Shakvaro.

Shakvaro WP Insights · Privacy

Privacy Policy

The short version: WP Insights collects nothing until a site administrator explicitly opts in. It's off by default, the site URL is sent only as a one-way hash, and opting out deletes the data. Effective June 16, 2026 · Last updated June 16, 2026.

Who we are

This policy explains how Shakvaro ("Shakvaro", "we", "us") — operator of the Shakvaro WP Insights telemetry service — collects and uses data when a WordPress plugin that includes our SDK sends usage information.

  • Data controller: Shakvaro, Chattogram, Bangladesh.
  • Contact for privacy / data requests: privacy@shakvaro.com.
  • Telemetry endpoint: https://track.shakvaro.cloud.

When this policy applies

It applies only after a site administrator explicitly opts in to data sharing via the consent notice shown by a plugin that bundles our SDK. Data collection is off by default. If the administrator skips or declines, we receive nothing and the plugin keeps working normally.

There are two separate, independent opt-ins:

  • Usage & diagnostics— the data in the "What we collect" section below.
  • Product update emails (optional, separate checkbox) — adds the site administrator email so we can send occasional product updates.

You can change either choice at any time (see "Your choices and rights").

What we collect (only with consent)

Diagnostics data (usage tier)

  • Environment: WordPress version, PHP version, MySQL version, WooCommerce version (if present), active theme name, site locale/language, whether the site is multisite, and web server software.
  • Plugin:the plugin's identifier (slug) and version.
  • Lifecycle events:activation, deactivation, periodic "still active" heartbeats, plugin version changes (from/to), and opt-out/uninstall, each with a timestamp.
  • Deactivation reason:if, on deactivation, the administrator answers the short "why are you leaving?" survey, the selected reason and any optional comment.
  • Feature usage:a set of plugin-defined feature flags (for example, whether a given feature or setting is enabled). These describe plugin configuration, not your site's content or your visitors.
  • A one-way hash of your site URL. We send a SHA-256 hash of the site address so we can recognise the same site across pings without ever receiving or storing the actual URL.
  • Site title and SDK version.

Marketing tier (only if separately opted in)

Site administrator email address — collected onlyif the administrator ticks the separate "product update emails" checkbox. If that box is not ticked, we do not collect or store the email.

Collected automatically by our servers

When the SDK contacts our endpoint, standard web-server logs may briefly record the IP address of the request. We minimise and rotate these logs and do not use them to build profiles.

What we do NOT collect

  • We do notcollect your site's content, posts, customer/visitor data, order data, or the raw site URL.
  • We do not sell or rent any data.

Why we collect it and our lawful basis

  • Purpose:to understand how our (and our customers') plugins are used — active installs, version adoption, environment compatibility, why users deactivate, and which features are used — so we can fix bugs and prioritise development. The optional email is used to send product updates.
  • Lawful basis (GDPR Art. 6): consent (Art. 6(1)(a)) for both tiers. Marketing emails additionally rely on your consent under applicable e-privacy / PECR rules.

Roles (controller / processor)

  • For our own plugins, we are the data controller.
  • Where a third-party developerbundles our SDK in their plugin and uses our hosted service to receive their users' data, that developer is the controller and we act as a processor on their behalf. In that case a separate Data Processing Agreement governs the relationship — contact us at privacy@shakvaro.com.

How long we keep it

  • We keep an install's data while it remains active. If a site stops sending heartbeats for about 12 months, its records are automatically purged.
  • If you opt outor uninstall, the SDK sends a deletion request and we delete or anonymise that install's data, including any stored email.
  • Administrator email is encrypted at rest.

Who we share it with (sub-processors)

We host the service on infrastructure providers necessary to run it. We do not share the data with advertisers or other third parties, and any sub-processors we rely on are limited to the infrastructure providers required to operate the service. We can provide the current sub-processor list on request at privacy@shakvaro.com.

International transfers

Where data is transferred across borders, we rely on appropriate safeguards (such as Standard Contractual Clauses) for any transfers outside the EEA/UK. Contact us for details about where your data is processed.

Your choices and rights

  • Turn it off any time. Each site has a Settings → Data Sharing page (added by the SDK) where the administrator can switch usage and/or email sharing off. Turning usage off stops all collection and requests deletion of previously collected data.
  • Skip at install. Declining the consent notice means nothing is ever sent.
  • Subject to applicable law (GDPR/UK GDPR), you have the right to access, rectify, erase, restrict, object to, and port your data, and to withdraw consent at any time. To exercise these, email privacy@shakvaro.com; we respond within one month.
  • You may also lodge a complaint with your local data-protection authority.

Security

We use HTTPS for all transmission, authenticate every request, rate-limit and size-limit our ingest API, and encrypt sensitive fields (such as email) at rest. No method of transmission or storage is 100% secure, but we take appropriate technical and organisational measures (GDPR Art. 32).

Children

The service is intended for plugin/website administrators and is not directed to children.

Changes to this policy

We may update this policy; material changes will be reflected by the "Last updated" date above.

Contact

Questions or data requests: privacy@shakvaro.com Shakvaro, Chattogram, Bangladesh.

Back to Shakvaro WP Insights