Privacy Policy

Last updated: April 2026

WpBrain.app ("WpBrain", "we", "us", or "our") operates the WpBrain platform at wpbrain.app. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

1. Information We Collect

Account Information

• Email address and name (provided directly or via Google OAuth)
• Password (hashed, if you register with email)
• Google account profile data (name, email, avatar) if you sign in with Google

WordPress Site Data

• WordPress site URLs you connect
• WordPress REST API credentials (application passwords)
• Site content accessed through the REST API (posts, pages, products, media, etc.)

Usage Data

• Actions performed on the platform (tools used, requests made)
• AI prompts and generated content
• Browser type, IP address, and general device information

2. How We Use Your Information

• To provide and operate the WpBrain platform
• To connect to your WordPress sites and execute management actions on your behalf
• To generate AI-powered content, images, and suggestions
• To authenticate your identity and maintain account security
• To improve our service and develop new features
• To communicate important service updates

3. WordPress Credentials

We take the security of your WordPress credentials seriously:

• Encryption: WordPress application passwords and site credentials are encrypted at rest using industry-standard encryption
• Never shared: Your WordPress credentials are never shared with third parties, sold, or used for any purpose other than connecting to your sites on your behalf
• Minimal access: We only access your WordPress site data when you initiate an action through our platform
• Revocable: You can disconnect your sites and revoke access at any time from your dashboard

4. Cookies

We use cookies and similar technologies for:

• Authentication: Session cookies to keep you signed in
• Security: CSRF tokens and security-related cookies
• Preferences: Remembering your settings and preferences

We do not use third-party advertising or tracking cookies.

5. Third-Party Services

WpBrain relies on the following third-party services:

• Cloudflare: Infrastructure, hosting, CDN, and edge computing. Cloudflare may process request metadata (IP addresses, headers) per their privacy policy
• OpenRouter: AI model routing for content generation and chat features. Prompts and content may be processed by AI model providers through OpenRouter
• Google OAuth: If you choose to sign in with Google, Google processes authentication data per their privacy policy

6. Data Retention

• Account data is retained as long as your account is active
• WordPress site data is removed when you disconnect a site
• AI-generated content and chat history may be retained to improve the service
• If you delete your account, we will remove your personal data within 30 days
• We may retain anonymized, aggregated data for analytics purposes

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS) and at rest, secure credential storage, and access controls. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Withdraw consent for data processing
• Object to certain types of data processing

To exercise any of these rights, please contact us at the address below.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance.

10. Contact

If you have questions about this Privacy Policy or your data, contact us at:

WpBrain.app
Email: [email protected]