Privacy Policy

Effective Date: May 4, 2026
Last Updated: May 4, 2026

Welcome to GetSmartWP (hereinafter referred to as “we”, “us”, “our”, the “Site”, or the “Service”), available at https://getsmartwp.com. We are committed to protecting the privacy and personal data of our visitors and customers of our digital store, which sells WordPress themes and WordPress plugins globally.

This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you:

• Visit our website at https://getsmartwp.com
• Sign up and create a user account
• Purchase digital products (WordPress themes and/or plugins)
• Contact us through our contact form or support channels

By using this Site, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our Service.

---

1. Information We Collect

We collect several types of information in order to provide and improve our Service for you.

1.1 Information You Provide Directly

a. When You Register an Account

• Full name
• Email address
• Username
• Password (stored in an encrypted/hashed form)

b. When You Make a Purchase (Checkout)

• First and last name
• Email address
• Billing address: country, state/province, city, postal code
• Payment details (processed securely by third-party payment gateways; we do not store your credit/debit card numbers on our servers)
• Transaction history and products purchased
• Invoice / order ID

c. When You Communicate With Us

• Messages you send through our contact form
• Support ticket requests
• Product reviews and comments

1.2 Information Collected Automatically

When you access the Site, we automatically collect:

• IP address
• Browser type and version
• Operating system
• Pages visited and timestamps
• Referrer URL (the page that led you to our Site)
• Cookie data and similar tracking technologies
• Device information and screen resolution
• Approximate geographic location (based on IP)

1.3 Information From Third Parties

We may receive additional information from:

• Payment gateway providers (e.g., payment status confirmations)
• Third-party authentication services (if you choose to sign in via Google or other social accounts, when available)
• Analytics providers (e.g., Google Analytics)

---

2. How We Use Your Information

We use the information we collect for the following purposes:

1. Account Management – To create, maintain, and manage your user account.
2. Transaction Processing – To process your purchases, deliver digital products (download links), issue license keys, and generate invoices.
3. Product Delivery – To provide secure access to downloads of the WordPress themes/plugins you have purchased.
4. Customer Support – To respond to your inquiries, complaints, and technical support requests.
5. Product Updates – To notify you about updates, security patches, and new versions of products you have purchased.
6. Communication – To send essential emails such as registration confirmations, password resets, purchase receipts, and account-related notifications.
7. Marketing (with consent) – To send newsletters, promotions, and new product announcements, only if you have opted in.
8. Security & Fraud Prevention – To detect and prevent fraudulent activity, license abuse, unauthorized access, and cyberattacks.
9. Service Improvement – To analyze usage patterns and improve the user experience, features, and performance of the Site.
10. Legal Compliance – To comply with legal obligations, tax regulations, and lawful requests by public authorities.

---

3. Legal Basis for Processing

We process your personal data based on one or more of the following legal bases:

• Consent – You have given explicit consent (e.g., subscribing to our newsletter).
• Performance of a Contract – Processing is necessary to fulfill your purchase and deliver the product.
• Legitimate Interest – For security, fraud prevention, and improving our Service.
• Legal Obligation – To comply with applicable laws, including tax and accounting requirements.

---

4. Cookies and Tracking Technologies

Our Site uses cookies and similar technologies to:

• Maintain your login session
• Remember the contents of your shopping cart
• Store user preferences
• Analyze site traffic (via Google Analytics or similar services)
• Display relevant advertising (if applicable)

Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential	Core site functionality (login, cart, checkout)	Session / up to 1 year
Functional	User preferences (language, theme)	Up to 1 year
Analytics	Visitor statistics (e.g., Google Analytics)	Up to 2 years
Marketing	Advertising and remarketing (optional)	30–90 days

You can disable cookies through your browser settings. However, some site features (particularly checkout and account management) may not function properly without them.

---

5. How We Share Your Data

We do not sell your personal data. However, we may share your information with trusted third parties solely to support the operation of our Service:

5.1 Payment Processors

All payments are handled by secure, PCI-DSS compliant third-party payment gateways:

• PayPal — PayPal Privacy Policy
• Stripe (integration in progress) — Stripe Privacy Policy

We do not store your full payment card details on our servers. All card data is transmitted directly to the payment processor via encrypted connections.

5.2 Email & Communication Services

• Transactional email providers, including MailerSend and Amazon SES (AWS SES), used to send registration confirmations, password resets, purchase receipts, license keys, and other account-related emails.
• Standard SMTP relays may also be used as a fallback.
• Email marketing platforms — only if you have explicitly subscribed to our newsletter.

