Privacy Policy

Last updated: February 16, 2026

At InfyPress, we respect your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains what data we collect, how we use it, and the choices you have regarding your information.

This policy applies to our website at infypress.com, our customer accounts, and our WordPress plugins: AI Image SEO Optimizer, AI Meta Optimizer, AI Content Optimizer, and AI Keyword Optimizer (including their Pro versions).

By using our website or products, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of our services.

1. Who We Are

InfyPress is a software company registered in Wilmington, Delaware, USA. We develop WordPress plugins that use artificial intelligence to help website owners optimize their content for search engines.

For privacy-related inquiries, you can reach us at:

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when you interact with our services:

  • Account Information: Your name and email address when you create an account.
  • Billing Information: Your billing address and payment details when you make a purchase. Payment card information is processed directly by Stripe and is never stored on our servers.
  • Support Communications: Messages, attachments, and other information you provide when contacting our support team.
  • API Keys: If you use our plugins’ AI features, you provide your own API keys for third-party AI services. These keys are stored in encrypted form using WordPress security salts on your own server.

2.2 Information Collected Automatically

When you visit our website, certain information is collected automatically:

  • IP Address: Collected via server logs for security and fraud prevention.
  • Browser and Device Information: Browser type, operating system, and device type, collected through analytics for site optimization.
  • Usage Data: Pages visited, time spent on pages, and navigation patterns, collected through Google Analytics.
  • Cookies: Small data files stored on your device to enable functionality and analytics. See Section 5 for details.

2.3 Information from Third Parties

  • Stripe: We receive payment confirmation details (transaction status, last four digits of your card) from Stripe when you complete a purchase.
  • Google reCAPTCHA: We receive bot detection scores from Google to protect our forms from spam and abuse.

2.4 Plugin Setup Wizard & Newsletter Data

Our WordPress plugins include an optional setup wizard that may offer you the opportunity to subscribe to our newsletter and share site telemetry data. This data collection is entirely optional and only occurs when you explicitly enable the newsletter toggle during setup. No data is collected or sent if you do not opt in.

If you opt in to the newsletter, the following core data is sent to InfyPress servers (infypress.com) over HTTPS:

  • Account Info (required for newsletter delivery): Your WordPress admin email address and display name.
  • Site Identifiers: Your site URL, the plugin name and version, your site locale, and timezone.

In addition, the setup wizard offers four optional telemetry categories, each with its own individual toggle that you can enable or disable independently:

CategoryData CollectedPurpose
Site EnvironmentWordPress version, PHP version, MySQL version, server software, multisite status, memory limit, debug modeReproduce and fix compatibility issues
Theme InfoActive theme name and version, parent theme nameIdentify theme-specific layout conflicts
Content OverviewTotal counts of media files, images, posts, pages, and productsOptimize batch processing for your library size
Plugin DetectionNames of active plugins (up to 30) and installed plugins (up to 50), plus compatibility flags for WooCommerce, Yoast SEO, Rank Math, and ElementorEnsure compatibility with popular plugins

All telemetry toggles default to enabled within the disclosure panel, but no data is collected unless you first enable the newsletter toggle. You can disable any or all telemetry categories before completing the setup wizard.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Our Services: To create and manage your account, deliver purchased products, and provide access to plugin downloads and updates.
  • Process Payments: To process transactions, send receipts, and manage billing through Stripe.
  • Customer Support: To respond to your questions, troubleshoot issues, and resolve support tickets.
  • Service Communications: To send transactional emails such as purchase confirmations, license key deliveries, and important account notifications.
  • Improve Our Products: To analyze usage patterns and feedback to improve our website and plugins.
  • Security: To detect and prevent fraud, abuse, and unauthorized access to our services.
  • Newsletter & Product Updates: If you opt in during plugin setup, we use your email to send product updates, tips, and important announcements. You can unsubscribe at any time via the link in every email.
  • Product Improvement: If you opt in to telemetry during plugin setup, we use the site environment and plugin data you share to diagnose compatibility issues, prioritize bug fixes, and improve our plugins.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process personal data under the following legal bases:

  • Contract Performance: Processing necessary to deliver our services and fulfill purchases.
  • Legitimate Interest: Processing for security, fraud prevention, and analytics, where our interests do not override your rights.
  • Consent: Processing based on your explicit consent, such as marketing communications. You may withdraw consent at any time.
  • Legal Obligation: Processing required to comply with applicable laws, such as tax record-keeping.

