Plugin Data Policy

Overview — Who This Policy Is For

This Plugin Data Policy is written for site operators — the people and organisations who install and use the NetroFlex CIP™ WordPress plugin on their own websites. It provides a complete technical disclosure of every data flow that occurs between the plugin running on your server and NetroFlex servers.

This policy is also designed to help you meet your own legal obligations. If you use the NetroFlex CIP™ plugin, you are a data controller under GDPR and similar frameworks. NetroFlex is your data processor. As the data controller, you are responsible for disclosing NetroFlex's role and data flows to your own visitors. This policy gives you everything you need to do that correctly.

If you are an end user who submitted a form on a website that uses NetroFlex CIP™, please refer to the privacy policy of the website where you submitted the form. That site's operator is responsible for disclosing how your data is handled.

Complete Data Flow Map

Here is every data flow that occurs between the NetroFlex CIP™ WordPress plugin and NetroFlex servers:

License and API Key Validation

The NetroFlex CIP™ WordPress plugin performs scheduled license validation using a WordPress cron job that runs on the 1st and 15th of each calendar month. This is a server-to-server HTTP POST request sent to api.netroflex.com/api/.

What is transmitted

• Tenant ID — your NetroFlex account identifier
• Hashed license key — your license key in hashed form, not the raw plaintext
• API key — your API key to authenticate the request
• Plugin version — to ensure the plugin version is compatible with our API
• Your server's IP address — as a byproduct of any outbound HTTP request (all servers send their IP when making outbound connections)

What is NOT transmitted

• No visitor data of any kind
• No lead records, email addresses, or personal information belonging to your leads
• No form submission data
• No engagement signals or behavioral data

What happens with the response

Our server responds with the license status (active, suspended, or expired) and the list of modules your plan includes (e.g., smart_panel: true/false). If the license is found to be invalid, inactive, or suspended, the plugin's protected features are disabled until the issue is resolved. If our servers cannot be reached due to a network issue, the plugin operates in a grace period mode and retries on the next scheduled date.

Retention

License validation ping logs are retained for a maximum of 30 days for system monitoring and audit purposes, then permanently deleted. Your server's IP address from these pings is not used for any purpose other than logging the validation request.

Smart Panel Intelligence Data Flow

The Smart Panel is the command centre that displays CIP intelligence, engagement scores, Dorothy AI insights, lead timeline, UTM data, behavioral signals, and bot risk assessment for a specific lead. It is triggered on demand — only when you actively open the Smart Panel for a lead. There is no background polling or automatic data transfer.

What is transmitted when you open the Smart Panel

• A short-lived session token — a 16-byte random token generated per Smart Panel session, valid for 30 minutes. This is used instead of your raw API key to protect your credentials.
• Tenant ID — your NetroFlex account identifier, to isolate your data from other tenants
• Lead ID — the identifier of the lead you are viewing
• The lead's stored data — engagement signals, UTM parameters, temperature classification, behavioral signals, bot risk profile, and any notes you have added to the lead record

What our server does with this data

Our server uses this data to calculate and return the CIP score, intelligence insights, activity timeline, and Dorothy AI responses. The data is processed in memory and the response is returned to your dashboard. The lead's data is not written to any persistent database on our servers.

Multi-tenant isolation

Our platform architecture ensures that your lead data is logically isolated from every other tenant's data. Data belonging to your account cannot be accessed by any other account holder.

Retention

Lead data transmitted for Smart Panel processing is held in memory for the duration of the request only and is not written to persistent storage. Smart Panel session logs (recording that a session was opened, the account, and the timestamp — without retaining lead personal data) may be retained for up to 30 days for system monitoring, then deleted.

Dorothy AI Processing

Dorothy is the NetroFlex CIP™ AI assistant. When you ask Dorothy a question about a lead, a query is sent to our servers along with the lead's context data to generate an intelligent response.

What is transmitted in a Dorothy query

• The lead's CIP engagement score and temperature classification (cold, warm, hot)
• UTM source, medium, campaign, content, and term data
• Behavioral signals — scroll depth, time on page, form interaction patterns
• Bot risk assessment result
• Any notes the operator has added to the lead record
• Timeline and activity history for that lead
• The operator's question or prompt

Where Dorothy runs

Dorothy AI is built and runs entirely on NetroFlex's own infrastructure. We do not use OpenAI, Anthropic, Google, or any other third-party AI provider to process Dorothy queries. Your lead data is never transmitted to any third-party AI service. This is a deliberate architectural decision to protect the privacy of your leads and give you confidence about where your data goes.

