Privacy Policy

Varia Suite values your privacy and is committed to protecting your personal information. This policy explains how we collect, use, store, and safeguard your data when you interact with our website, request services, or use our AI-powered tools. Please read it carefully to understand your rights and how we handle your information.

Effective Date: January 10, 2026
Last Updated: January 10, 2026

Introduction

Varia Suite (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WordPress plugins and services.

This policy applies to the following Varia Suite products:

  • Varia Suite AI Chatbot – AI-powered chatbot with OpenAI integration
  • Varia Suite Flow Chatbot – Flow-based conversation builder
  • Varia Quick Connect – Multi-channel contact widget

By using our plugins, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information Collected by Our Plugins

Varia Suite AI Chatbot

  • Chat Conversations: Messages exchanged between users and the AI chatbot
  • User Interaction Data: Button clicks, flow navigation, and user choices
  • Browser Storage: Chat history and conversation state stored locally in the user’s browser (localStorage)
  • Technical Data: Browser type, device information, IP address (via WordPress)
  • Contact Information: When users submit the “Speak to a Human” form (name, email, optional message)
  • OpenAI API Usage: Your API key and messages are sent to OpenAI for processing (subject to OpenAI’s privacy policy)

Varia Suite Flow Chatbot

  • Interaction Data: User selections and conversation flow navigation
  • Chat Transcripts: Downloaded transcripts (stored locally on user’s device)
  • Browser Storage: Chat state and history (localStorage)

Varia Quick Connect

  • Contact Interaction: When users click WhatsApp, email, or call buttons
  • No Personal Data Stored: This plugin does not store personal information on your server

1.2 Information You Provide to Us

When you purchase or register our plugins through Freemius:

  • Account Information: Name, email address, billing information
  • Payment Information: Processed securely by Freemius and third-party payment processors (we do not store credit card details)
  • License Information: License keys, activation history, website URLs

1.3 Automatically Collected Information

When you use our plugins:

  • Plugin Usage Data: Feature usage, activation/deactivation events (if you opt-in)
  • Diagnostic Data: Plugin version, WordPress version, PHP version, error logs (if you opt-in)
  • License Validation Data: Sent to Freemius servers for license verification

2. How We Use Your Information

We use the collected information for:

2.1 Plugin Functionality

  • Delivering chatbot conversations and responses
  • Routing contact requests (WhatsApp, email, calls)
  • Processing AI requests through OpenAI
  • Storing chat history for continuity
  • Enabling integrations (calendar bookings, social media)

2.2 Service Improvement

  • Understanding how users interact with our plugins
  • Identifying and fixing bugs
  • Developing new features
  • Improving user experience

2.3 License Management

  • Validating plugin licenses
  • Providing updates and support
  • Preventing unauthorized use
  • Managing subscriptions

2.4 Communication

  • Sending license renewal reminders
  • Providing technical support
  • Announcing new features or updates
  • Responding to inquiries

2.5 Legal Compliance

  • Complying with legal obligations
  • Enforcing our terms of service
  • Protecting our rights and property

3. Data Sharing and Third Parties

3.1 Third-Party Services

Our plugins integrate with the following third-party services:

OpenAI (for AI Chatbot)

  • Data Sent: User messages, conversation history, system prompts
  • Purpose: Generate AI responses
  • Privacy Policy: https://openai.com/privacy
  • Your Responsibility: You are responsible for obtaining user consent when using AI features

Freemius (License Management)

  • Data Sent: License keys, website URL, plugin version, diagnostic data (if opted-in)
  • Purpose: License validation, updates, billing
  • Privacy Policy: https://freemius.com/privacy/
  • Data Location: Freemius servers (encrypted in transit)

Integration Services (Optional)

When you enable integrations, data may be shared with:

  • WhatsApp/Facebook: Via wa.me links (subject to Meta’s privacy policy)
  • Twilio: For SMS functionality (subject to Twilio’s privacy policy)
  • Email Services: Via WordPress wp_mail() or SMTP
  • Calendar Services: Calendly, Google Calendar (subject to their respective policies)
  • Social Media Platforms: When users click social links

3.2 No Sale of Personal Information

We do NOT sell, trade, or rent your personal information to third parties.