4. Third-Party Services

We use the following third-party services in connection with our website and products. Each service has its own privacy policy governing how it handles your data.

4.1 Stripe (Payment Processing)

  • Purpose: Secure payment processing for purchases on our website.
  • Data Processed: Payment card details, billing address, and transaction information.
  • Note: InfyPress does not store your full credit card number. All payment data is handled directly by Stripe, which is PCI DSS compliant.
  • Privacy Policy: https://stripe.com/privacy

4.2 Google reCAPTCHA

  • Purpose: Protection against spam and automated abuse on our forms.
  • Data Processed: Hardware and software information, IP address, and cookies.
  • Privacy Policy: https://policies.google.com/privacy

4.3 Google Analytics

4.4 Google Fonts & Material Icons

  • Purpose: Our website loads the Inter font family and Material Symbols Rounded icons from Google Fonts to provide a consistent visual experience.
  • Data Processed: When you visit our website, your browser makes requests to Google’s servers (fonts.googleapis.com), which transmits your IP address, browser user agent, and referring page URL to Google.
  • Note: These assets are loaded from Google’s content delivery network and are not self-hosted. Google may use the connection data as described in their privacy policy.
  • Privacy Policy: https://policies.google.com/privacy

4.5 Google Places API

  • Purpose: Address autocomplete and location-based features.
  • Data Processed: Search queries and location data entered into address fields.
  • Privacy Policy: https://policies.google.com/privacy

4.6 AI Service Providers (Plugin Users Only)

Our plugins allow you to connect to third-party AI services using your own API keys. When you use AI features, your data (such as images or text) is sent directly from your WordPress site to the AI provider. InfyPress does not process this data through our servers.

AI services are only contacted when you explicitly initiate an optimization (for example, by clicking an “Optimize” button). No data is sent automatically.

The AI providers our plugins support include:

By using AI features, you agree to the respective provider’s terms and privacy policy. InfyPress is not responsible for how AI providers handle data sent to their services.

4.7 Cloudflare (DNS & Security Proxy)

  • Purpose: DNS management, DDoS protection, and performance optimization for our website.
  • Data Processed: IP addresses, HTTP headers, browser information, and cookies for all visitors to infypress.com. Cloudflare acts as a reverse proxy, meaning all traffic passes through their network before reaching our servers.
  • Privacy Policy: https://www.cloudflare.com/privacypolicy/

4.8 Google Workspace / Gmail API (Email Delivery)

  • Purpose: Sending transactional and service emails, including purchase confirmations, license key deliveries, support replies, and newsletter communications.
  • Data Processed: Recipient email addresses, names, and email content (which may include order details, account information, and support correspondence).
  • Note: All emails are sent through the Gmail API via our Google Workspace account. Google processes this data as a sub-processor under our data processing agreement.
  • Privacy Policy: https://policies.google.com/privacy

4.9 Google Cloud Platform (Hosting)

  • Purpose: Server infrastructure hosting for our website and services.
  • Data Processed: All data stored and processed by our services, including account information, transaction records, and support communications.
  • Location: Our servers are hosted in Google Cloud’s europe-west2 region (London, United Kingdom).
  • Note: Google acts as a data processor under our data processing agreement and does not access your data for its own purposes.
  • Privacy Policy: https://cloud.google.com/terms/cloud-privacy-notice

5. Cookies and Tracking

We use cookies and similar technologies on our website. Cookies are small text files stored on your device that help us provide and improve our services.

Types of Cookies We Use

  • Strictly Necessary Cookies: Required for our website to function properly. These include session cookies, security cookies, and shopping cart cookies. These cannot be disabled.
  • Functional Cookies: Remember your preferences such as language settings and display options. These require your consent.
  • Analytics Cookies: Used by Google Analytics to understand how visitors use our site. These require your consent.

We do not currently use marketing or advertising cookies.

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. However, disabling strictly necessary cookies may prevent parts of our website from functioning correctly.

6. Data Sharing and Disclosure

Who We Share Data With

We share your information only with the following categories of recipients, and only as necessary:

  • Payment Processor: Stripe, to process transactions.
  • Hosting Provider: Google Cloud Platform, to host and operate our services (servers located in London, UK).
  • Email Provider: Google Workspace (Gmail API), to send transactional and service emails.
  • DNS & Security Provider: Cloudflare, to provide DNS, DDoS protection, and performance optimization.
  • Analytics Provider: Google Analytics, to collect anonymized website usage data.
  • Security Services: Google reCAPTCHA, to protect against spam and abuse.
  • AI Providers: Only when you initiate AI features through our plugins, using your own API keys.

