Connect WP Develop API

Privacy Policy

Last updated: November 8, 2025

1. Introduction

https://wpdevelopapi.com/  operates the API endpoint at https://connect.wpdevelopapi.com/ (the “Service”).

This Privacy Policy explains how we collect, use, disclose, and safeguard information obtained via the Service. By using the Service you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Automatically Collected Information

When your plugin uses our Service (e.g., crash reports via REST), we may collect the following information:

  • Plugin identifier (slug) and version
  • Site URL (or hostname) where the plugin is installed
  • WordPress version, PHP version, theme name & version
  • OS system and release (server environment)
  • Error/exception message, file name/line number, trace (if applicable)
  • Timestamp of event

2.2 Information You Provide

In some cases you may be prompted (e.g., settings consent page) to provide a user-consent indicator (e.g., “Enable crash reporting”). No personally identifiable user data (such as names, emails) is collected by default unless you explicitly include it.

3. How We Use the Information

We use information for the following purposes:

  • To receive, store and analyse crash or error reports from your plugins, for quality monitoring and support.
  • To maintain the security and integrity of our API service.
  • To contact you in the rare case of critical plugin/endpoint issues (based on site URL) or notify of data / security events.
  • To generate aggregated, anonymised analytics (for example: how many sites are running a certain plugin version) — such analytics will not include personal identifiers.

4. Legal Basis & Consent

Where applicable (e.g., under GDPR) we rely on your consent: you must explicitly enable crash reporting in the plugin settings for your site (option name: wc_crash_consent_[plugin_slug]). If you do not enable it, no crash-data is sent from your site to our Service beyond normal plugin operations.
In some jurisdictions we may also rely on our legitimate interest for security and stability of our Service.

5. Sharing & Disclosure of Your Information

We do not sell your data to third parties. We may disclose your information to:

  • Service providers who assist us in operating our API service (hosting, database infrastructure, logging) — under confidentiality and security commitments.
  • Regulatory or legal authorities, if required by law or to protect rights or safety.
    Any sharing will be limited to the minimum information needed.

6. Data Retention

We retain collected crash-report data for [Retention Days] days by default (option: wc_collector_retention_days; default 90). After that period records are automatically removed via scheduled cleanup. You may also request deletion of your site’s crash data — contact us at [contact email].

7. Your Rights

Depending on your jurisdiction you may have rights including:

  • Access: You may request a copy of crash-data we hold for your site.
  • Correction: You may request incorrect data be corrected.
  • Deletion: You may request your site’s data be deleted from our systems.
  • Lodge a complaint with your local supervisory authority.
    To exercise any of these rights, contact us at [contact email].

8. Security

We implement reasonable technical and organisational measures to protect your data. This includes secure HTTPS endpoints, encrypted connections, access control, and regular audits. However, no transmission or storage system is 100% secure — use of our Service is at your own risk.

9. International Transfers

If your site is hosted outside [your country/region], your information may be transferred to and processed on servers located in [server region]. By using our service you consent to such transfers.

10. Development Mode & Self-Signed Certificates

When the API Service is operating in Development Mode (option wc_collector_dev_mode = yes), we may allow endpoints served over HTTP or self-signed HTTPS certificates for testing purposes. In this scenario:

  • Data is still processed but may not have full SSL certificate verification from reporter-end sites.
  • You should only enable crash reporting from trusted development/staging environments in such cases.
    In production mode we enforce HTTPS with valid certificates.

11. Cookies & Tracking

We do not use cookies for crash-reporting functions. Our API endpoints are consumed programmatically via REST; no persistent tracking cookies are set for users by default.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by posting the new policy on this page with an updated “Last updated” date. Your continued use of the Service after changes constitutes your acceptance of the revised terms.

13. Contact Us

If you have any questions about this Privacy Policy, please contact:

WP Develop APIs
Email: connect@wpdevelopapi.com

Data Processing Addendum