Privacy Policy

WP Scan (wp-scan.org) is operated by Rajan Gupta, an individual developer ("I", "me", "my"). This is an independent, individually-run software product — not a registered company or legal entity.

Contact: support@wp-scan.org

Account data: when you register, I collect your name, email address, and chosen plan.

Payment data: payments are processed by PayPal. After a completed payment I receive a transaction ID, payer email, and payment amount from PayPal — I never see or store your card or bank details. Note: payments are received into a personal PayPal account operated by Rajan Gupta.

Uploaded files: ZIP files you upload for scanning are extracted to a private temporary directory on the server, scanned for vulnerability patterns, then permanently deleted immediately after the scan completes — usually within seconds. I do not read, copy, transmit, or retain the contents of your files.

Scan results: results are returned to your browser and optionally cached in your browser's localStorage for 2 hours. Scan results are not stored on the server.

Scan history: for logged-in users, I store a summary record of each scan (filename, finding counts, date) so you can view your scan history in the dashboard. The actual file contents are never retained.

Server logs: the web server automatically records IP addresses, browser types, pages visited, and timestamps. These logs are retained for up to 30 days for security and abuse prevention.

All payments are processed through PayPal. When you complete checkout you are redirected to PayPal's secure payment page — your card or bank details are entered on PayPal's infrastructure, not on this site.

Personal PayPal account: payments for WP Scan are received into a personal PayPal account held by Rajan Gupta. This is standard for independently operated software products. PayPal's standard Buyer Protection policies apply to your purchase.

I receive from PayPal: your PayPal-registered email address, the transaction ID, and the payment amount. This is used solely to verify your purchase and issue your license key.

PayPal — payment processing. PayPal's privacy policy applies to data you share with PayPal during checkout.

Google Sheets — a private Google Sheet (accessible only to me) is used to log license issuance records for internal bookkeeping. No personal data is shared publicly or with third parties via this sheet.

Google Fonts / Tailwind CDN — pages load Inter font via Google Fonts and Tailwind CSS via CDN. These services may log your IP address and set cache headers; their respective privacy policies apply. No analytics or advertising data is collected by my own code.

I use a single first-party session cookie to keep you logged in. I do not use advertising cookies, cross-site tracking cookies, or analytics scripts. The Google Fonts CDN may set a cache header; it does not track you across sites for advertising purposes.

You may request access to, correction of, or deletion of your personal data at any time by emailing support@wp-scan.org. I will respond within 30 days. If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.

I use HTTPS (TLS) for all data in transit. Database credentials are stored outside the public web root and never in source-controlled files. Passwords are hashed using bcrypt. Uploaded files are stored in a restricted directory not accessible via HTTP. Despite these measures, no internet transmission is 100% secure; you use the Service at your own risk.

WP Scan is intended for developers and website owners and is not directed at children under 13. I do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact me and I will delete it promptly.

I may update this Privacy Policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes constitutes your acceptance of the updated policy.

Questions about this Privacy Policy? Email: support@wp-scan.org