Download Plugin

GDPR Compliance

This page explains how Content Guard Pro handles data in the context of GDPR and similar privacy regulations. It supplements our Privacy Policy with specifics for users in the EEA, UK, and similar jurisdictions.

The Key Points

Before the details:

  1. Your content stays on your server. We don’t receive your WordPress content. The plugin processes everything locally.
  2. We collect minimal data. License validation, basic site info, account details. That’s it.
  3. You have rights. Access, correct, delete, port your data. We make it easy.
  4. We’re transparent about legal bases. Every type of data we process has a documented reason.

Controller vs. Processor: Who’s Responsible for What

This distinction matters under GDPR.

We’re the Controller For:

  • Your account information (name, email, billing)
  • Website analytics on contentguardpro.com
  • License activation data
  • Support communications
  • Marketing preferences

You’re the Controller For:

  • Everything in your WordPress database
  • Any personal data scanned by the plugin
  • Scan results and findings (which stay on your server)

The plugin is a tool you control. We don’t see your content, so we can’t be a processor for it.

What We Collect and Why

Data Purpose Legal Basis How Long We Keep It
Account email/name Account management Contract Active + 3 years
Billing info Payments Contract 7 years (legal requirement)
Site URL (hashed) License validation Legitimate interests Active + 12 months
Site technical info Compatibility, support Legitimate interests Active + 12 months
Support emails Customer service Contract 3 years
Website analytics Site improvement Legitimate interests/consent 26 months

What We Don’t Collect

  • Your WordPress content
  • Your visitors’ personal data
  • Scan results or findings
  • Your login credentials

Legal Bases Explained

Contract (Article 6(1)(b))

Processing necessary to provide what you paid for:

  • Account creation
  • License validation
  • Payment processing
  • Customer support

Legitimate Interests (Article 6(1)(f))

Processing that benefits us without unreasonably affecting you:

  • Product improvement
  • Fraud prevention
  • Security
  • Usage analytics

You can object to legitimate interests processing.

Consent (Article 6(1)(a))

Processing you explicitly agree to:

  • Marketing emails
  • Non-essential cookies
  • Optional plugin telemetry

Withdraw consent anytime.

Legal Obligation (Article 6(1)(c))

Processing we’re required to do:

  • Tax records
  • Regulatory compliance

Your Rights

If you’re in the EEA, UK, or a jurisdiction with similar laws:

Access (Article 15): Request a copy of your data.

Rectification (Article 16): Correct inaccurate data.

Erasure (Article 17): Request deletion (with some exceptions for legal requirements).

Restriction (Article 18): Pause processing in certain situations.

Portability (Article 20): Get your data in a portable format.

Object (Article 21): Object to legitimate interests processing.

Withdraw Consent: Anytime, without affecting prior processing.

We don’t make automated decisions with legal effects, so Article 22 doesn’t apply.

How to Exercise Your Rights

Email: [email protected]

Include:

  • Your name and account email
  • Which right(s) you’re exercising
  • Relevant details to help us find your data

We respond within 30 days. Complex requests may take up to 90 days with notice.

We may need to verify your identity first.

International Transfers

If your data moves outside the EEA/UK, we use:

  • Standard Contractual Clauses: EU Commission-approved contracts
  • Adequacy Decisions: Transfers to countries the EU considers safe
  • Supplementary Measures: Additional protections where needed

Data Breaches

If we experience a breach that risks your rights:

  • We notify the relevant supervisory authority within 72 hours
  • We notify affected individuals without undue delay for high-risk breaches
  • We document everything

For Plugin Users

Your GDPR Obligations

If you use Content Guard Pro to scan content containing personal data, you remain the controller for that data. You’re responsible for:

  • Having a lawful basis to process it
  • Handling data subject requests
  • Maintaining appropriate security
  • Your processing records

Data Processing Agreements

If you need a DPA for compliance reasons, contact [email protected].

Why Local Processing Helps

Because Content Guard Pro processes your content on your server (not ours), your GDPR compliance is simpler. Your content never leaves your infrastructure for scanning.

Supervisory Authorities

You can lodge complaints with your local data protection authority. Find them at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

Children

Our service isn’t for anyone under 16. We don’t knowingly collect children’s data.

Contact

Data protection: [email protected]
General: [email protected]

Updates

We update this page as regulations evolve. Material changes are communicated on our website and, where appropriate, by email.

Scroll to Top