWP is built around a simple principle: your security data is yours. This policy explains what we do — and don't — collect, both on this website and inside the WordPress plugin.
1. Information we collect
The plugin (your WordPress site)
SecureAuditWP runs entirely inside your WordPress installation. Audit results, scan logs, and reports are stored in your database and never transmitted to us. No analytics, no telemetry, and no "phone home" by default.
If you opt in to anonymous usage statistics from the plugin settings, we receive only: WordPress version, PHP version, plugin version, and a hashed site identifier. No site URLs, content, or audit results are ever sent.
This website
When you browse secureauditwp.com, our server logs the standard request data: IP address, user agent, referrer, and the URL requested. Logs are kept for 30 days for security and abuse prevention, then deleted.
If you contact us by email, we keep the message and your email address only as long as needed to respond and provide support.
2. Bring-your-own-key (BYOK) AI providers
SecureAuditWP uses AI models from OpenAI, Anthropic, or Google AI Studio to analyze findings. You provide your own API key, which is stored in your WordPress database and used directly from your server.
We never see your API key, your prompts, or the AI provider's responses. Your data flows from your site straight to your chosen AI provider, governed by their privacy policy:
- OpenAI — openai.com/policies/privacy-policy
- Anthropic — anthropic.com/legal/privacy
- Google AI — ai.google.dev/terms
3. Cookies
This site uses no third-party tracking or advertising cookies. A single first-party cookie may be set to remember your preferences if you change them; nothing else.
4. Payments (Pro plan)
If you upgrade to a Pro plan, payment is processed by Stripe. We receive your name, email, country, and the last four digits of your card — never the full card number. Stripe's privacy policy applies to the payment itself.
5. Data sharing
We do not sell, rent, or share your personal information with third parties. We may disclose information if required by law or to protect the integrity of our service.
6. Your rights
You may request access to, correction of, or deletion of any personal data we hold about you by emailing privacy@secureauditwp.com. Under GDPR and CCPA, we respond within 30 days.
7. Changes
If we update this policy, we'll post the new version here and update the "Last updated" date above. Material changes will also be communicated by email to Pro customers.
8. Contact
Questions about this policy? Reach us at privacy@secureauditwp.com or through the contact page.