Privacy Policy

Last updated: January 2026

ContentTrace ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our WordPress plugin and website.

1. Information We Collect

1.1 Website Visitors

When you visit contenttrace.app, we may collect:

• Browser type and version
• Pages visited and time spent
• Referring website
• IP address (anonymized)

1.2 Plugin Users

When the plugin connects to our API, we collect:

• Website domain (for usage tracking and plan identification)
• WordPress version (for compatibility)

1.3 Customers

When you purchase a subscription, we collect:

• Email address
• Payment information (processed securely by Paddle)
• Name (optional)

2. Information We DO NOT Collect

ContentTrace is designed to be privacy-first:

• We do NOT store your WordPress content on our servers
• We do NOT collect your visitors' data
• We do NOT track your visitors
• All token generation and logging happens locally on YOUR server

3. How We Use Your Information

• Domain identification: To identify your plan and enforce usage limits
• Customer support: To help you with issues
• Product updates: To notify you of important updates
• Analytics: To improve our website and plugin

4. Data Storage & Security

4.1 Data Residency

All ContentTrace infrastructure is hosted in Finland (EU) by Hetzner Online GmbH. This supports EU data residency expectations for our European customers.

4.2 What We Store

• Registered domains and their plan status
• Usage statistics (scan counts, not content)
• Customer email addresses

4.3 What We DON'T Store

• Your post content (processed in memory, never saved)
• Payment card details (handled by Paddle)
• Your visitors' personal data

Payment information is processed by our payment processor (Paddle) and never touches our servers.

5. Third-Party Services

We use the following third-party services:

5.1 Paddle — Payment Processing

• Purpose: Process payments for paid subscriptions
• Data shared: Email, name, payment details
• Paddle acts as Merchant of Record
• Privacy: paddle.com/legal/privacy

5.2 ContentTrace API Server

• Purpose: Web scanning, similarity analysis, usage tracking, report generation
• Data shared: Website domain, post content excerpts, URLs
• Content processed in memory and discarded

5.3 Archive.org (Optional)

• Purpose: Create timestamped proof of your content's original publication
• Data shared: Your post URLs (only when you choose to archive)
• This is a free, public service by the Internet Archive

5.4 Google Search via Browser

• Purpose: Opens in user's browser, no server-side requests
• Search runs in your browser — ContentTrace servers do not receive queries or results

6. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your data
• Export your data

Contact us at hello@contenttrace.app to exercise these rights.

7. GDPR Compliance

ContentTrace is designed with GDPR compliance as a core principle:

• Data Residency: All data stored in Finland (EU)
• Legal Basis: We process data under legitimate interest for service delivery and usage tracking
• Data Minimization: We only collect what's necessary
• No Content Storage: We do not store your post content on our servers

7.1 Data Processing Agreement (DPA)

For paid business customers who require a formal Data Processing Agreement for their compliance needs, we offer a standard DPA. Contact us at hello@contenttrace.app to request one.

8. Changes to This Policy

We may update this policy. Significant changes will be communicated via email to customers.

9. Contact

Questions? Email us at hello@contenttrace.app

Address: House No: 200/1, West Agargaon, North Shyamoli, Dhaka-1207, Bangladesh

Phone: +8801829622212