Privacy Policy
(Updated: July 20, 2021.)
WPEngine, Inc. (“WP Engine,” “we,” “us,” “our”) maintains this Privacy Policy to inform you of our practices with regard to personal data we collect from or about you in connection with our web site (the “Site”) or through the provision of our services (the “Services”). We may update this Privacy Policy from time to time. We will notify you of any material change by providing a notice on our web site or, if you are a customer, by whatever other means upon which we have mutually agreed. The current version of this Privacy Policy may be found at https://wpengine.com/legal/privacy/. By using the Site or the Services you acknowledge your consent to the practices described herein.
If you are a customer who is subject to the privacy laws of California or the European Union, the Data Privacy Addendum located at https://wpengine.com/legal/dpa/ as it may be updated from time to time governs the obligations between us with regard to personal data as defined by such laws.
- Personal data we collect
- Information you give us
In order for you to use our Services and other features of our
Site, we will ask you for some of your personal data (e.g. contact information, name, etc.). The
amount and type of information that we gather depends on the nature of the interaction. For example,
we ask visitors who would like to comment on our blog to provide a username. Those who purchase
Services from us are asked to provide additional information including, as necessary, the personal
and financial information required to process transactions. In each case, we collect such
information only insofar as is necessary or appropriate to fulfill the purpose of your interaction
with us. You can always refuse to supply personal data; however, doing so may prevent you from
receiving our Services or engaging in other activities on the Site. In no event will we ever request
sensitive personal data (e.g. health information, religious preferences, etc.) from you, and we
expressly request that you not provide any such sensitive personal data to us.
- Web server logs
As is true of most websites, we gather certain information automatically through your use
of the Site. This information may include Internet protocol (IP) addresses, browser type, Internet
service provider (ISP), referring or exit pages, the files viewed on the Site (e.g., HTML pages,
graphics, etc.), operating system, date/time stamp, and clickstream data to analyze trends in the
aggregate and administer the site. We use analytical software to help us understand this
information. This software sends information to its licensor. Other sites and companies may also use
this software. As a result, the licensor may collect information that, when aggregated by them,
allows them to identify you individually. We have no responsibility for this collection and use. - Cookies
We and our partners use cookies and similar technologies to analyze trends,
administer the Site, track users’ movements around the Site, and gather demographic information
about our user base as a whole. You can control the use of cookies at the individual browser level.
Ads appearing on our Site may be delivered to you by advertising partners who may set cookies. These
cookies allow the ad server to recognize your computer each time they send you an online
advertisement to compile information about you or others who use your computer. This information
allows ad networks to, among other things, deliver targeted advertisements that they believe will be
of most interest to you. This Privacy Policy covers our use of cookies and does not cover the use of
cookies by any advertisers. However, data tracking files used by us may also be used by these
advertisers and, when combined with other information held by them, be used to identify you
personally. For more information on third party cookies and instructions on how to opt-out of those
cookies set by members of the National Advertising Initiative, please click here.
Or, if you are located in the European Union, please visit the European Interactive Digital Advertising Alliance here. - Information collected by our customers.
Our customers may collect personal data in connection with the Services we
provide to them. WP Engine’s customers control the personal data they collect, and WP Engine will
not use or disclose that personal data except as authorized or directed by the customer in the
course of our provision of the Services and as governed by our agreement with that customer. If your
personal data is controlled by one of our customers, and you have concerns about the way that data
is managed or wish to exercise your rights with respect to such data (including your rights of
access, amendment, or deletion), please contact that customer directly.
- Information you give us
- How we use personal data
WP Engine will only use the personal data we collect as reasonably
necessary for the following purposes:- to allow you to use and interact with the Site;
- to provide the Services to you as our customer;
- to inform our continued development of the Site and the Services;
- to communicate with you from time to time in response to your requests for information
or as may be relevant to your account with us; - to send marketing communications related to the services we provide;
- as required by applicable law or legal requirements pertaining to records retention or
for internal administrative purposes; or - as specifically authorized by you in writing.
- Disclosure to third parties
We will not disclose your personal data to third parties except as
follows:- when we believe disclosure is reasonably required to comply with any law or legal request;
- to enforce our legal and contractual rights, or to protect the rights and safety of
others; - to third parties who help us provide any part of the Site or the Services, to the
limited extent required for such help, and on condition that they may not further disclose your data
or use it for any other purpose; or - as part of a sale of our assets or a merger of our company.
