Privacy Policy

Last updated: March 28, 2026

Overview

RightComments ("we", "us", "our") provides an AI-powered comment moderation service for WordPress sites. This policy explains what data we collect, how we use it, and your rights.

What We Collect

Account data: When you sign up, we collect your email address and name to create your account and manage your subscription.

Comment data: When a comment is submitted on your WordPress site, the plugin sends the comment text and basic metadata (author name, email, URL) to our API for spam analysis. This data is processed in real-time on edge servers and is not permanently stored after analysis.

Payment data: Payments are processed by Stripe. We do not store credit card numbers. Stripe's privacy policy governs payment data handling.

Usage analytics: We use Simple Analytics, a privacy-focused analytics tool that does not use cookies or collect personal data.

How We Use Your Data

  • To analyze comments for spam in real-time
  • To provide AI-generated reply suggestions when requested
  • To manage your account and subscription
  • To send transactional emails (account confirmation, password reset)
  • To improve our spam detection accuracy through aggregate, anonymized patterns

What We Don't Do

  • We do not sell your data to third parties
  • We do not use your comments to train AI models
  • We do not store comment content after analysis
  • We do not add cookies or tracking scripts to your WordPress site
  • We do not collect data from your site visitors

Data Processing & Storage

Comment analysis happens on edge servers (via Vercel Edge Functions) and is not persisted beyond the API response. Account data is stored in our database (hosted by Supabase) with encryption at rest.

We retain anonymized event data (comment count, spam detection rate) for analytics purposes. This data cannot be linked back to individual comments or users.

Third-Party Services

  • Supabase — authentication and database hosting
  • Stripe — payment processing
  • Google AI (Gemini) — comment analysis via API
  • Vercel — application hosting and edge functions
  • Simple Analytics — privacy-focused website analytics

GDPR & Your Rights

If you're in the EU/EEA, you have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing
  • Lodge a complaint with your local data protection authority

The WordPress plugin does not store any data on your server or set cookies on your visitors' browsers.

Data Deletion

You can delete your account at any time from your dashboard. This removes all your account data, API keys, and subscription information. Uninstalling the WordPress plugin removes all plugin settings and stored comment metadata from your WordPress database.

Contact

For privacy-related questions, email us at [email protected].