Privacy Policy

This Privacy Policy explains how Smart Cloud Solutions Inc. (“Smart Cloud Solutions,” “WP Suite,” “we,” “us,” or “our”) collects, uses, stores, shares and protects personal information when you use the WP Suite website, downloadable WordPress plugins, platform account features, documentation, forms, newsletter, support channels and paid subscriptions.

Version 1.1Last revised on: June 18, 2026

WP Suite is developed by Smart Cloud Solutions Inc., a Delaware corporation with a business mailing office at 1221 Brickell Avenue, Suite 900, Miami, FL 33131, USA. Our public business phone number is +1 (645) 230-4733. Our registered agent in Delaware is Legalinc Corporate Services Inc., 131 Continental Dr Suite 305, Newark, DE 19713, USA.

This Privacy Policy is written for a global audience, including visitors and customers in the United States, the European Economic Area, the United Kingdom and other regions. Depending on where you live, additional privacy rights may apply to you.

1. Scope and role of WP Suite

This Privacy Policy applies to personal information that we process for our own website, account, subscription, licensing, support, sales, newsletter and business operations.

WP Suite is generally the data controller for the personal information we collect through:

the WP Suite website at https://wpsuite.io/;
WP Suite account, subscription, workspace and site-connection features;
contact forms, newsletter forms, preference management and support/sales communications;
billing, subscription and license-management workflows;
business communications with us by phone, email, forms or other channels; and
operational records needed to provide and secure WP Suite platform services.

WP Suite is not, by default, a data processor for personal information processed inside a customer’s own WordPress site or AWS account. Customer-deployed WP Suite plugins run on the customer’s WordPress site, in the visitor’s browser, or against backend services deployed into the customer’s own AWS account. In those deployments, the customer controls its own website, AWS resources, authentication system, AI backend, forms, logs, user data and privacy notices.

Unless we separately agree otherwise in writing and the service is technically enabled to give us access, we do not host, operate or process the personal information of our customers’ website visitors, Cognito users, form submitters, knowledge-base users or AI backend users inside customer-owned deployments.

2. Customer-deployed environments

WP Suite is designed so that most runtime processing happens outside WP Suite-controlled infrastructure:

WP Suite plugins run on the customer’s WordPress site and/or in the frontend browser.
Customer AI, authentication, workflow and static-delivery backends are typically deployed into the customer’s own AWS account.
Customer Cognito user pools, identity pools, API Gateway endpoints, Lambda functions, DynamoDB tables, Bedrock configuration, S3 buckets, CloudFront distributions and logs are controlled by the customer unless a separate managed service is agreed.
Customer sites should publish their own privacy policy and cookie policy for their users.

When a WordPress site is connected to WP Suite platform services, we may process platform-level information such as the site URL, workspace identifiers, subscription status, license state, entitlement status, feature-configuration metadata, authentication/session information and operational logs needed to provide and secure the service.

This platform information is used to provide account, subscription, entitlement, site-connection, configuration-delivery and security functionality. It is not intended to include customer end-user personal data, payment card details, customer Cognito user databases, customer form submissions or customer AI backend content.

3. Information we collect

3.1 Information you provide directly

We may collect information you provide when you:

contact us by phone, email or a contact form;
request support, sales information, technical walkthroughs or demos;
subscribe to newsletters or update your preferences;
create or manage a WP Suite account, workspace or subscription;
connect a WordPress site to WP Suite platform services;
purchase or manage paid services; or
otherwise communicate with us.

This may include your name, email address, phone number, company name, role, website URL, workspace or site information, billing details, subscription information, message content, support details, newsletter preferences and other information you choose to provide.

3.2 Demo booking and scheduling

If you book a demo, technical walkthrough or meeting through our website, scheduling may be handled by Calendly. Calendly may process information such as your name, email address, company, role, phone number if provided, meeting preferences, time zone, selected time slot, answers to booking questions, scheduling metadata, calendar invitation details and cancellation or rescheduling activity.

We use this information to schedule meetings, send calendar invitations and reminders, prepare for the meeting, follow up on your request and manage sales or support workflows.

3.3 Phone communications

If you call or message our public business phone number, caller information, call metadata, SMS/message content and agent-handled communication notes may be processed in Quo (formerly OpenPhone). If we cannot answer immediately, we may still see caller numbers and related communication handled by the phone system or agent.

3.4 Email communications

Emails sent to addresses such as sales@wpsuite.io and info@wpsuite.io are processed in our Google Workspace environment. We may store and search these communications to respond to your request, provide support, manage business relationships and maintain business records.

3.5 Contact forms, routing and CRM/ticketing

When you submit a contact, support or sales form on the WP Suite website, the submission may be stored first in our WP Suite AWS account, including Amazon DynamoDB. Raw form submissions stored in DynamoDB are configured with a 30-day time-to-live retention period.

