1. Who we are

EcomCloser develops and distributes WordPress and WooCommerce plugins, including licensing and subscription functionality. We provide a customer portal and license activation/validation endpoints used by our plugins.

2. Scope

This Policy applies to data collected through our website, customer portal, plugin-related API endpoints, and communications (email, support, and booking links).

3. Information we collect

We collect information in three ways: (A) you provide it directly; (B) it is collected automatically; (C) it is received from payment providers or platforms.

3.1 Data you provide

• Account data (name, email, login credentials or identifiers, preferences).
• Purchase and subscription data (plan selection, invoice details, transaction references).
• Support content (messages, attachments, troubleshooting details you send).

3.2 Data collected automatically

• Device and usage data (IP address, browser type, timestamps, pages visited).
• Security logs (authentication events, request metadata, abuse detection signals).
• License and site data (site domain/URL used for activation, license status, plan entitlements).
• Plugin event analytics (e.g., chat starts, product interactions, add-to-cart events, aggregated conversion metrics).

3.3 Data received from third parties

• Payment provider data (Stripe: payment status, subscription status, customer identifiers, billing email).
• Platform and infrastructure data (hosting provider, email delivery provider, analytics services).

4. Purposes of processing & legal bases (GDPR)

We process personal data only when we have a lawful basis under GDPR. Depending on the context, we rely on: contract performance, legitimate interests, legal obligations, and consent (where required).

5. Payments (Stripe) & financial data

Payments and subscriptions are processed by Stripe. We do not store full card numbers or CVC codes. Stripe may process personal data under its own privacy policy and as an independent controller for certain activities.

We may store payment status, subscription status, and Stripe customer identifiers to provide license delivery, manage renewals, handle cancellations, and prevent fraud.

6. Email delivery & license emails

After successful payment (or subscription status confirmation), we may email you your license key, onboarding instructions, and essential service notices. These emails are necessary to deliver the Service.

7. Cookies, similar technologies, and tracking

We use cookies and similar technologies for authentication, session management, security, fraud detection, and analytics. Some cookies are strictly necessary for the portal to function.

• Essential: login/session cookies, security tokens, CSRF protection.
• Analytics: aggregated usage analytics to improve the product (where allowed).
• Marketing: only if enabled; may require consent depending on jurisdiction.

8. Data retention

We retain personal data only as long as necessary for the purposes described in this Policy, including: maintaining your account, providing subscription continuity, preventing fraud, and fulfilling legal obligations.

• Account data: while your account is active and a reasonable period thereafter.
• Billing records: as required by law (tax/accounting).
• Security logs: limited period to detect abuse and protect systems.

9. Data sharing (processors & providers)

We share data only with trusted providers that help us operate the Service and only to the extent necessary: hosting, payment processing (Stripe), email delivery, and analytics.

We do not sell personal data. We do not share personal data with third parties for their own marketing purposes unless you explicitly request it or provide consent.

10. International transfers

Our providers may process data outside your country. Where required, we use appropriate safeguards, such as Standard Contractual Clauses, and provider compliance measures.

11. Security

We use reasonable administrative, technical, and organizational measures to protect personal data. This includes access controls, encryption-in-transit where applicable, and monitoring for abuse.

No system can guarantee 100% security. You are responsible for maintaining the confidentiality of your credentials.

12. Your rights (GDPR)

If you are in the EEA/UK (and similar jurisdictions), you may have the right to:

• Access your personal data.
• Rectify inaccurate data.
• Erase data (where applicable).
• Restrict or object to processing.
• Data portability.
• Withdraw consent (where processing is based on consent).

To exercise rights, email us at info@ecomcloser.com. We may need to verify your identity to protect your account.

13. Children

The Service is not intended for children. We do not knowingly collect personal data from children. If you believe a child provided personal data, contact us to request deletion.

14. Important disclaimers & limitation of liability

15. Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide notice via the Service or email. Continued use means you accept the updated Policy.

---

Contact: info@ecomcloser.com