3.3 Service Providers

We may share information with trusted service providers who assist us in:

  • Payment processing (Freemius)
  • Customer support
  • Hosting and infrastructure
  • Analytics (if you opt-in)

All service providers are contractually obligated to protect your data.

4. Data Storage and Security

4.1 Where Data is Stored

  • Chat Conversations: Stored in user’s browser (localStorage) – not on server
  • Contact Form Submissions: Sent via email or stored in WordPress database
  • License Data: Stored on Freemius servers (encrypted)
  • OpenAI Data: Processed by OpenAI servers (subject to their retention policy)
  • Plugin Settings: Stored in WordPress database on your server

4.2 Security Measures

We implement industry-standard security measures:

  • Encryption: SSL/TLS for data in transit
  • API Key Protection: Stored securely in WordPress database (not exposed in frontend code)
  • Access Controls: Limited access to sensitive data
  • Regular Updates: Security patches and updates
  • Secure Authentication: For license validation

4.3 Your Responsibility

As a WordPress site owner using our plugins:

  • Secure your WordPress installation with strong passwords and updates
  • Protect your OpenAI API key and set usage limits
  • Obtain user consent when collecting personal data via chatbot
  • Comply with GDPR/CCPA if applicable to your users

5. User Rights and Choices

5.1 Access and Control

Users of websites using our plugins have the right to:

  • View Chat History: Download transcripts via the chatbot interface
  • Delete Data: Clear chat history (stored locally in browser)
  • Opt-Out: Decline to use the chatbot or contact widgets
  • Request Deletion: Contact the website owner to delete contact form submissions

5.2 Plugin License Holders

As a license holder, you can:

  • Access Your Account: View license details via Freemius dashboard
  • Update Information: Change email, billing details
  • Cancel Subscription: Stop auto-renewal anytime
  • Request Data Deletion: Contact us to delete your account data
  • Opt-Out of Analytics: Disable diagnostic data collection in plugin settings

5.3 Freemius Opt-In/Opt-Out

When activating plugins, you can:

  • Opt-In: Share diagnostic data to help improve plugins
  • Opt-Out: Skip data collection (functionality remains the same)
  • Change Preference: Update in plugin settings anytime

6. Data Retention

6.1 Chat Data

  • Browser Storage: Retained until user clears browser data or restarts chat
  • Server-Side: Not retained unless explicitly saved by website owner
  • Email Submissions: Retained in email inbox (subject to email retention policy)

6.2 License Data

  • Active Licenses: Retained for duration of subscription
  • Expired Licenses: Retained for 3 years for billing/support purposes
  • Deleted Accounts: Permanently deleted within 30 days of request

6.3 OpenAI Data

  • Subject to OpenAI’s data retention policy
  • Typically retained for 30 days (as of January 2026)
  • Check OpenAI’s current policy for updates

7. Cookies and Tracking

7.1 Browser Storage

Our plugins use localStorage (not cookies) to store:

  • Chat conversation history
  • User preferences
  • Session state

Note: localStorage is stored locally on the user’s device and is not transmitted to our servers.

7.2 No Third-Party Tracking

Our plugins do NOT use:

  • Google Analytics
  • Facebook Pixel
  • Marketing cookies
  • Cross-site tracking

7.3 Website Owner Responsibility

If you add third-party tracking to your website, you are responsible for:

  • Disclosing tracking in your privacy policy
  • Obtaining user consent (cookie consent banner)
  • Complying with GDPR/CCPA requirements

8. Children’s Privacy

Our plugins are NOT intended for children under 18 (or 16 in the EU).

We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately, and we will delete such information.