An AWS Bedrock / Amazon Nova Lite based AI agent may classify or route the submission so we can decide whether it should become a lead, support ticket or other internal task. The AI routing is used to assist triage and workflow routing. It is not intended to make legally significant decisions about you without human involvement.

Contact information and relevant message content may be sent to HubSpot, where we may create or update a contact record, lead or ticket. Depending on the nature of your request, message content may be stored in the related lead or ticket record.

We may also send a notification to our Slack workspace so our team can see that a new inquiry arrived. Slack notifications are intended for operational awareness and may include limited information from the submission.

If you subscribe to our newsletter or other updates, we process your email address and any preference topics associated with your subscription. You can manage your preferences at https://wpsuite.io/preferences/ or use unsubscribe links in our emails.

The standard newsletter and contact forms may subscribe you to the default newsletter topic unless a more specific preference is offered or selected. Newsletter preferences and suppression records are stored in HubSpot so we can respect your choices.

3.7 Subscription, payment and billing information

If you purchase a paid subscription or other paid service, payment and billing information is processed by Stripe. This may include contact information, billing address, tax or invoice details, payment method information, transaction history, invoices and subscription status. We do not store full payment card numbers or CVC codes on our own systems.

3.8 Plugin, account and platform information

When you connect a WordPress site to WP Suite, use platform-backed settings or manage a subscription, we may process technical and account-related information such as site URL, workspace identifiers, subscription status, license state, plugin configuration metadata, authentication/session information and operational logs needed to provide and secure the service.

This platform information is separate from personal information that may be processed inside the customer’s own WordPress site, AWS account, Cognito user pool, AI backend, contact forms or databases.

3.9 Cookies, analytics and similar technologies

We use cookies and similar technologies for essential site functions, consent management, analytics, security, performance and marketing measurement. We use CookieYes for cookie consent management, including through Google Tag Manager. Depending on your consent choices and region, tools such as analytics, advertising pixels, reCAPTCHA or other tags may be loaded through Google Tag Manager.

For more details, please see our Cookie Policy and the cookie preferences available on the site.

4. How we use personal information

We use personal information to:

operate, secure and improve the Site and WP Suite platform services;
respond to sales, support, partnership and press inquiries;
route contact form submissions to the right internal workflow;
create and manage HubSpot contacts, leads and tickets;
send newsletters and product updates according to your preferences;
provide account, workspace, plugin, subscription and billing functionality;
provide license, entitlement and feature-configuration services for connected sites;
process payments, invoices, refunds, taxes and accounting records;
monitor abuse, fraud, spam, service misuse and security issues;
analyze site performance and marketing effectiveness where permitted;
comply with legal, tax, accounting and regulatory obligations; and
enforce our Terms of Use and protect our rights, users and services.

5. Legal bases for processing for EEA/UK users

Where GDPR, UK GDPR or similar laws apply, we rely on one or more of the following legal bases:

Purpose	Legal basis
Operating and securing the Site and WP Suite platform services	Legitimate interests; legal obligations where applicable
Responding to inquiries and support requests	Legitimate interests; pre-contractual steps; contract where applicable
Contact form AI routing and workflow triage	Legitimate interests in efficient routing and support
Newsletter and marketing emails	Consent where required; legitimate interests where permitted
Account, subscription, site connection, entitlement, configuration-delivery and license services	Contract; legitimate interests
Payments, invoicing and tax records	Contract; legal obligation
Analytics and non-essential cookies	Consent where required
Fraud prevention, abuse prevention and security	Legitimate interests; legal obligations
Legal claims and compliance	Legal obligation; legitimate interests

You may withdraw consent where processing is based on consent. Withdrawal does not affect processing that happened before withdrawal.

6. Service providers we use

We use third-party service providers to operate WP Suite. Depending on your interaction with us, these may include:

Provider	Purpose
Amazon Web Services (AWS), including DynamoDB and Amazon Bedrock	Hosting, backend processing, WP Suite contact form storage, AI-assisted routing, security and infrastructure
HubSpot	CRM, contact records, lead and ticket management, newsletter preferences
Stripe	Payments, subscriptions, billing, invoices, tax and payment records
Google Workspace	Business email and related communication storage
Calendly	Demo booking, meeting scheduling, calendar invitations, reminders and rescheduling workflows
Quo (formerly OpenPhone)	Business phone, SMS/call handling and related communication records
Slack	Internal operational notifications about inquiries and support/sales workflows
CookieYes	Cookie consent management
Google Tag Manager and related analytics/marketing tools	Tag management, analytics and marketing measurement, subject to consent and configuration
Bot protection and security tools such as reCAPTCHA where enabled	Spam prevention, abuse prevention and security

These providers may process information in the United States and other countries. We use them to perform services for us and not to sell your personal information.

This list describes service providers used for WP Suite’s own website and platform operations. It does not describe processors selected by customers for their own WordPress sites or AWS deployments.