We Do Not

  • Sell your personal information to any third party.
  • Share your data with third-party advertisers.
  • Provide your data to data brokers.

Legal Disclosures

We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to:

  • Comply with a legal obligation, court order, or legal process.
  • Protect and defend our rights, property, or safety.
  • Prevent fraud or enforce our terms of service.
  • Facilitate a merger, acquisition, or sale of assets (in which case your data would be transferred to the successor entity, and you would be notified).

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law.

  • Account Information: Retained for the duration of your account plus 30 days after deletion to allow for account recovery.
  • Transaction Records: Retained for 7 years as required for tax and legal compliance.
  • Support Tickets: Retained for 3 years after resolution for quality assurance and reference.
  • Analytics Data: Retained for 26 months within Google Analytics.
  • Server Logs: Retained for 90 days for security monitoring.
  • Newsletter & Telemetry Data: Retained for as long as you remain subscribed. Data is deleted within 30 days of unsubscribing.

When data is no longer needed, it is securely deleted or anonymized.

8. International Data Transfers

InfyPress is a company registered in the United States (Delaware). However, our primary server infrastructure is hosted in the United Kingdom (Google Cloud, London region). This means your data is primarily stored and processed within the UK.

Some of our service providers (such as Stripe, Cloudflare, and Google) may process data in data centers located in various countries, including the United States. Where data is transferred outside the UK or European Economic Area:

  • We rely on Standard Contractual Clauses (SCCs) approved by the European Commission and the UK International Data Transfer Agreement (IDTA) as legal mechanisms for international data transfers.
  • All data is transmitted using TLS/SSL encryption.
  • We maintain data processing agreements with our service providers to ensure appropriate safeguards for your data.
  • We apply data minimization practices, collecting only the information necessary for the stated purposes.

9. Your Privacy Rights

9.1 Rights for EU/UK Residents (GDPR)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to Restrict Processing: Request that we limit how we process your data in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time through your account settings or by contacting us.

We will respond to GDPR requests within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

9.2 Rights for California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following rights:

  • Right to Know: Request information about what personal data we collect, how we use it, and with whom we share it.
  • Right to Delete: Request deletion of personal data we have collected from you.
  • Right to Opt-Out of Sale: We do not sell your personal information, so this right does not apply in practice.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

We will respond to CCPA requests within 45 days.

9.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at [email protected] with the following information:

  • Your name and the email address associated with your account.
  • A description of your specific request.

If you subscribed to our newsletter through a plugin setup wizard, you can unsubscribe at any time by clicking the unsubscribe link included in every email, or by contacting us at [email protected].

We may need to verify your identity before processing your request to protect your account security.

10. Data Security

We take the security of your data seriously and implement appropriate technical and organizational measures to protect it:

  • Encryption in Transit: All data transmitted between your browser and our website is encrypted using SSL/TLS.
  • Encrypted Storage: Sensitive data such as API keys is stored using encryption with WordPress security salts.
  • Secure Payments: Payment processing is handled entirely by Stripe, which is PCI DSS Level 1 compliant. We never store full credit card numbers.
  • Access Controls: We restrict access to personal data to authorized personnel who need it to provide our services.
  • Regular Audits: We conduct regular security reviews of our code, infrastructure, and practices.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms:

  • We will notify the relevant supervisory authority within 72 hours, as required by GDPR.
  • We will notify affected users without undue delay.
  • We will document all breaches and the actions taken in response.

11. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe that we have inadvertently collected information from a child under 16, please contact us at [email protected] and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will notify you by:

  • Posting the updated policy on this page with a revised “Last Updated” date.
  • Sending an email notification to the address associated with your account.

Your continued use of our services after a change takes effect constitutes your acceptance of the revised policy. We encourage you to review this page periodically. Previous versions of this policy are available upon request.

13. Additional Disclosures

Do Not Track Signals

Our website does not currently respond to “Do Not Track” (DNT) browser signals, as there is no industry-standard technology for honoring DNT. You can manage tracking preferences through our cookie consent mechanism and your browser settings.

California Shine the Light

Under California Civil Code Section 1798.83, California residents may request information about personal data we disclosed to third parties for their direct marketing purposes during the preceding calendar year. We do not disclose personal data to third parties for their direct marketing purposes. If you have questions, contact us at [email protected].

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

InfyPress
Wilmington, Delaware, USA