Website Owner Responsibility: If your website targets children, you must:

  • Comply with COPPA (Children’s Online Privacy Protection Act)
  • Obtain parental consent
  • Implement age-appropriate privacy measures

9. International Data Transfers

9.1 Data Locations

Data may be transferred to and processed in:

  • United States: OpenAI servers, Freemius servers
  • European Union: Freemius data centers (GDPR-compliant)
  • Your Server Location: WordPress hosting location

9.2 GDPR Compliance

For EU users:

  • Legal Basis: Consent, contract performance, legitimate interests
  • Data Processing Agreements: In place with Freemius
  • Standard Contractual Clauses: Used for international transfers
  • User Rights: Access, rectification, erasure, restriction, portability, objection

9.3 Privacy Shield / Adequacy

We rely on:

  • EU-US Data Privacy Framework (for US transfers)
  • Standard Contractual Clauses
  • Adequacy decisions where applicable

10. GDPR, CCPA, and Privacy Rights

10.1 GDPR (EU Users)

If you are in the European Union, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion (“right to be forgotten”)
  • Restriction: Limit processing of your data
  • Portability: Receive data in machine-readable format
  • Object: Opt-out of certain data processing
  • Withdraw Consent: Revoke consent at any time

How to Exercise Rights:

10.2 CCPA (California Residents)

California residents have the right to:

  • Know: What personal information is collected
  • Delete: Request deletion of personal information
  • Opt-Out: Decline sale of personal information (we don’t sell data)
  • Non-Discrimination: Equal service regardless of privacy choices

How to Exercise Rights: Email: contact@variasuite.com with subject “CCPA Request”

10.3 Other Privacy Laws

We comply with privacy laws in:

  • Canada (PIPEDA)
  • Brazil (LGPD)
  • Australia (Privacy Act)
  • Other jurisdictions as applicable

11. AI and Automated Decision Making

11.1 OpenAI Integration

The AI Chatbot uses OpenAI’s GPT models to:

  • Generate conversational responses
  • Answer user questions
  • Provide information based on knowledge base

Important Disclosures:

  • No Automated Decisions: The AI does not make legally binding decisions
  • Human Oversight: Website owners should review AI responses
  • Bias Disclaimer: AI may exhibit biases; use responsibly
  • Accuracy: AI responses may contain errors

11.2 User Notification

Websites using our AI Chatbot should:

  • Clearly indicate users are chatting with AI
  • Provide human alternative (“Speak to a Human” feature)
  • Disclose data processing via OpenAI

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be:

  • Posted on this page with updated “Last Updated” date
  • Notified to license holders via email for material changes
  • Effective immediately unless otherwise stated

Your Continued Use: Constitutes acceptance of updated policy.

Review Regularly: We encourage you to review this policy periodically.

13. Data Breach Notification

In the event of a data breach involving personal information:

  • Notification: We will notify affected users within 72 hours (GDPR requirement)
  • Authorities: We will report to relevant data protection authorities
  • Remediation: We will take immediate steps to contain and remedy the breach

Website Owner Responsibility: If a breach occurs on your WordPress site, you are responsible for user notification.

14. Your Responsibilities as a Plugin User

As a website owner using our plugins, you are responsible for:

14.1 Privacy Policy Disclosure

You must disclose in your website’s privacy policy:

  • Use of chatbot and data collection
  • Third-party services (OpenAI, Freemius, integrations)
  • How user data is used and stored
  • User rights and contact information

14.2 User Consent

You must obtain consent for:

  • Processing personal data via chatbot
  • Sending data to OpenAI
  • Email collection (contact forms)
  • Cookies/localStorage usage

14.3 GDPR/CCPA Compliance

You are responsible for:

  • Cookie consent banners (if required)
  • Privacy rights requests from your users
  • Data processing agreements
  • Legal basis for data processing

14.4 Recommended Privacy Policy Language

Add this to your website’s privacy policy:

This website uses Varia Suite plugins for chat functionality and contact 
management. When you use our chatbot:

- Your messages are processed by OpenAI's GPT models (see OpenAI Privacy Policy)
- Chat history is stored locally in your browser
- You can download or clear your chat history anytime
- If you request human support, we collect your name and email

By using our chatbot, you consent to this data processing.

