Privacy Policy

Last updated on December 31st, 2019 at 06:59 am

Who we are

In this section you just notify your site URL, along with the name of the company, organization or individual behind it, and some proper contact details.

The details of the information you need to display varies depending on your local or national business regions. For example, you need to show a physical address, registered address, or your company’s registration number.

Recommended text: Our website URL is:

What personal data we collect and why we collect it

In this part you will notice what personal data you gather from users and site visitors. This can contain personal information, such as name, email address, and personal account preferences; Transaction data like purchase details; and technical data, like information about cookies.

You must look into any collection or preservation of sensitive personal data, such as health-related data.

In addition to listing the personal data you collect, you should also consider why you collect it. These descriptions should look at the legal basis for your data gathering and maintenance or the user’s active consent.

Personal data is not created by user interactions with your site. Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third party embeds.

By default WordPress does not gather any personal data about visitors, and only gathers the data exposed on the User Profile screen from registered users. However some of your plugins can gather personal data. You should include the related information below.


You will notice what information is captured by comments in this subsection. We have specified the data that WordPress collects by default.

Recommended text: When visitors post comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to assist with spam detection.

An anonymous string (called as hash) generated from your email address may be provided to the Gravatar service to see if you are using it. Refer the Privacy Policy of Gravatar service here ( After approval of your comment, your profile picture will be visible to public in the context of your comment.


In this subsection you must note what data may be published by users who upload media files. All uploaded files are generally publicly accessible.

Recommended text: If you like to upload images to a website, you must upload image without embed location data (EXIF GPS). Who’s visit this website can download and fetch any location data from the website’s images.

Contact forms

By default, WordPress does not contain a contact form. If you use a contact form plugin, use this subsection to see what personal information is collected and how long it is held when someone submits a contact form. For instance, you may notice that you have contact form submissions for a limited time period for customer service purposes, but you do not use the information submitted by them for marketing purposes.


In this subsection, you must list the cookies your website uses, containing your plug-ins, social media, and analytics. We have provided cookies that WordPress installs by default.

Recommended text: If you post a comment on our site, you may choose to store your name, email address and website in cookies. As these are for your convenience, you do not have to re-fill your details when you post another comment. These cookies can last up to one year.

If you open our login page, it will allocate a temporary cookie to control if your browser understands cookies. This cookie includes no personal data and will be removed when you close your browser.

When you sign in, we will set up multiple cookies to store your login information and your screen display options. Login cookies can last up to two days, and screen options cookies can last up to a year. If you choose a option of “Remember Me”, your login will continue for two weeks. Once you signing out of your account the cookies details have been removed.

If you edit or post an article, an additional cookie will be stored in your browser. This cookie has no personal data and represents the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Recommended text: Articles on this site may contain embedded content (eg videos, images, articles, etc.). Embedded content from other websites works just like the visitor has visited the other website.

These websites can gather data about you, use cookies, embed additional third party tracking, and monitor your communications with embedded content, including if you have an account which is logged in to the website that tracks your interactions with embedded content.


The analytics set you use in this subsection will show you how users can opt out of analytics tracking and if there is any link to your analytics provider’s privacy policy.

By default WordPress does not gather any analytical data. However, a lot of web hosting accounts gather a few anonymous analytical data. You can also have installed a WordPress plugin that offers analytics services.  If so, add the plugin information here.

Who we share your data with

In this part you must name and list all third-party providers to whom your site data to be distributing, which includes partners, cloud-based services, payment processors, and third party service providers, and also consider what data you share with them and why. Attach them to their own privacy policies, if possible. By default WordPress does not share any personal data with anybody.

How long we retain your data

In this part you must give details about how long keep your personal data gathered or processed by the website. It is your liability to come up with a to-do list of how long and why you retain each dataset, and that information should be listed here. For example, you might want to say that you have contact form details for six months, analytics details for a year, and customer purchase details for ten years.

Recommended text: If you post a comment, the comment and its metadata will be kept indefinitely. Instead of placing any follow-up comments in a moderate order, they can be automatically identified and approved.

For users who register on our website (if any), we also hold the personal information that given in their user profile. All users can view, edit or delete their personal information at any time (but that they cannot modify their username).  Website administrators are able to view and edit that information.

What rights you have over your data

In this part you should clarify what privileges your users contain their data and how they can use those rights.

Recommended text: If you have an account or post comments on this site, you may request to receive an exported file of personal data that we hold about you, including any data you provide to us. You may request the delete of any personal data we hold about you. It does not contain any data that we hold for administrative, legal or security purposes.

Where we send your data

In this part you must list all transfers of your site data outside the European Union (EU) and explain the steps to ensure that data is protected to European data protection standards. This can contains your web hosting details, cloud storage, or added your third party services.

The European Data Protection act involves data about European residents, which is transferred outside the EU to ensure that data is protected to the same standard as it was in Europe. Therefore, in addition to listing where the data goes, also you need to explain how you guarantee that these standards are met by you or your third-party providers, whether through an agreement like Privacy Shield, Model Subscriptions, or Corporate Binding Rules.

Recommended text: Visitor comments can be verified through the Automatic Spam Detection Service.

Contact information

In this part you must provide your contact procedure which is related with privacy oriented. Here you are requested to list full contact details along with their name additionally if you are required to have Data Protection Officer.

Additional information

If you make your site for commercial use and you have to keep more complex set or processing of personal information, you should be considered the following details in your privacy policy statement which is added with the information we have discussed already.

How we protect your data

In this part has to give details about what steps you have taken to protect your users’ data. This can take into technical methods like encryption; Security methods like two-factor authentication; and activities such as personnel training in data protection. If you are conducting a privacy impact assessment, you can also state it over here.

What data breach procedures we have in place

In this part you should clearly stated what processes you have to taken to deal with data breaches, moreover potential or real, like internal reporting structures, contact methods, or bug bounties.

What third parties we receive data from

In this part you should clearly mention about how your privacy policies have to deal with third party data. If your site collects the data about user from third parties sites, which including advertisers, that details should be stated here.

What automated decision making and/or profiling we do with user data

If your site offers a service that contains automated decision making – for instance, suppose to allow the users to apply for credit card, or combining their data into advertising profile. In this part you should notice that this is taking place, which contain information with respect to how that information is used, what decisions are happen with that aggregated data, and what rights users have over decisions happen without human interaction.

Industry regulatory disclosure requirements

If you are associated with regulated industry, or if you are subject to additional privacy acts, you need to disclosure that information here.