5.3 Hosting & Infrastructure

• Web hosting provider
• Content Delivery Network (Cloudflare may be used in the future for caching, DDoS protection, and DNS)
• Backup and storage providers

5.4 Analytics

• Google Analytics — used to measure site traffic, usage patterns, and general audience demographics. Data is processed in an aggregated, pseudonymous form.
• Performance and error-monitoring tools

5.5 Legal Requirements

We may disclose your information if required to do so by law, court order, or legitimate request from a governmental authority.

---

6. Data Retention

We retain your personal data for as long as it is necessary to fulfill the purposes outlined in this Policy:

• Active accounts: As long as your account remains registered with us.
• Transaction records: At least 5 (five) years after the last transaction, for tax, accounting, audit, and digital product warranty purposes.
• Support communications: Up to 2 years after the ticket is closed.
• Marketing data: Until you unsubscribe or withdraw consent.

After the retention period expires, data is securely deleted or anonymized.

---

7. Data Security

We implement reasonable technical and organizational measures to protect your data, including:

• SSL/TLS encryption (HTTPS) for all data transmissions
• Password hashing using strong algorithms (bcrypt/argon2)
• Web Application Firewall (WAF) and brute-force protection
• Regular updates to the server, WordPress core, plugins, and theme
• Restricted access to personal data — only authorized staff
• Encrypted, regular backups

However, no online system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by law.

---

8. Your Rights

Depending on your jurisdiction — including under Indonesia’s Personal Data Protection Law (UU PDP No. 27/2022), the EU GDPR, and the California CCPA — you have the following rights:

1. Right to Access – Request a copy of the personal data we hold about you.
2. Right to Rectification – Correct inaccurate or incomplete personal data.
3. Right to Erasure (Right to be Forgotten) – Request deletion of your personal data.
4. Right to Restrict Processing – Limit how your data is used.
5. Right to Data Portability – Receive your data in a machine-readable format.
6. Right to Object / Opt-Out – Object to direct marketing or processing based on legitimate interests.
7. Right to Withdraw Consent – Withdraw consent at any time where processing is based on consent.
8. Right to Lodge a Complaint – File a complaint with a supervisory or data protection authority.

To exercise any of these rights, please contact us at hello@getsmartwp.com. We will respond within 30 days of receiving a verifiable request.

---

9. Children’s Privacy

Our Service is not directed to children under 13 (or under 16 for users in the European Union). We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately so we can delete such data.

---

10. International Data Transfers

As a globally accessible service, your data may be transferred to, stored, and processed in countries outside your country of residence (including the United States, Europe, and Southeast Asia) where our hosting providers, payment processors, and other service providers operate.

By using our Site, you consent to such transfers. We take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy, including using Standard Contractual Clauses (SCCs) where applicable.

---

11. Third-Party Links

Our Site may contain links to third-party websites (documentation, product demos, social media, etc.). This Privacy Policy does not apply to those external sites. We encourage you to read the privacy policies of every website you visit.

---

12. Digital Products (Themes & Plugins) – Special Notes

As a store that sells WordPress themes and plugins:

• License & Updates: We store your purchase information and license key to verify your eligibility for automatic updates and support.
• License Activation: When you activate a plugin or theme on your WordPress site, our system may record the site URL where the product is installed, solely for license validation purposes.
• Optional Telemetry: Some of our products may transmit anonymous data (such as your PHP/WordPress version) to help us ensure compatibility. This will be clearly disclosed on the respective product pages, and you may opt out where applicable.
• Documentation Access: Viewing documentation or demos may record usage analytics to help us improve our content.

---

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified via:

• A notice posted on our website
• Email to registered users (for significant changes)

The “Last Updated” date at the top of this page will always reflect the latest revision. We encourage you to review this page periodically.

---

14. Contact Us

If you have any questions, complaints, or requests regarding this Privacy Policy or your personal data, please contact us:

• Business Name: GetSmartWP
• Website: https://getsmartwp.com
• Email: hello@getsmartwp.com
• Location: West Java, Indonesia
• Contact Page: https://getsmartwp.com/contact

---

This document is provided as general guidance and does not constitute legal advice. We strongly recommend consulting a qualified legal professional to ensure full compliance with the laws applicable to your operations and target markets (e.g., Indonesia’s UU PDP, EU GDPR, California CCPA, UK Data Protection Act, etc.).