Log in Purchase

Privacy Policy

How we collect, use, and protect your personal data.

1. Data controller #

Your personal data is collected and processed by Themeone (see our Legal Notice for company details). For any questions regarding this policy, please contact us through our contact form.

2. Data we collect #

We collect the following personal data depending on your use of the Service:

  • Account: email address and name.
  • Activations: URLs of the sites where you activate your license.
  • Payment: processed entirely by Stripe. We do not store credit card numbers or billing addresses on our servers.
  • Support: any information you provide when submitting a ticket.

We process your personal data based on the following legal grounds under the GDPR:

  • Contract performance (Article 6(1)(b)): to deliver the Plugin, manage your license, process payments, and provide support.
  • Legitimate interest (Article 6(1)(f)): to improve the Service, prevent fraud, and ensure security.
  • Legal obligation (Article 6(1)(c)): to comply with applicable tax and accounting regulations.

4. How we use your data #

We use the data we collect to:

  • Authenticate you via one-time password (OTP) sent to your email.
  • Process purchases through Stripe Checkout and issue invoices.
  • Generate and deliver license keys.
  • Track site activations against your license limits.
  • Send transactional emails (welcome email, OTP codes, license transfer notifications).
  • Provide product support.
  • Enforce rate limits and prevent abuse.

We do not sell your personal data. We do not send marketing emails unless you explicitly opt in.

5. Third-party processors #

We share your data with the following third-party services, strictly for the purposes described above:

  • Stripe (payment processing) — stripe.com/privacy
  • Google (optional sign-in authentication) — policies.google.com/privacy
  • Scaleway (hosting) — scaleway.com/en/privacy-policy
  • AI providers (content generation) — the AI assistant connects to third-party AI services through your WordPress configuration. Providers may include OpenAI, Anthropic, Google, or others depending on your setup.

All processors are bound by data processing agreements. We do not share your data with any other third parties.

6. AI-powered features #

Unblock includes an optional AI assistant that helps you build pages, generate content, and write code. When you use it, the following data may be sent to a third-party AI provider for processing:

  • The content of your prompt.
  • Relevant page context (block structure, text content) needed to generate a response.

Unblock relies on the WordPress AI API and does not choose or impose a specific provider. The AI service used depends on the provider configured in your WordPress installation (e.g. OpenAI, Anthropic, Google). This data is sent directly to the provider’s API and is not stored on our servers. We do not use your prompts or AI responses to train models. Please refer to the privacy policy of your configured provider for details on how they process your data.

The legal basis for this processing is contract performance (Article 6(1)(b) GDPR). The AI assistant is a feature of the product you purchased, and data processing is necessary to deliver the functionality you request. Unblock connects to the AI provider you have configured in your WordPress settings using your own API keys.

7. Cookies #

We only use essential cookies required for the website to function:

  • Session cookie (suspended_session, 30 days): authenticates you after login.
  • OTP cookie (suspended_otp_pending, temporary): tracks a pending login verification. Cleared after authentication.

We do not use analytics or advertising cookies. Disabling essential cookies may prevent you from accessing your account.

8. Data retention #

We retain your personal data for the following periods:

  • License and activation data: for the duration of your license, plus 3 years after expiration or account deletion.
  • Billing records: 10 years, as required by French accounting regulations. Payment details remain in Stripe.
  • Technical data: authentication tokens and logs are automatically purged after 30 days.
  • Support tickets: 3 years after the last exchange.

9. International data transfers #

Stripe and your configured AI provider may transfer data outside the European Economic Area. These transfers are covered by Standard Contractual Clauses or equivalent safeguards approved by the European Commission. Your data is hosted within the EU by Scaleway.

10. Your rights #

Under the GDPR and French data protection law, you have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Delete your data (“right to be forgotten”). Upon deletion, your email is anonymized and your activations are removed.
  • Restrict processing in certain circumstances.
  • Port your data to another service. You can export your license and activation data.
  • Object to processing based on legitimate interest.

To exercise any of these rights, please contact us through our contact form. We will respond within 30 days.

11. Data security #

We implement appropriate technical and organizational measures to protect your personal data, including encrypted connections (HTTPS), secure server infrastructure, and restricted access to personal data. However, no method of transmission over the Internet is 100% secure.

12. Children’s privacy #

The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

13. Changes to this policy #

We may update this policy from time to time. Changes will be posted on this page. We encourage you to review this page periodically.

14. Complaints #

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the French data protection authority (CNIL) at cnil.fr.

15. Contact #

For any questions about this privacy policy or your personal data, please contact us through our contact form.