This Privacy Policy describes how GetInfoToYou ("we", "us", or "our") collects, uses, and protects your information when you use the PortalWP WordPress plugin and the portalwp.getinfotoyou.com website (collectively, the "Service").
By using PortalWP, you agree to the collection and use of information described in this policy. Questions? Contact us at hello@portalwp.getinfotoyou.com.
1. Information We Collect
We collect information in two contexts: when you purchase or register for PortalWP (collected on our license server), and when your clients use the portal you install on your WordPress site (collected on your server, not ours).
Information collected on our license server (portalwp.getinfotoyou.com):
- Account information: Name and email address provided during purchase or free trial registration.
- Payment information: Transaction ID and payment status. We do not store card numbers or bank details — payments are processed by Razorpay or Stripe.
- License data: License key, plan type, activation date, expiry date, and the WordPress site URL(s) where the plugin is activated.
- Usage data: Plugin version in use, update check timestamps (no personal data sent in update checks).
Information collected on your WordPress server (plugin):
- Your clients' names, email addresses, and portal activity (files, invoices, contracts, messages) are stored exclusively on your own WordPress server.
- We have no access to your clients' data. You are the data controller for all client data stored through the plugin.
2. How We Use Your Information
- To create and manage your PortalWP license and account.
- To process payments via Razorpay or Stripe.
- To send your license key, download link, and installation guide by email.
- To deliver product updates, security notices, and renewal reminders.
- To provide customer support when you contact us.
- To improve the plugin based on aggregate, anonymised usage patterns.
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3. Data Storage
License server data is stored in a MySQL database hosted on Hostinger servers in the European Union / India region. Data is encrypted in transit via HTTPS (TLS 1.3) and at rest.
Plugin data (your clients, files, invoices, contracts, projects, messages) is stored entirely on your own WordPress server. We have no access to this data and it never leaves your server.
We implement industry-standard security measures including: hashed license keys, parameterised SQL queries to prevent injection, and rate limiting on all API endpoints.
4. Third-Party Services
PortalWP integrates with third-party services. Each has its own privacy policy:
- Razorpay (payment processing, India) — razorpay.com/privacy
- Stripe (payment processing, global) — stripe.com/privacy
- OpenAI / Google Gemini / Anthropic Claude (AI assistant, Pro plan) — Only used if you configure your own API key in the plugin settings. Your clients' data is sent to your chosen AI provider when they use the AI assistant. You are responsible for informing your clients if you enable this feature.
We do not integrate with advertising networks, analytics trackers, or social media platforms on our license server or in the plugin.
5. Cookies
The portalwp.getinfotoyou.com website uses minimal cookies:
- Session cookie: Set when you log in to manage your license. Expires when you close your browser.
- No advertising cookies, no tracking pixels, no third-party analytics cookies.
The PortalWP plugin on your WordPress site uses a JWT (JSON Web Token) stored in the client's browser localStorage — not a cookie — to maintain their portal session. This token contains only the client's WordPress user ID and expiry time.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate data.
- Erasure ("right to be forgotten"): Request deletion of your data. We will delete your account and license records within 30 days of a verified request.
- Portability: Request your data in a machine-readable format (JSON or CSV).
- Objection: Object to processing of your data for marketing purposes.
To exercise any of these rights, email hello@portalwp.getinfotoyou.com with the subject line "Data Request". We will respond within 30 days.
These rights are granted under the EU General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act, 2023 (DPDPA).
7. Data Retention
We retain your account and license data for as long as your account is active, plus 90 days after deletion, to handle refund requests and disputes. After that period, all personal data is permanently deleted.
Payment transaction records are retained for 7 years as required by Indian financial regulations.
8. Children's Privacy
PortalWP is a business software tool intended for adults (18+). We do not knowingly collect personal data from individuals under 18 years of age. If you believe a minor has provided us with personal data, contact us at hello@portalwp.getinfotoyou.com and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address on your account) and update the "Last updated" date at the top of this page. Continued use of PortalWP after the effective date constitutes acceptance of the updated policy.
10. Contact Us
For privacy-related questions, requests, or concerns:
- Email: hello@portalwp.getinfotoyou.com
- Support: support@portalwp.getinfotoyou.com
- Company: GetInfoToYou, India