Privacy Policy

Who are we?

In this section, enter the URL of your site, your name or the name of your company or organization, and your contact information.

The amount of information you need to display depends on the local or national regulations to which you are subject. For example, you may need to display a physical address, a public address, or your company's registration number.

Suggested text : Our website address is:

Use of personal data collected

In this section, indicate the personal data you collect about users and visitors to your site. This could include personal data such as name, email address, personal account preferences; transactional data such as order information; and technical data such as cookie information.

You should also record any collection or retention of sensitive personal data such as medical data.

In addition to listing the personal data you collect, you must indicate why you are doing so. These explanations must contain either the legal basis for the collection and storage of data or the active consent given by the user.

Personal data is not created by your users' interactions with your site. They are generated by a technical process such as a contact form, comments, cookies or the integration of third party services.

By default, WordPress does not collect any personal data about visitors, and only collects the data present in the "Your Profile" screen of registered users. However, some of your extensions may collect personal data. In this case, provide the appropriate information below.


In this subsection, specify the information that is retrieved via comments. We have indicated the data collected natively by WordPress.

Suggested text : When you leave a comment on our website, the data entered in the comment form, your IP address and your browser's user agent are collected to help us detect unwanted comments.

An anonymous string created from your email address (also called hash) can be sent to the Gravatar service to check if you are using it. The Gravatar Service Privacy Policy is available here: After validating your comment, your profile picture will be publicly visible next to your comment.


In this sub-section, indicate the information that could be disclosed by users who can upload files to your media library. Uploaded files are generally publicly accessible.

Suggested text : If you are a registered user and upload images to the website, we advise you to avoid uploading images containing EXIF GPS coordinate data. Visitors to your website can download and extract location data from these images.

Contact forms

By default, WordPress does not include a contact form. If you are using a contact form extension, use this subsection to indicate which personal data is saved when the form is submitted, and how long it will be kept. For example, you could indicate that you will retain submissions from a contact form for a period of time for customer service related issues, but that you will not use them for commercial purposes.


In this sub-section, list the cookies used by your site, including those registered by your extensions, social networks and your visit statistics. We have indicated the cookies that WordPress installs by default.

Suggested text : If you leave a comment on our site, you will be asked to save your name, e-mail address and website in cookies. This is only for your convenience so you don't have to enter this information if you make another comment later. These cookies expire after a year.

If you have an account and log in to this site, a temporary cookie will be created to determine if your browser accepts cookies. It does not contain any personal data and will be deleted automatically when you close your browser.

When you log in, we will set a number of cookies to save your login information and screen preferences. The lifetime of a login cookie is two days, that of a screen option cookie is one year. If you check "Remember me", your login cookie will be kept for two weeks. If you log out of your account, the login cookie will be deleted.

When editing or publishing a publication, an additional cookie will be stored in your browser. This cookie does not contain any personal data. It simply shows the ID of the publication you have just changed. It expires after a day.

Embedded content from other sites

Suggested text : Articles on this site may include embedded content (e.g. videos, images, articles...). Content integrated from other sites behaves in the same way as if the visitor were visiting that other site.

These websites may collect data about you, use cookies, embed third-party tracking tools, track your interactions with such embedded content if you have an account connected to their website.

Audience statistics and measurements

In this sub-section, indicate the statistical tools you use for your audience measurements, and if applicable, provide a link to your provider's privacy policy.

By default, WordPress does not collect any visit statistics. However, many hosting providers collect anonymous statistical data. You may also have installed a WordPress extension that provides statistics services. In this case, enter information about this extension here.

Use and transmission of your personal data

In this section, list and name all third party providers with whom you share your site data, including partners, cloud services, payment gateways, and all other third party services. Indicate what data you are sharing and why you are sharing it. Put a link to their privacy policy if possible.

By default, WordPress does not share your personal information with anyone.

How long do you store your data for?

In this section, indicate how long the personal data collected and processed by your website will be kept. Although it is your responsibility to provide a retention schedule for each dataset you have, this information does not need to be displayed here. For example, you could indicate that you retain data received via your contact forms for six months, visit statistics for one year, and records related to online sales for ten years.

Suggested text : If you leave a comment, the comment and its metadata are retained indefinitely. This allows for automatic recognition and approval of subsequent comments instead of leaving them in the moderation queue.

For users who register on our site (if possible), we also store the personal data indicated in their profile. All users may view, modify or delete their personal information at any time (except for their user-ice name). Site managers can also view and modify this information.

The rights you have to your data

In this section, indicate the rights of your users regarding their data and how they can exercise these rights.

Suggested text : If you have an account or if you have left comments on the site, you can request to receive a file containing all the personal data we hold about you, including the data you have provided us with. You can also request the deletion of your personal data. This does not include data stored for administrative, legal or security purposes.

Transmission of your personal data

List in this section all data transfers from your site to outside the European Union and describe how this data is protected with regard to European standards for the protection of private data. This may include your web host, cloud storage or other third party services.

European data protection law requires that data of European residents transferred outside the European Union be protected under the same conditions as if they were in Europe. In addition to listing where the data goes, you should describe how you or your subcontractors ensure compliance with these standards, either through an agreement such as the Privacy Shield (EU/US Data Protection Shield), clauses in your contracts or binding company rules.

Suggested text : Visitors' comments can be verified using an automated service for detecting unwanted comments.

Contact Information

In this section, indicate the contact method available for privacy inquiries. If you must have a Data Protection Officer, please also indicate his/her name and contact details.

Further information

If you use your website for commercial purposes and engage in the collection and processing of more complex personal data, you should provide the following information in your privacy statement, in addition to the information detailed above.

How we protect your data

In this section, indicate the measures you have taken to protect your users' data. This may include technical measures such as encryption, security measures such as two-factor authentication, or human measures such as a trained data protection team. If you have conducted an impact assessment related to the private data leakage, you can also indicate this here.

Procedures implemented in the event of a data leakage

In this section, indicate the procedures you have in place in the event of either potential or actual data leaks, such as internal notification systems, contact mechanisms, or possible rewards for "bug hunters".

Third-party services that transmit data to us

If your website receives user data from third party sources - including advertising sources - this information should be included in the section on data from third party sources in your privacy statement.

Automated marketing and/or profiling operations carried out using personal data

If your website provides a service that includes automated decision making - for example, allowing your customers to take out credit or aggregating their data into an advertising profile - you must explain what is in place and include information about how the information is used, what decisions are made with that aggregated data, and what rights users have over decisions made without human intervention.

Display of information related to sectors subject to specific regulations

If you are a member of a regulated industry, or if you are subject to specific regulations, it is probably necessary to post this information here.