7. AI-assisted processing

Some WP Suite website and internal workflows may use AI-assisted processing. For example, a WP Suite contact form submission may be reviewed by an AWS Bedrock / Amazon Nova Lite based agent to classify the inquiry, suggest relevant documentation or route it to sales, support or another workflow.

We use AI-assisted processing to support human-operated workflows and improve response quality. We do not use AI routing to make legally significant decisions about you without human involvement. If you believe an AI-assisted workflow produced an incorrect routing or response, you may contact us and request human review.

AI features deployed by customers in their own AWS accounts are controlled by the customer and are not covered by WP Suite’s internal AI routing described above.

8. Optional infrastructure automation services

WP Suite may later offer optional infrastructure automation features. For example, a customer may deploy a template into its own AWS account that creates a role which WP Suite or an authorized automation backend can assume, using customer-approved permissions, to create or update AWS resources such as Cognito user pools, external identity provider configuration, email templates, AI-Kit backends or related stacks.

If such services are offered, they will be opt-in and will require the customer to authorize the role, permissions and scope. The typical data processed for such automation may include AWS account identifiers, role ARNs, external IDs, resource names, domains, configuration prompts, deployment parameters, stack status, error logs and related operational metadata.

A role that allows infrastructure deployment does not, by itself, mean WP Suite processes the customer’s end-user personal data. If a future managed service requires WP Suite to process personal information on behalf of a customer, we will provide appropriate additional terms, security commitments and data-processing documentation where required.

9. Data retention

We keep personal information only as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.

Category	Typical retention
Raw contact form submissions in AWS DynamoDB	Up to 30 days through TTL configuration
HubSpot contacts, leads and tickets	While the relationship, request or account remains active, and generally up to 3 years after the last meaningful interaction unless a longer period is needed for legal, security, accounting or dispute purposes
Newsletter preferences and unsubscribe records	Until you unsubscribe or request deletion; suppression records may be retained as needed to honor opt-out choices
Google Workspace business emails	As long as needed for business communication, support, legal or accounting purposes, generally up to 5 years unless a different retention period is required
Calendly demo booking and meeting records	While the relationship, request or account remains active, and generally up to 3 years after the last meaningful interaction unless a shorter period is requested or a longer period is needed for legal, security, accounting or dispute purposes
Quo phone/SMS/call records	Generally up to 24 months unless needed for an active request, legal issue, security issue or business record
Slack operational notifications	According to workspace retention settings, generally used for short-term operational visibility
WP Suite account, workspace, site-connection, entitlement, configuration-delivery and license data	While your account or subscription is active and for a reasonable period afterward for support, security, audit and compliance purposes
Stripe billing, invoice and payment records	As required for payment, tax, accounting, dispute and compliance obligations
Cookie and analytics data	According to the Cookie Policy, consent settings and provider retention configurations

We may retain de-identified, aggregated or anonymized information that no longer identifies you.

10. International transfers

We are a United States company and use service providers that may process personal information in the United States and other countries. If you are located in the EEA, UK or another region with data transfer rules, your information may be transferred to countries that may not provide the same level of data protection as your home jurisdiction.

Where required, we rely on appropriate safeguards such as contractual commitments, standard contractual clauses, vendor data processing terms, technical safeguards and organizational measures.

11. Your privacy rights

Depending on your location, you may have rights to:

request access to personal information we hold about you;
request correction of inaccurate information;
request deletion of personal information;
object to or restrict certain processing;
request portability of information you provided to us;
withdraw consent where processing is based on consent;
opt out of marketing communications; and
complain to a data protection authority.

You can manage newsletter preferences at https://wpsuite.io/preferences/. You can also contact us using the details below.

We may need to verify your identity before responding to certain requests. Some rights may be limited by applicable law, security requirements, legal obligations, accounting rules or the rights of others.

12. Marketing communications

You can unsubscribe from marketing emails using the unsubscribe link in the email or by updating your preferences at https://wpsuite.io/preferences/. We may still send transactional or administrative messages, such as account, billing, service, security or legal notices.

13. Security

We use technical and organizational measures designed to protect personal information, including encryption in transit, access controls, least-privilege access patterns, cloud security controls, logging and separation of operational systems where appropriate. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

14. Children

The Site and Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, please contact us so we can take appropriate action.

15. Third-party websites and services

The Site and Services may link to third-party websites, documentation, platforms or services. Their privacy practices are governed by their own privacy policies. We are not responsible for the privacy practices of third parties.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we may provide notice on the Site, by email or through another appropriate channel. The “Last revised” date shows when this Privacy Policy was last updated.

17. Contact us

Smart Cloud Solutions Inc. Business mailing address: 1221 Brickell Avenue, Suite 900, Miami, FL 33131, USA Phone: +1 (645) 230-4733 Email: info@wpsuite.io Sales: sales@wpsuite.io

Legal notices / registered agent: Legalinc Corporate Services Inc. 131 Continental Dr Suite 305 Newark, DE 19713, USA