WP Render Blocks
WP Render Blocks

Privacy Policy

Last updated: January 19, 2026

1. Overview

This Privacy Policy explains how WP Render Blocks (“we”, “us”, “our”) collects, uses, and shares information when you use our web application, APIs, and WordPress plugin (collectively, the “Service”).

2. Information We Collect

We collect information in three main ways: (a) you provide it, (b) we collect it automatically, and (c) we receive it from third parties.

  • Account & profile information (e.g., email address, name, authentication identifiers)
  • Organization & team information (e.g., organization name, member roles, invitations)
  • Site information (e.g., WordPress site name/URL you register, API keys you generate)
  • Component data you upload (e.g., ZIP files, source code, assets, configuration, props schema, build artifacts)
  • Usage and performance data (e.g., render logs such as component/version, cache hit, duration, timestamps)
  • Security and operational logs (e.g., IP address and user agent for rate limiting, abuse prevention, and auditing)
  • Billing information (e.g., plan tier, subscription status, Stripe customer/subscription IDs - payment card details are handled by Stripe)
  • Support communications (messages you send via our contact/feedback forms)

3. How We Use Information

We use information to operate, secure, and improve the Service, including to:

  • Provide the dashboard, APIs, SSR rendering, embeds, CDN assets, and WordPress plugin functionality
  • Create and manage accounts, organizations, team access, and permissions
  • Validate packages, run automated security checks on uploads, build/bundle components, and deliver component assets and HTML renders
  • Process subscriptions and manage billing (including upgrades/downgrades/cancellations)
  • Monitor reliability and debug errors (e.g., performance and error monitoring)
  • Prevent spam, fraud, and abuse (e.g., bot protection, rate limiting, security reviews)
  • Communicate with you about service-related updates and support requests

4. How We Share Information

We do not sell your personal information. We share information only as needed to provide the Service, including with:

  • Service providers (processors) that help us host the app, store data, process payments, send emails, monitor errors, and run security reviews (for example: Vercel, Supabase, Stripe, Resend, Sentry, Upstash Redis, Cloudflare Turnstile, GitHub, and - if enabled - an AI provider via OpenRouter). Depending on configuration, we may use some or all of these.
  • Other members of your organization, as directed by your organization admins (e.g., shared access to components and sites)
  • Legal or safety reasons (e.g., to comply with law, enforce our terms, or protect the security and integrity of the Service)
  • A corporate transaction (e.g., merger, acquisition, or asset sale) where information may be transferred as part of that transaction

5. Cookies and Similar Technologies

We use cookies and similar technologies to keep you signed in, remember preferences, protect the Service, and measure performance. You can control cookies through your browser settings; disabling some cookies may affect functionality.

6. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information, including:

  • Access controls and least-privilege practices
  • Secure handling of API keys and session tokens
  • Monitoring and alerting to detect abuse and operational issues
  • Package validation and rate limiting on sensitive endpoints

7. Data Retention

We retain information for as long as necessary to provide the Service and for legitimate business purposes (e.g., security, compliance, dispute resolution). You can delete certain data in the dashboard; deleting an account may remove or anonymize related information, subject to legal and operational requirements.

8. Your Choices and Rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal information. You can also object to or restrict certain processing where applicable.

9. International Transfers

If you access the Service from outside the country where our systems or providers operate, your information may be transferred and processed in other countries. We rely on appropriate safeguards where required by law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the “Last updated” date and, if changes are material, we will take reasonable steps to notify you.

11. Contact

If you have questions about this Privacy Policy or our privacy practices, contact us via the Contact page in the Service.