GDPR Compliance Policy

Last updated: June 28, 2025

At RhapsodyPlugins, we respect your privacy and your right to understand exactly how your data is handled. This page outlines how we collect, use, store, and protect personal information in accordance with the General Data Protection Regulation (GDPR), which applies to all users in the European Union and EEA.

Our approach is based on transparency, necessity, and minimalism. If we don’t need it, we don’t collect it.

What Personal Data We Collect

We may collect personal information when you:

  • Register for an account
  • Purchase a plugin or theme
  • Contact us for support
  • Subscribe to updates or our newsletter
  • Browse our website (via cookies and usage logs)

Personal data may include:

  • Your name and email address

  • Billing and transaction details (handled securely via Stripe or PayPal)

  • IP address, browser version, and technical environment

  • Support conversations (via email or ticket system)

We do not collect sensitive data (like health or financial records), nor do we profile users for behavioral targeting.

Why We Process Your Data

We process your personal data only when:

  • It’s required to fulfill a contract (e.g. plugin delivery)

  • You’ve given clear, informed consent (e.g. newsletter opt-in)

  • We’re legally obligated to retain transaction records

  • There’s a legitimate interest (e.g. preventing fraud, improving support)

We do not use your data for automated decision-making or advertising segmentation.

“Working with plugin users across multiple countries, we’ve learned that clarity and simplicity around privacy is more powerful than a wall of legalese. So we keep it clean.”

 

Where and How Data Is Stored

Your data may be stored on:

  • Our website server (secured, firewall-protected, located in GDPR-compliant regions)

  • Payment platforms like PayPal and Stripe, which are fully GDPR-compliant

  • Support systems (if applicable) or cloud-based tools with security agreements in place

We retain your data only as long as necessary to fulfill its purpose nothing longer.

Third-Party Tools We Use

We use a few trusted third-party services to provide our products and support. These may process personal data under their own GDPR-compliant policies:

  • Stripe and PayPal – Payment processing

  • Brevo – Email newsletter (opt-in only)

  • Cloudflare – Security and performance

  • Support System – If you contact us

We carefully vet all services for security and privacy standards. We do not sell, rent, or trade your data ever.

Cookies (Yes, the Digital Kind)

We use cookies to:

  • Track usage for analytics (e.g. which pages people visit)

  • Save your preferences (like dark mode or language settings)

  • Maintain session information (like logged-in users)

You can manage cookies via your browser settings or opt out of non-essential cookies through our cookie banner.

Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Delete your data (right to be forgotten)

  • Withdraw consent at any time

  • Object to how your data is used

  • Download your data (data portability)

To exercise these rights, simply email us at [email protected] with your request. We typically respond within 5 business days, often sooner.

Data Breach Policy

If a data breach ever occurs, we’ll notify affected users and the appropriate authorities within 72 hours, as required by law. Our servers are actively monitored, and we implement encryption, limited access controls, and regular audits.

Contact Us About Privacy

Got questions, concerns, or want a full export of your data?

Email: [email protected]
We’re happy to help and will always handle your information with care and respect.

We believe privacy is a fundamental right. GDPR isn’t just a checkbox it’s part of how we build trust.

Thanks for reading.

The RhapsodyPlugins Team