Skip to content
M
MantleWPBack

Privacy Policy

Last updated: April 10, 2026

Introduction

MantleWP (“we,” “us,” or “our”) operates the mantlewp.com website and the MantleWP platform. This Privacy Policy explains how we collect, use, share, and protect your information when you use our Service. By using MantleWP, you agree to the practices described here.

Information We Collect

We collect information you provide directly and information collected automatically when you use our Service.

Account Information You Provide

  • Name and email address (for account creation and authentication via magic link)
  • Organization name and billing address
  • Payment information processed through Stripe (we do not store credit card numbers directly)
  • WordPress site URLs you connect to MantleWP
  • Support requests and feedback you submit

WordPress Site Data Collected by Our Plugin

Our WordPress plugin collects technical site health data only. This includes:

  • WordPress version, PHP version, and server environment details
  • Installed plugin and theme names, versions, and update status
  • Site uptime and performance metrics
  • Database statistics and security configuration status

Information Collected Automatically

  • IP addresses and browser information when you visit mantlewp.com
  • Usage data about features you interact with in the dashboard
  • Session cookies required for authentication (see our Cookie Policy)

What We Do NOT Collect

MantleWP is built with privacy-first principles. We explicitly do not collect, access, or store:

  • End-user data from your WordPress sites (visitor data, customer records, etc.)
  • Website content (pages, posts, images, media files)
  • Customer data or personally identifiable information of your site visitors
  • WordPress user accounts, passwords, or sensitive data from connected sites

Our plugin collects only the technical metadata needed to generate your reports — nothing more.

How We Use Your Information

  • To provide, maintain, and improve the MantleWP Service
  • To generate client reports based on your WordPress site health data
  • To create AI-generated executive summaries for reports
  • To authenticate the WordPress plugin and authorize API requests
  • To send transactional emails (magic link logins, billing receipts, report delivery)
  • To track product usage and improve the platform
  • To comply with legal obligations

Third-Party Services

We share data with the following third-party services solely to operate MantleWP:

  • Stripe — Payment processing for subscriptions and billing. Stripe collects payment information (card number, billing address) according to their Privacy Policy. We do not store raw credit card data.
  • Resend — Email delivery for transactional emails (magic link logins, report delivery, billing notifications). Resend processes your email address according to their Privacy Policy.
  • Anthropic (Claude API) — AI-powered executive summaries in client reports. Site health data is sent to Anthropic to generate summaries and is not retained by Anthropic beyond the API request. See Anthropic's Privacy Policy.

We do not sell your personal data to any third party. We do not use Google Analytics or any third-party advertising trackers.

Cookies

We use only essential cookies for authentication and session management. We do not use advertising, tracking, or analytics cookies. For full details, see our Cookie Policy.

Where Your Data Is Stored

Your data is stored on servers hosted by DigitalOcean in the United States (San Francisco, SFO3 region). All data is encrypted in transit via HTTPS. Payment data is processed and stored by Stripe and never touches our servers in raw form.

Data Retention

We retain your account data for as long as your account is active. When you delete your account or request deletion:

  • Account information (name, email, organization, site URLs) is deleted within 30 days
  • Generated reports and site health data are permanently deleted
  • WordPress plugin connections are severed immediately
  • Stripe billing data is retained by Stripe per their retention policies and applicable tax/legal requirements
  • We may retain anonymized, aggregated usage data that cannot identify you

Your Rights

For All Users

Regardless of your location, you can:

  • Access your personal data by contacting us
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a machine-readable format

GDPR Rights (EU/UK Residents)

If you are in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access: request a copy of personal data we hold about you
  • Right to rectification: correct inaccurate data
  • Right to erasure (“right to be forgotten”): request deletion of your data
  • Right to restrict processing: limit how we use your data
  • Right to data portability: export your data in a machine-readable format
  • Right to object: opt out of certain processing activities

CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to delete your personal information
  • Right to opt out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Data Security

We implement industry-standard security measures including encryption in transit (HTTPS via automatic TLS), secure database access controls, and regular security monitoring. API authentication between the WordPress plugin and our servers uses unique per-site keys transmitted via secure headers. While we strive to protect your information, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Children's Privacy

MantleWP is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting the revised policy on our website with an updated “Last updated” date. Your continued use of MantleWP after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Email: [email protected]

See also: Terms of Service · Cookie Policy