Last updated: 10 February 2026
Goose Commerce (“we”, “us”, “our”) is operated by Green Goose Manor, a Micro-Entreprise registered in France. We are committed to protecting your privacy and handling your personal data responsibly. This policy explains what data we collect, why we collect it, and how we use it.
The data controller for wpgoose.com is Green Goose Manor, a Micro-Entreprise registered in France. For privacy enquiries, please contact us through our support page.
Account Information: When you register, we collect your name, email address, and password (stored in hashed form). This is necessary to provide you with access to the Plugin and your account.
Payment Information: When you purchase a plan, payment is processed by our payment provider. We do not store full credit card numbers. We retain transaction records including amount, date, and a payment reference for invoicing and support purposes.
Usage Data: We collect basic information about how you use the Plugin, such as which widgets are activated and general usage patterns. This helps us improve the Plugin.
Support Data: When you contact support, we store the content of your communications to provide assistance and improve our service.
Technical Data: We collect standard server logs including IP addresses, browser type, and referring URLs. These are used for security, analytics, and troubleshooting.
We use your data to: provide and maintain your account and licence; process payments and send invoices; provide customer support; send essential service communications (e.g. licence expiry notices); improve the Plugin and website; comply with legal obligations.
We do not sell your personal data to third parties. We do not use your data for targeted advertising.
Contract: Processing necessary to provide you with the service you have purchased or registered for.
Legitimate Interest: Analytics and service improvement, security monitoring, and fraud prevention.
Legal Obligation: Tax records, invoicing, and compliance with French and EU law.
Consent: Marketing communications (if applicable) — you can opt out at any time.
We may share data with: payment processors (to process transactions); hosting providers (to deliver the website and service); email service providers (to send transactional emails). All third-party processors are GDPR-compliant and bound by data processing agreements.
Account data is retained for as long as your account is active. After account deletion, we retain essential records (invoices, transaction history) for 10 years as required by French tax law. Support communications are retained for 3 years. Server logs are retained for 12 months.
Under the GDPR, you have the right to: access your personal data; rectify inaccurate data; erase your data (subject to legal retention requirements); restrict processing; data portability; object to processing; withdraw consent at any time.
To exercise any of these rights, please contact us. We will respond within 30 days.
Your data is primarily stored within the European Economic Area. If any data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses).
We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS/SSL), secure password hashing, regular security updates, and access controls.
We may update this policy from time to time. We will notify registered users of material changes by email. The “last updated” date at the top of this page indicates when the policy was last revised.
For privacy-related questions or to exercise your rights, please contact our support team.
