Overview
WP GraphQL Toolkit is designed to help WordPress developers inspect schemas and build GraphQL operations. The plugin should process schema and query information within the connected WordPress environment unless a user deliberately uses a hosted feature described at the time of use.
Information We May Collect
- Website request data such as IP address, browser type, pages viewed, and timestamps when collected by hosting or security services.
- Account, license, billing, and transaction information if paid services are offered.
- Support messages, diagnostic details, and files users choose to provide.
- Product telemetry only when clearly disclosed and where required, enabled with appropriate consent.
- Information required to prevent abuse, secure services, and comply with law.
WordPress And GraphQL Data
Your WordPress content, GraphQL schema, query responses, credentials, and authentication tokens remain under your control. Do not submit sensitive WordPress data to support or hosted services unless necessary and explicitly requested through a secure channel.
- Use least-privilege credentials.
- Avoid exposing private fields through the public GraphQL schema.
- Review generated queries before deploying them.
- Protect production backups and diagnostic exports.
How Information Is Used
- Provide, secure, maintain, and improve the product.
- Process purchases, licenses, and updates when those services are available.
- Respond to support and security reports.
- Understand aggregate product usage where lawful and disclosed.
- Meet legal obligations and enforce applicable terms.
Retention And Security
Information is retained only as long as reasonably needed for the purposes described, contractual obligations, security, and legal requirements. No system is perfectly secure; users are responsible for securing their WordPress sites, credentials, endpoints, and exported code.
Your Choices And Rights
Depending on location, users may have rights to access, correct, delete, restrict, object to, or export personal information. Requests should use the verified contact method published on the Contact page once configured.
Children And International Use
The product is intended for professional developers and is not directed to children. Information may be processed in countries where providers operate, subject to appropriate safeguards where required.
Changes To This Policy
Material changes will be reflected by updating the effective date and, when appropriate, providing additional notice. Continued use after a policy change is subject to applicable law.