We remain responsible for compliance with this Privacy Policy by third parties to whom we disclose your
personal data. - Procedures to protect personal data
We have put in place reasonable measures and appropriate procedures for implementing
these policies and for safeguarding the personal data we collect. However, we cannot guarantee that personal
data we collect will never be disclosed in a manner inconsistent with this Privacy Policy.We follow generally accepted standards to protect the personal data submitted to us, both
during transmission and once it is received. - Your rights over personal data that we control
Upon request, we will provide you with details regarding your personal data that has
been collected by us or which is under our control. If you would like to change information that we maintain
about you, you may log into your account and change it or submit a support request for any information to
which you don’t have access or the ability to change yourself. Information covered by this Privacy Policy
may be deleted upon your request, provided that such deletion may impact our ability to provide you with the
Services. You may also request that we update or correct your personal data by writing us at: WPEngine, Inc.
Attn: Legal Department, 504 Lavaca St., Ste. 1000, Austin, Texas 78701, or by sending an email to
[email protected] We will respond to your request within a reasonable timeframe.You may opt-out of receiving most e-mails from us by following the “unsubscribe” instructions
provided in the e-mails. Alternatively, you may contact us as described herein. If you are our customer,
you may not be able to opt out of all emails, including certain administrative or billing communications
which are important to the ongoing maintenance of your account.We may keep your personal data for as long as reasonably required to meet the purposes
described herein. Additionally, we will retain this information as required by law, as necessary to
comply with our legal obligations, resolve disputes, and enforce our agreements. - EU-US and Swiss-US Privacy Shield
We participate in and have certified our compliance with the EU – U.S. Privacy Shield
Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries, United Kingdom, and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles.
To learn more about the Privacy Shield
Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.Under the Privacy Shield Frameworks, we are responsible for the processing of personal data
that we collect from you and subsequently transfer to a third party acting as an agent on our behalf. We
comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and
Switzerland including the onward transfer liability provisions.With respect to personal data received or transferred pursuant to the Privacy Shield
Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In
certain situations, we may be required to disclose personal data in response to lawful requests by
public authorities, including requests made to meet national security or law enforcement requirements.If you have an unresolved privacy or data use concern that we have not addressed
satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge)
at https://feedback-form.truste.com/watchdog/request.Under certain conditions more fully described on the Privacy Shield website located at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint,
you may invoke binding arbitration when other dispute resolution procedures have been exhausted. - California Residents
If you are a resident of the State of California, this Section addresses your rights and our
obligations under the California Consumer Privacy Act of 2018 (“CCPA”). Terms used in this Section have the
same meaning as provided in the CCPA.Information We Collect
Our Site collects information that identifies, relates to, describes, references, is capable of
being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer
or device (“personal information”). In particular, our Site has collected the following categories of
personal information from visitors within the last 12 months:Category: Identifiers.
Examples: A real name, IP address, email address, account name, or other similar identifiers.Category: Personal information categories listed in the California Customer Records statute
(Cal. Civ. Code § 1798.80(e)).
Examples: A name, address, telephone number, and (if you are applying for a job) your current employment
and employment history.Category: Internet or other similar network activity.
Examples: Browsing history, search history, information on a consumer’s interaction with a website,
application, or advertisement.Category: Geolocation data.
Examples: Physical location or movements.Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA’s scope.
We obtain the categories of personal information listed above from the following categories of
sources:- Directly from you. For example, from forms you complete on our
website. - Indirectly from you. For example, from observing your actions on
our website or interactions with our advertisers.
Use of Personal Information
We may use, or disclose the personal information we collect
for one or more of the following business purposes:- To fulfill or meet the reason you provided the
information. For example, if you share your name and contact
information to request a price quote or ask a question about our
products or services, we will use that personal information to
respond to your inquiry. If you provide your personal information to
purchase a product or service, we will use that information to
process your payment and facilitate delivery. We may also save your
information to facilitate new product orders or process returns. - To provide you with support and to respond to your
inquiries, including to investigate and address your concerns and
monitor and improve our responses. - To respond to law enforcement requests and as required
by applicable law, court order, or governmental regulations. - As described to you when collecting your personal
information or as otherwise set forth in the CCPA. - We will not collect additional categories of personal
information or use the personal information we collected for
materially different, unrelated, or incompatible purposes without
providing you notice.
