Privacy Policy
Last updated: March 1, 2026
1. Introduction
PageSpark WP ("we," "us," or "our") operates the website pagesparkwp.com and the PageSpark WP WordPress plugin (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.
2. Information We Collect
Account Information (via Google OAuth)
When you sign in using Google OAuth, we receive and store your name, email address, and profile photo. We do not receive or store your Google password. Google OAuth is used solely for authentication, and we request only the minimum scopes required to identify your account.
Payment Information (via Stripe)
Payment processing is handled entirely by Stripe, Inc. When you purchase token bundles, your payment card details are sent directly to Stripe and are never transmitted to or stored on our servers. We receive from Stripe only a transaction ID, payment status, amount, and the associated bundle details. For Stripe's privacy practices, see Stripe's Privacy Policy.
AI-Generated Content (via Anthropic / Claude)
When you use the Service to generate or edit WordPress pages, the text prompts and page content you provide are sent to Anthropic's Claude API for processing. Anthropic processes this data according to their Privacy Policy. We do not permanently store the full content of your prompts or generated output on our servers beyond what is needed for the current session and usage logging.
Transactional Email (via Resend)
We use Resend to send transactional emails such as purchase confirmations and account notifications. Your email address is shared with Resend solely for the purpose of delivering these messages. We do not send marketing or promotional emails unless you explicitly opt in. See Resend's Privacy Policy.
Usage Data
We collect information about how you interact with the Service, including API call timestamps, token consumption, operation types (build or edit), and general usage patterns. This data is used to maintain your account balance, improve the Service, and diagnose technical issues.
3. Cookies & Local Storage
We use cookies strictly for authentication session management. When you sign in via Google OAuth, a secure, HTTP-only session cookie is set to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
| Cookie | Purpose | Duration |
|---|---|---|
| next-auth.session-token | Authentication session | 30 days |
| next-auth.csrf-token | CSRF protection | Session |
| next-auth.callback-url | Post-login redirect | Session |
4. How We Use Your Information
- ✓Authenticate your identity and maintain your account session
- ✓Process token purchases and maintain your account balance
- ✓Send prompts to the Anthropic Claude API to generate and edit WordPress page content
- ✓Send transactional emails (purchase confirmations, account alerts)
- ✓Monitor usage to prevent abuse and enforce fair-use policies
- ✓Diagnose technical issues and improve Service reliability
5. Third-Party Services
We integrate with the following third-party services, each of which has its own privacy policy governing how they handle your data:
6. Data Retention
We retain your account information (name, email, profile photo) for as long as your account is active. Usage logs and transaction history are retained for accounting and dispute resolution purposes.
- •Account data: retained until you request deletion
- •Payment records: retained for 7 years (tax/legal compliance)
- •Usage logs: retained for 12 months, then anonymized
- •AI prompts and generated content: not permanently stored beyond the active session
7. Data Security
We implement industry-standard security measures to protect your personal information, including:
- ✓All data transmitted over HTTPS/TLS encryption
- ✓API keys are generated as unique, cryptographically random tokens
- ✓Payment card data is handled exclusively by PCI-DSS compliant Stripe
- ✓Database access is restricted and credentials are stored as environment variables
- ✓Authentication sessions use secure, HTTP-only cookies
While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- ✓Access: Request a copy of the personal data we hold about you
- ✓Correction: Request that we correct inaccurate or incomplete data
- ✓Deletion: Request that we delete your personal data and account
- ✓Portability: Request an export of your data in a machine-readable format
- ✓Objection: Object to our processing of your personal data in certain circumstances
- ✓Withdrawal of consent: Revoke Google OAuth access at any time via your Google Account settings
To exercise any of these rights, please contact us at support@pagesparkwp.com. We will respond to your request within 30 days.
9. Children's Privacy
The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will promptly delete it.
10. International Data Transfers
Our Service is hosted on Vercel's infrastructure, which may process data in the United States and other jurisdictions. By using the Service, you consent to the transfer of your information to the United States and other countries that may have different data protection laws than your country of residence.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, contact us at: