Privacy Policy

PriceWren ("we", "our", "us") operates the website pds.wp-scan.org. We provide a price tracking service that monitors product prices on third-party e-commerce websites and notifies users via email when prices drop to their desired level.

Contact: privacy@pds.wp-scan.org

Information you provide:

• Email address (required to create alerts)
• Product URLs you choose to track
• Target prices you set
• PayPal subscription data (for Pro plan subscribers)

Information collected automatically:

• IP address (for security and fraud prevention only)
• Browser type and version (standard server logs)
• Pages visited and timestamps

We do NOT install browser extensions, track your browsing history, or monitor any activity outside of our website.

• To send you price drop email alerts for products you are tracking
• To maintain your dashboard and tracker list
• To process your Pro subscription payment via PayPal
• To improve our service and fix technical issues
• To comply with legal obligations

We will never sell your email address or personal data to third parties. We do not use your data for advertising.

We share minimal data with third parties only as necessary:

• PayPal — payment processing for Pro subscriptions. PayPal's privacy policy applies to payment data.
• Hosting Provider — our server stores your data. We use Hostinger with servers in the EU/US.
• Email delivery — alerts sent via PHP mail through our hosting provider's SMTP.

We do not use Google Analytics, Facebook Pixel, or any advertising trackers on this website.

• Active tracker data is kept as long as your account is active
• Price history is stored indefinitely to show you historical trends
• If you delete a tracker, associated data is soft-deleted and purged within 30 days
• You may request full deletion of your account and all data by emailing us

Depending on your location, you have the right to:

• Access — request a copy of all personal data we hold about you
• Correction — update inaccurate personal data
• Deletion — request erasure of your personal data ("right to be forgotten")
• Portability — receive your data in a machine-readable format
• Objection — opt out of processing for legitimate interest purposes
• Withdraw consent — unsubscribe from all alerts at any time

To exercise any of these rights, email privacy@pds.wp-scan.org. We will respond within 30 days.

We use only essential cookies required for the service to function:

• Session cookie — used only for admin panel authentication. Expires when you close your browser.

We do not use tracking cookies, analytics cookies, or advertising cookies. No cookie consent banner is required as we only use strictly necessary cookies.

We implement industry-standard security measures:

• HTTPS encryption for all data in transit (TLS 1.2+)
• Passwords hashed with bcrypt (cost factor 12)
• Database access restricted to application server only
• No sensitive payment data stored — all payments processed by PayPal
• Regular security updates applied to server software

Our service is not directed to children under 13 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of our service after changes constitutes acceptance of the updated policy. For significant changes, we will notify active users by email.

For any privacy-related questions or to exercise your rights:

• Email: privacy@pds.wp-scan.org
• Response time: within 30 days

If you are in the EU and feel your rights are not being respected, you have the right to lodge a complaint with your local Data Protection Authority.