Last updated May 20, 2026

Privacy Policy

This policy explains how Lockora Audit handles website, support, and plugin-related data for its AI-powered WordPress security audit plugin.

Overview

Lockora Audit helps WordPress site owners identify vulnerabilities, misconfigurations, stale dependencies, malware indicators, and other security issues. We process only the information needed to operate the website, respond to inquiries, support the plugin, and provide audit functionality.

This page is a public privacy summary for Lockora Audit. It does not replace any separate data processing agreement that may apply to paid, agency, or enterprise use.

Information we may collect

  • Contact data: name, email address, company, and message content when you email us or request support.
  • Plugin and site metadata: WordPress version, plugin version, PHP version, theme/plugin inventory, audit timestamps, security score, and configuration signals needed to produce findings.
  • Audit findings: vulnerability identifiers, affected plugin or theme paths, severity, remediation status, and redacted snippets or summaries needed to explain an issue.
  • Security reports: vulnerability disclosure details, reproduction steps, affected versions, and related technical evidence you choose to send.
  • Website logs: basic server logs such as IP address, user agent, requested URL, and time of request for security and reliability.

How the plugin handles WordPress audit data

The Lockora Audit plugin is designed to run security checks inside your WordPress installation. The plugin may process local files, configuration values, plugin/theme metadata, database health indicators, and malware scan signals to produce a security report.

Where AI-assisted reasoning is enabled, Lockora Audit is intended to use redacted findings or summaries rather than raw source code whenever possible. You should not intentionally submit secrets, passwords, API keys, private customer records, or regulated personal data through support channels or audit prompts.

How we use information

  • Provide, maintain, and improve the Lockora Audit plugin and website.
  • Generate WordPress security audit reports and remediation guidance.
  • Respond to support, sales, security, and partnership inquiries.
  • Detect abuse, investigate security incidents, and protect the service.
  • Comply with legal obligations and enforce our terms.

Sharing and processors

We may use service providers for hosting, email, analytics, security monitoring, payment processing, and AI-assisted audit reasoning. These providers are permitted to process information only as needed to provide their services to Lockora Audit.

We do not sell personal information. We may disclose information if required by law, to protect users and the service, or as part of a merger, acquisition, or similar business transaction.

Retention

We keep personal information and audit-related records only for as long as needed for the purposes described above, unless a longer retention period is required for security, legal, tax, or operational reasons.

Your choices and rights

Depending on your location, you may have rights to access, correct, delete, restrict, or export personal information — for example under the EU General Data Protection Regulation (GDPR). You may also object to certain processing or withdraw consent where consent is the legal basis.

To make a request, email hello@lockora-audit.com. For security-sensitive requests, we may need to verify your identity or your authority over the relevant WordPress site.

Security

Lockora Audit is built for security workflows, and we use reasonable technical and organizational safeguards to protect information. No internet service or WordPress plugin can guarantee absolute security, so you should maintain backups, keep WordPress updated, and restrict administrative access.

Contact

For privacy questions, contact hello@lockora-audit.com. To report a vulnerability, email security@lockora-audit.com.