Privacy Policy

Privacy Policy

Last updated: April 7, 2026

1. What We Collect

When you enter a WordPress site URL into Flipr, we perform a public scan of that website. This scan collects only publicly accessible information:

  • Page titles, meta descriptions, and headings
  • Publicly visible text content and images
  • CSS and design patterns (colors, fonts, layout structure)
  • WooCommerce product listings (if publicly visible)
  • Technical metadata (WordPress version, theme, plugins detected)

We do not access any private data, admin panels, databases, or password-protected content. Our scan behaves identically to a search engine crawler.

2. Account Data

If you create an account, we store:

  • Email address and hashed password (never stored in plain text)
  • Display name (optional)
  • Credit balance and usage history
  • Sites you have scanned and their generated previews

3. How We Use Your Data

  • To generate AI-powered redesign previews of the sites you submit
  • To maintain your account and credit balance
  • To improve our AI models and scanning accuracy
  • To communicate service updates (only if you opt in)

4. Data Sharing

We do not sell your data. We share data only with:

  • AI providers (Google Gemini, OpenAI) — site content is sent to generate redesigns. These providers process data per their own privacy policies.
  • Infrastructure providers (Vercel, Neon) — for hosting and database services.

5. Cookies

Flipr uses essential cookies only: authentication tokens and theme/locale preferences. We do not use tracking cookies or third-party analytics.

6. Data Retention

  • Scan results and generated previews are retained for 90 days after last access
  • Account data is retained until you request deletion
  • Anonymous, aggregated analytics may be retained indefinitely

7. Your Rights (GDPR / CCPA)

You have the right to:

  • Access all data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Withdraw consent at any time

8. Security

All data is transmitted over HTTPS. Passwords are hashed with bcrypt. Database access is restricted to authenticated services only. We follow OWASP best practices for application security.

9. Contact

For privacy inquiries or data requests, contact us at privacy@webengine.co.il.

Flipr is operated by WebEngine.