What we do NOT do with Dorothy query data

• We do not permanently store lead data submitted in Dorothy queries
• We do not use Dorothy query data to train our models in ways that retain identifiable lead data
• We do not share Dorothy query data with any other tenant, third party, or advertiser
• We do not use Dorothy query data for any purpose other than generating the requested intelligence response

Retention

Lead data transmitted for Dorothy processing is held in memory for the duration of query processing only and is not written to any persistent storage on NetroFlex servers. Dorothy query logs (recording that a query was made, the account that made it, and the timestamp — without retaining the lead's personal data) may be retained for up to 30 days for system monitoring and abuse prevention, then permanently deleted.

Dorothy's responses are informational only

Dorothy's responses are suggestions based on engagement signals. They are not professional advice, definitive assessments, or grounds for automated decisions that legally affect individuals. You are solely responsible for any actions taken based on Dorothy's suggestions.

What We Do Not Store

For absolute clarity:

• We do not have access to your lead database — it resides entirely on your own server under your own control
• We do not permanently store lead records, email addresses, phone numbers, or any personal information belonging to your leads
• We do not store the content of Dorothy queries or Smart Panel requests beyond the 30-day operational log window, and those logs do not contain lead personal data
• We do not use lead data transmitted through Smart Panel or Dorothy for advertising, profiling, model training with identifiable data, or any purpose beyond generating the requested response
• We do not share your lead data with any third party, including advertising networks, data brokers, or AI providers
• We do not transmit lead data during license validation checks — those are authentication-only requests

Plugin Updates

If the NetroFlex CIP™ plugin is distributed through the WordPress.org plugin repository, plugin update checks are handled by WordPress.org's own infrastructure. These checks send your WordPress site's URL and the plugin version to WordPress.org servers to determine if an update is available. This is standard WordPress behaviour and is governed by WordPress.org's own privacy policy, not by this Plugin Data Policy.

NetroFlex is not responsible for WordPress.org's data handling practices. If you have concerns about WordPress.org update checks, refer to the WordPress.org privacy policy at wordpress.org/about/privacy.

Portal Advertising — Future

The base.netroflex.com portal and the WordPress plugin's lite dashboard view may in the future display third-party advertising, including video and display ad formats served by third-party advertising networks.

No advertising is currently active on any NetroFlex domain or in any plugin interface.

When advertising is introduced, NetroFlex commits to:

• Updating this Plugin Data Policy and our Cookie Policy at least 14 days in advance with full details of the advertising network, cookie types, and data flows involved
• Implementing a consent mechanism for EU/EEA users before any advertising cookies are activated
• Disclosing the identity of any third-party ad networks used and linking to their own privacy policies
• Providing a mechanism for users to opt out of advertising cookies at any time
• Not sharing your lead data with advertising networks — advertising data flows will be isolated to your own portal session data only

Third-party advertising networks typically set cookies for viewability tracking, frequency capping, and audience targeting. We will disclose all such cookies before they are activated. Pro plan subscribers may be offered an ad-free experience where commercially feasible.

Your Obligations as a Plugin Operator

As a site operator using the NetroFlex CIP™ WordPress plugin, you are the data controller for your leads' personal data. NetroFlex is your data processor. Under GDPR and similar privacy frameworks, you have legal obligations to your visitors. These include:

• Privacy policy disclosure: You must update your own privacy policy to disclose that your site uses NetroFlex CIP™, that the plugin contacts api.netroflex.com for license validation and Smart Panel intelligence, and that lead data may be temporarily transmitted to NetroFlex servers when the Smart Panel or Dorothy AI is used.
• Processor identification: You must identify NetroFlex as a data processor in your privacy policy if required by applicable law in your jurisdiction.
• Consent obligations: You must obtain all necessary consents from your visitors before collecting their data through NetroFlex CIP™ forms, and before using features that transmit their data to our servers (Smart Panel, Dorothy).
• International transfer disclosure: If you are based in the EU/EEA or process data on behalf of EU/EEA residents, you must disclose that data may be transferred to our US-based servers and provide appropriate safeguards or disclosures as required by GDPR Chapter V.
• Data subject requests: You must handle data subject access, deletion, correction, and portability requests from your leads. For data stored in your own database, this is entirely within your control. For data that has been processed by our servers, contact us at privacy@netroflex.com.

See the disclosure template in Section 10 for suggested language you can adapt for your own privacy policy.

Privacy Policy Disclosure Template

You are required to disclose your use of NetroFlex CIP™ in your own privacy policy. Below is a template you can adapt. Modify it to reflect your specific use of the platform and the laws applicable in your jurisdiction.

Contact

For questions about this Plugin Data Policy, data flows, or your obligations as a plugin operator:

• Privacy and data questions: privacy@netroflex.com
• Technical support: support@netroflex.com
• Website: netroflex.com

We respond within 5 business days.