15. Contact Us

For privacy-related questions, concerns, or requests:

Varia Suite
Email: contact@variasuite.com
Support: https://variasuite.com/contact

Response Time: We aim to respond within 48 hours (5 business days for complex requests).

16. Specific Plugin Privacy Details

16.1 Varia Suite AI Chatbot

Data Collected:

  • User messages and AI responses
  • Conversation history (browser localStorage)
  • Contact form data (name, email, message)
  • Conditional action triggers

Data Shared:

  • OpenAI: Messages, system prompts, conversation context
  • Website owner: Contact form submissions via email

User Control:

  • Download transcript button
  • Restart chat (clears history)
  • Opt-out by not using chatbot

Retention:

  • Browser: Until cleared by user
  • OpenAI: Subject to OpenAI’s 30-day retention
  • Email: Subject to email retention policy

16.2 Varia Suite Flow Chatbot

Data Collected:

  • User button selections
  • Chat transcript (local storage)
  • Integration interactions (WhatsApp, Calendar clicks)

Data Shared:

  • WhatsApp: When user clicks WhatsApp button (Meta’s privacy policy applies)
  • Email: When user submits email form
  • Calendar: When user clicks booking link (third-party policy applies)

User Control:

  • Download transcript
  • Restart chat
  • No account required

Retention:

  • All data stored in browser (localStorage)
  • No server-side retention

16.3 Varia Quick Connect

Data Collected:

  • None – This plugin does not collect or store personal data

Data Shared:

  • Contact interactions trigger third-party services (WhatsApp, email client, phone dialer)
  • Subject to respective third-party privacy policies

User Control:

  • User chooses whether to initiate contact
  • No tracking or data retention

Retention:

  • None – No data is retained by this plugin

17. Legal Basis for Data Processing (GDPR)

We process personal data under the following legal bases:

17.1 Consent

  • Using the chatbot (implied consent)
  • Submitting contact forms (explicit consent)
  • Opting-in to diagnostic data collection

17.2 Contract Performance

  • License activation and validation
  • Providing plugin updates and support
  • Processing payments (via Freemius)

17.3 Legitimate Interests

  • Improving plugin functionality
  • Preventing fraud and abuse
  • Providing customer support
  • Securing our systems

17.4 Legal Obligation

  • Complying with tax laws
  • Responding to legal requests
  • Protecting rights and safety

18. California “Shine the Light” Law

California residents can request information about personal information disclosed to third parties for direct marketing purposes.

We do NOT share personal information with third parties for their direct marketing purposes.

19. Do Not Track (DNT) Signals

Our plugins do not track users across websites. We do not respond to DNT signals as we do not engage in tracking.

20. Analytics and Performance Monitoring

20.1 Freemius Insights (Opt-In)

If you opt-in during plugin activation:

  • Data Collected: Plugin version, WordPress version, PHP version, activation events
  • Purpose: Improve plugin compatibility and performance
  • Opt-Out: Available in plugin settings anytime

20.2 No Google Analytics

Our plugins do NOT include Google Analytics or similar tracking tools.

Website owners may add their own analytics, which is their responsibility to disclose.

Appendix: Definitions

Personal Information/Personal Data: Information that identifies or can identify an individual.

Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion).

Data Controller: Entity that determines the purposes and means of processing personal data (the website owner using our plugins).

Data Processor: Entity that processes data on behalf of the controller (Varia Suite, OpenAI, Freemius).

Consent: Freely given, specific, informed, and unambiguous indication of data processing agreement.

Last Reviewed: January 10, 2026

Acknowledgment: By using Varia Suite plugins, you acknowledge that you have read and understood this Privacy Policy.

Design your future

Brand Evolution Begins Here

Get Started!