Sharing Personal Information
We disclose all of the above categories of personal
information to our third-party service providers subject, in each case,
to a written contract that describes the business purpose of the
disclosure and requires the recipient to both keep that personal
information confidential and not use it for any purpose except
performing the contract.Sales of Personal Information
We do not and will not sell your personal information.Access to Specific Information and Data Portability
Rights
You have the right to request that we disclose certain
information to you about our collection and use of your personal
information over the past 12 months. Once we receive and confirm your
verifiable consumer request, we will provide:- The categories of personal information we collected
about you. - The categories of sources for the personal information
we collected about you. - Our business or commercial purpose for collecting or
selling that personal information. - The categories of third parties with whom we share that
personal information. - The specific pieces of personal information we collected
about you (also called a data portability request). - The categories of personal information we sold to a
purchaser, and the categories of recipients. - The categories of personal information we disclosed for
a business purpose, and the categories of recipients.
Deletion Request Rights
You have the right to request that we delete any of your
personal information that we collected from you and retained, subject to
certain exceptions. Once we receive and confirm your verifiable consumer
request, we will delete (and direct our service providers to delete)
your personal information from our records, unless an exception applies.We may deny your deletion request if retaining the information
is necessary for us or our service provider(s) to:- Complete the transaction for which we collected the
personal information, provide a good or service that you requested,
take actions reasonably anticipated within the context of our
ongoing business relationship with you, or otherwise perform our
contract with you. - Detect security incidents, protect against malicious,
deceptive, fraudulent, or illegal activity, or prosecute those
responsible for such activities. - Debug products to identify and repair errors that impair
existing intended functionality. - Exercise free speech, ensure the right of another
consumer to exercise their free speech rights, or exercise another
right provided for by law. - Comply with the California Electronic Communications
Privacy Act (Cal. Penal Code § 1546 et. seq.). - Engage in public or peer-reviewed scientific,
historical, or statistical research in the public interest that
adheres to all other applicable ethics and privacy laws, when the
information’s deletion may likely render impossible or seriously
impair the research’s achievement, if you previously provided
informed consent. - Enable solely internal uses that are reasonably aligned
with consumer expectations based on your relationship with us. - Comply with a legal obligation.
- Make other internal and lawful uses of that information
that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion
Rights
To exercise the access, data portability, and deletion rights
described above, you can contact us by email at [email protected] or by
phone at (877) 973-6446. Only you, or a person registered with the
California Secretary of State that you authorize to act on your behalf,
may make a verifiable consumer request related to your personal
information. You may also make a verifiable consumer request on behalf
of your minor child.You may only make a verifiable consumer request for access or
data portability twice within a 12-month period. The verifiable consumer
request must:- Provide sufficient information that allows us to
reasonably verify you are the person about whom we collected
personal information or an authorized representative. - Describe your request with sufficient detail that allows
us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal
information if we cannot verify your identity or authority to make the
request and confirm the personal information relates to you. We will
only use personal information provided in a verifiable consumer request
to verify the requestor’s identity or authority to make the request.Response Timing and Format
We endeavor to respond to a verifiable consumer request within
45 days of its receipt. If we require more time, we will inform you of
the reason and extension period in writing. We will deliver our written
response by mail or electronically, at your option. Any disclosures we
provide will only cover the 12-month period preceding our receipt of
your request. The response we provide will also explain the reasons we
cannot comply with a request, if applicable. For data portability
requests, we will select a format to provide your personal information
that is readily useable and should allow you to transmit the information
from one entity to another entity without hindrance, specifically by
electronic mail communication.We do not charge a fee to process or respond to your
verifiable consumer request unless it is excessive, repetitive, or
manifestly unfounded. If we determine that the request warrants a fee,
we will tell you why we made that decision and provide you with a cost
estimate before completing your request.Non-Discrimination
We will not discriminate against you for exercising any of
your CCPA rights. Unless permitted by the CCPA, we will not:- Deny you goods or services.
- Charge you different prices or rates for goods or
services, including through granting discounts or other benefits, or
imposing penalties. - Provide you a different level or quality of goods or
services. - Suggest that you may receive a different price or rate
for goods or services or a different level or quality of goods or
services.
However, we may offer you certain financial incentives
permitted by the CCPA that can result in different prices, rates, or
quality levels. Any CCPA-permitted financial incentive we offer will
reasonably relate to your personal information’s value and contain
written terms that describe the program’s material aspects.
Participation in a financial incentive program requires your prior opt
in consent, which you may revoke at any time.California’s “Shine the Light” law (Civil Code Section §
1798.83) permits users of our Website that are California residents to
request certain information regarding our disclosure of personal
information to third parties for their direct marketing purposes. To
make such a request, please send us an electronic message through our
website or write us at our address listed on our webpage.