Privacy Policy

1. Who We Are

Cecom WordPress Solutions operates the website https://cecom.in, which sells WordPress plugins and related digital products. In this Privacy Policy, “we,” “us,” and “our” refer to Cecom WordPress Solutions.

For any privacy-related questions, please contact us via the Contact page.

2. What Data We Collect and Why

Account Registration

When you create an account, we collect your name, email address, and a hashed password. This information is used to manage your account, provide access to purchased licenses, and send order-related communications.

Purchases and Payments

When you purchase a plugin, we collect your name, email address, and order details. We accept cryptocurrency payments only. Blockchain transaction IDs and wallet addresses involved in purchases may be recorded for order verification and accounting purposes. No payment card information is collected or stored.

License Management

We store license keys, associated domain names (activation sites), and activation dates to validate and manage your plugin licenses.

Support Requests

When you contact our support portal, we collect your name, email address, and the content of your message, including any attachments you provide. This data is used solely to respond to and resolve your support request.

Contact Forms

Information submitted through our contact forms (name, email, message) is used only to respond to your inquiry and is not used for marketing without your explicit consent.

Comments

If you leave a comment, we collect your name, email address, website URL (optional), IP address, and browser user agent to facilitate spam detection. An anonymized hash of your email may be sent to Gravatar to display your profile picture.

Cookies

We use cookies for the following purposes:

  • Authentication: Login session cookies that expire after 2 days (or 2 weeks if “Remember Me” is selected).
  • Shopping Cart: Session cookies to maintain your cart contents during your visit.
  • Preferences: Cookies to remember display settings, lasting up to 1 year.
  • Analytics: Anonymized usage data to understand how visitors use our site and improve our products.

You can control cookies through your browser settings. Disabling cookies may limit some site functionality, such as maintaining a shopping cart or staying logged in.

Analytics and Usage Data

We collect anonymized analytics data (pages visited, time on site, referral source, browser type) to improve our website and products. This data does not personally identify you.

Embedded Content

Pages on this site may include embedded content (e.g., videos, demos). Embedded content from third-party websites behaves as if you visited those sites directly and may collect data, use cookies, or track your interactions.

3. How We Share Your Data

We do not sell, rent, or trade your personal data. We may share data with:

  • Cryptocurrency Payment Processors: To complete transactions securely via blockchain networks. These processors may collect transaction metadata per their own privacy policies.
  • Email Service Providers: To send transactional emails (order confirmations, license keys, support replies).
  • Spam Detection Services: Comment data may be checked against automated spam detection services.
  • Legal Obligations: We may disclose data if required by law, court order, or to protect our rights.

4. How Long We Retain Your Data

  • Account data: Retained for as long as your account is active. You may request deletion at any time.
  • Order and billing records: Retained for 7 years for legal and tax compliance.
  • License data: Retained for the duration of your license and up to 2 years after expiry.
  • Support communications: Retained for 2 years after the ticket is resolved.
  • Comments: Retained indefinitely unless you request removal.
  • Analytics data: Retained in anonymized form indefinitely.

5. Your Rights Over Your Data

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal retention obligations.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for direct marketing purposes.
  • Restriction: Request that we restrict processing of your data in certain circumstances.

To exercise any of these rights, please contact us via the Contact page. We will respond within 30 days.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. All transactions are conducted via cryptocurrency over SSL/TLS encrypted connections. No payment card data is collected or processed.

7. International Data Transfers

Your data may be processed or stored in countries outside your own. Where this occurs, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.

8. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately for removal.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email or a notice on our website. The date of the latest revision is indicated below.

10. SmartTR Address Plugin — Data Practices

Our SmartTR Address plugin for WooCommerce connects to external services to function. The following applies to WooCommerce store owners who install this plugin on their sites.

Data Collected Through the Plugin

  • License key and site URL: Collected when a store owner activates a premium license. The site URL is stored as an activation label to associate the license with the site.
  • Activation token: A server-issued identifier returned at activation time, used for subsequent license verification and deactivation requests.
  • Customer address selections: Province, district, neighborhood, and postal code chosen at WooCommerce checkout are stored as standard WooCommerce order meta on the store owner’s database. We do not receive customer address data.
  • Custom field values and file uploads: If the store owner configures custom checkout fields (including file upload fields), those values are stored as WooCommerce order meta on the store owner’s site. File uploads are stored in the store’s WordPress Media Library. We do not receive these files or values.

External Service Connections

  • Address Data API (cecom.in): The plugin fetches Turkish administrative address data (provinces, districts, neighborhoods, postal codes) from our API at https://cecom.in. Only fixed read-only API credentials are transmitted — no personal data, no customer data, and no site-specific data is sent. This connection is made once after plugin activation, on each manual data sync, and on the configured automatic schedule (if set). — Terms of Service, Privacy Policy.
  • License Verification Service (cecom.in): The plugin contacts our license server at https://cecom.in to verify premium license keys. The license key, site URL (as an activation label), and activation token are transmitted. Requests are made on activation, approximately every 12 hours in the background (only on sites where a license key has been saved), and on deactivation. No connection is made on sites that have not saved a license key. — Terms of Service, Privacy Policy.
  • WordPress.org Plugins API (api.wordpress.org): Retrieved once every 12 hours when an administrator views the WordPress Plugins list page, to display the plugin’s public rating and review count. Only the plugin slug (smarttr-address) is transmitted as a public identifier — no personal data, no site URL, and no user data is sent. — Privacy Policy.

GDPR Compliance

SmartTR Address registers WordPress personal data exporters and erasers. When a store owner uses WordPress’s privacy tools to export or erase a customer’s data, the plugin includes Turkish address fields, custom field values, and deletes Media Library file attachments created through file-upload custom fields. Store owners are responsible for fulfilling their own data subject requests using these tools.

Data Removal

Deleting the plugin removes all three custom address data tables, all plugin settings, all license data, and all scheduled sync jobs from the store’s database. Customer order meta (address data stored on existing orders) is part of the WooCommerce order record and is not deleted by the plugin uninstaller.

Last updated: March 25, 2026