This Privacy Policy explains how SecureHold WP collects, uses, stores, and protects information when you visit https://secureholdwp.com, create an account, purchase a license, download the plugin, contact support, or use the SecureHold WP customer account area.
SecureHold WP is a WordPress and WooCommerce plugin for managing Stripe authorization holds and security deposit workflows in WooCommerce.
Information we collect
1.1 Information you provide directly
We may collect information you provide when you:
- Create a SecureHold WP account
- Log in to your account
- Reset your password
- Purchase a license through Stripe Checkout
- Manage your license or billing access
- Contact support by email
- Download SecureHold WP plugin files from your account
This may include:
- Email address
- Username
- Password submitted during account registration, login, or reset
- License key
- Website URL connected to a license activation
- WordPress, WooCommerce, SecureHold WP, and SecureHold Pro version details if you send them to support
- Stripe mode, such as test or live mode, if you include it in a support request
- WooCommerce order ID if your support request is order-related
- Error messages, screenshots, or diagnostic details you choose to send to support
Passwords are not stored in plain text. SecureHold WP relies on WordPress account handling, which stores passwords as hashed values.
1.2 Information collected automatically by the site
Some technical information may be processed automatically when you use the site or account area.
- WordPress authentication cookies when you log in
- Security nonces used to protect account and REST API requests
- Login rate-limit data based on a hashed form of your IP address
- Account session information handled by WordPress
The login rate-limit system is used to reduce abuse and protect accounts from repeated failed login attempts.
Account data
If you create an account or receive an account after purchasing a SecureHold WP license, we store the information needed to provide account access and license management.
- Your email address
- Your WordPress username
- Your customer role, such as
securehold_customer - Your password hash, managed by WordPress
- Your account session and authentication state
License and activation data
SecureHold WP stores license information so customers can access downloads, manage activations, and view license status in the account area.
- License key
- Plan name
- License status
- Maximum activation count
- Current activation count
- Creation date
- Expiration date where applicable
- Subscription status
- Current billing period end date
- Last payment date
- Customer email
- Linked WordPress user ID
Payments and Stripe
SecureHold WP uses Stripe Checkout for paid purchases and Stripe Billing Portal for billing management.
SecureHold WP does not store your full card number or card security code. Payment details are handled by Stripe.
- Stripe customer ID
- Stripe subscription ID
- Subscription status
- Billing period dates
- Last payment date
Stripe webhooks
Stripe webhooks are used to support payment, subscription, and license workflows.
REST API endpoints
SecureHold WP uses REST API endpoints for account and licensing features.
- Log a user in
- Fetch licenses for the authenticated user
- Create a Stripe Billing Portal session
- Create a Stripe Checkout session
Emails
SecureHold WP may send transactional emails related to account and license activity.
- Password reset emails
- Account setup or password setup emails
- License-related emails
- Support replies sent manually by email
Support email
Support is handled by email at support@secureholdwp.com.
Card numbers, bank details, full payment credentials, Stripe secret keys, WordPress admin passwords, server passwords, or any other sensitive credentials.
Downloads
SecureHold WP customer accounts may provide plugin download links when a license is eligible.
Resources and public content
The Resources section contains public educational articles, guides, documentation-style content, and SEO resources.
Google Fonts
The site loads Google Fonts from Google-hosted font domains.
Logs and security events
SecureHold WP uses technical safeguards such as nonces, authentication checks, rate-limiting, and role-based access controls.
How we use information
- Create and manage customer accounts
- Authenticate users
- Reset passwords
- Create and manage license records
- Provide plugin downloads to eligible customers
- Create Stripe Checkout and Billing Portal sessions
- Respond to support requests
- Protect the site from abuse and unauthorized access
Data shared with third parties
Stripe
Stripe is used for checkout, payment processing, subscription management, and billing portal access.
Email delivery
Transactional emails are sent through WordPress’s email system.
Google Fonts
Google Fonts are loaded for typography.
Data we do not intentionally collect
- Full payment card numbers
- Card security codes
- Bank account credentials
- Stripe secret API keys through support forms
- WordPress admin passwords through support forms
Data retention
SecureHold WP keeps account, license, activation, and billing-related records for as long as needed to provide access and maintain operational records.
Failed login attempt rate-limit records are kept for up to 15 minutes.
Security
- WordPress password hashing
- Security nonces for forms and REST requests
- Capability and authentication checks
- Rate-limiting for failed login attempts
- Generic login error messages
- Scoped license lookup for authenticated users
- Limited frontend exposure of Stripe-related data
Your choices
You may contact us to ask about your SecureHold WP account, license records, or support history.
International use
SecureHold WP is available online and may be accessed from different countries.
Changes to this policy
We may update this Privacy Policy when the SecureHold WP site or infrastructure changes.
Contact
For any question about this Privacy Policy, reach out by email.
support@secureholdwp.com