Legal Document

Privacy Policy

Last updated: March 17, 2026 www.mobydickdev.com plugins@mobydickdev.com
🛡️

This Privacy Policy complies with the EU General Data Protection Regulation (GDPR) and applicable US privacy laws. We are committed to protecting your personal data and being fully transparent about how we use it. If you have any questions, contact us at plugins@mobydickdev.com.

01

Who We Are

MobyDick Dev is the data controller responsible for your personal data collected through our website www.mobydickdev.com.

We develop and distribute WordPress plugins and provide web development services. This Privacy Policy explains what personal data we collect, how we use it, and what rights you have.

02

What Data We Collect

We collect only the minimum data necessary to provide our services:

Data Type Examples Purpose
Identity data First name, last name Order processing, account
Contact data Email address, phone (optional) Order confirmation, support
Billing data Billing address, country Invoicing, tax compliance
Transaction data Order number, amount, date Order fulfillment, refunds
Technical data IP address, browser, device Security, analytics
Usage data Pages visited, time on site Website improvement
Communication data Support emails, messages Customer support
We do NOT collect: payment card numbers (handled by Stripe), sensitive personal data (race, health, religion), or data from children under 16.
03

How We Collect Data

We collect your data through the following means:

  • Direct interactions — when you create an account, make a purchase, or contact us via email.
  • Automated technologies — cookies, server logs, and analytics tools when you browse our website.
  • Third parties — payment processors (Stripe) and analytics services (Google Analytics) may share limited data with us.
04

Why We Use Your Data

We use your personal data for the following purposes:

  • To process and fulfill orders for our plugins and services.
  • To manage your account and provide access to purchased products.
  • To send transactional emails (order confirmations, invoices, download links).
  • To provide customer support and respond to your inquiries.
  • To process refund requests where applicable.
  • To comply with legal obligations (tax records, GDPR requests).
  • To improve our website through anonymized analytics data.
  • To detect and prevent fraud or unauthorized access.
We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
05

Legal Basis for Processing (GDPR)

Under the GDPR, we rely on the following legal bases for processing your personal data:

Purpose Legal Basis
Processing orders & payments Performance of a contract (Art. 6(1)(b))
Sending order confirmations Performance of a contract (Art. 6(1)(b))
Customer support Legitimate interests (Art. 6(1)(f))
Tax & legal compliance Legal obligation (Art. 6(1)(c))
Website analytics Legitimate interests (Art. 6(1)(f))
Marketing emails (if applicable) Consent (Art. 6(1)(a))
06

Data Sharing & Third Parties

We do not sell your personal data. We may share data with the following trusted third parties solely to operate our services:

  • Stripe — payment processing. Your card data is handled directly by Stripe and never stored by us. Stripe Privacy Policy →
  • Google Analytics — anonymized website traffic analysis. Google Privacy Policy →
  • WordPress / WooCommerce — e-commerce platform infrastructure.
  • Hosting provider — our web server processes your data as part of normal website operation.
All third-party processors are bound by data processing agreements and are required to handle your data in compliance with GDPR.
07

International Data Transfers

Some of our third-party service providers (e.g., Stripe, Google) may process your data outside the European Economic Area (EEA).

Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules where applicable
US Users: By using our website, you acknowledge that your data may be transferred to and processed in the European Union (Slovak Republic) and other countries.
08

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Data Type Retention Period
Order & transaction records 10 years (legal / tax obligation)
Account data Until account deletion + 1 year
Support communications 3 years after last contact
Analytics data 26 months (anonymized)
Cookie data As per cookie settings (max 13 months)

After the retention period, data is securely deleted or anonymized.

09

Your Rights (GDPR — EU / EEA Users)

Under the GDPR, you have the following rights regarding your personal data:

👁️
Right to Access
Request a copy of the personal data we hold about you.
✏️
Right to Rectification
Request correction of inaccurate or incomplete data.
🗑️
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
⏸️
Right to Restriction
Request that we limit how we process your data.
📦
Right to Portability
Receive your data in a structured, machine-readable format.
🚫
Right to Object
Object to processing based on legitimate interests or direct marketing.
↩️
Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
⚖️
Right to Complain
Lodge a complaint with your local data protection authority.
To exercise any of these rights, email us at plugins@mobydickdev.com. We will respond within 30 days.
10

Your Rights (US — CCPA / State Laws)

If you are a resident of California or other US states with applicable privacy laws, you have the following rights:

  • Right to Know — request information about the categories and specific pieces of personal data we have collected.
  • Right to Delete — request deletion of personal data we have collected, subject to certain exceptions.
  • Right to Opt-Out — opt out of the sale of personal data. We do not sell personal data.
  • Right to Non-Discrimination — we will not discriminate against you for exercising your privacy rights.
  • Right to Correct — request correction of inaccurate personal data (California Privacy Rights Act).
To submit a verifiable consumer request, email us at plugins@mobydickdev.com with the subject line "Privacy Request — US."
11

Cookies & Tracking Technologies

Our website uses cookies and similar technologies. Here is an overview of the cookies we use:

Category Purpose Duration
Strictly Necessary Shopping cart, session, login Session / 1 year
Analytics Google Analytics — traffic analysis Up to 13 months
Payment Stripe fraud prevention Session
Preferences Language, currency, UI settings 1 year

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

12

Children's Privacy

Our website and services are not directed at children under the age of 16 (or 13 in the US under COPPA).

We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at plugins@mobydickdev.com and we will promptly delete it.

13

Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or destruction, including:

  • SSL/TLS encryption for all data transmitted via our website.
  • Secure payment processing via Stripe (PCI DSS compliant).
  • Access controls limiting who can access personal data internally.
  • Regular security reviews and updates.
No method of transmission over the internet is 100% secure. In the event of a data breach that affects your rights, we will notify you and relevant authorities as required by GDPR within 72 hours.
14

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page.
  • Notify registered users via email where required by law.

We encourage you to review this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.

15

Contact & Data Protection Officer

For any questions, requests, or concerns about this Privacy Policy or your personal data, please contact us:

You also have the right to lodge a complaint with your national Data Protection Authority. In Slovakia, this is the Office for Personal Data Protection of the Slovak Republic (dataprotection.gov.sk).

EU users may also contact the supervisory authority in their country of residence. A list of EU DPAs is available at edpb.europa.eu.

Questions about your privacy?

We take your data rights seriously. Get in touch and we'll respond within 30 days.

plugins@mobydickdev.com mobydickdev.com