1. Telemetry & Data Acquisition Framework
PineX Limited employs strict cryptographic standards to protect your identity and proprietary data. We operate on a zero-bloat data acquisition model, collecting only the absolute minimum telemetry and session data required to facilitate your software licenses, process encrypted transactions, and execute our Service Level Agreement (SLA) protocols. We do not engage in unauthorized data harvesting or third-party data brokering.
2. Cryptographic Session Management & Authentication
Our Secure Client Portal utilizes advanced, passwordless authentication. By interacting with the portal, you explicitly consent to the deployment of strictly necessary HTTP-only session cookies and JSON Web Tokens (JWT) required to maintain your active session state, securely route your API requests, and bind your session to your WordPress user ID. We do not deploy tracking pixels or third-party advertising cookies within the secure portal matrix.
3. Financial Infrastructure & Processing
All transactional payloads are routed natively through our certified, PCI-DSS compliant payment gateways. PineX Limited does not store, intercept, or process your raw credit card numbers, CVV codes, or bank routing data on our local server architecture. We only store billing addresses and transaction IDs necessary for tax compliance and SLA verification.
4. Server Logging & Security Matrices
To protect our infrastructure from DDoS attacks, brute-force incursions, and API abuse, our firewall matrices automatically log the IP addresses, browser user agents, and request payloads of incoming traffic. This telemetry is kept strictly for internal security audits and is autonomously purged on a rolling 30-day cycle unless required for an active forensic investigation.
5. API Transmissions & License Validation
When our software operates on your server, it executes periodic HTTP API calls back to the PineX Headquarters to validate its cryptographic license key and check for updates. This transmission includes your license key, your site URL, and the active version of the software. This is strictly a verification protocol; our plugins do not scrape your local database or transmit your customer data back to us.
6. Data Retention Life Cycle
Your identity profile, support tickets, and license metadata are retained in our database for as long as your account remains active. If your account is terminated or becomes permanently dormant, non-essential support telemetry is purged. However, financial ledgers and purchase histories are retained for a minimum of 7 years to comply with HM Revenue & Customs (HMRC) and international tax regulations.
7. Right to Erasure (GDPR Compliance Protocols)
You maintain absolute ownership of your data. Under the General Data Protection Regulation (GDPR) and equivalent international laws, you possess the Right to be Forgotten. If you wish to execute a total purge of your account, non-financial license history, and support tickets from our active database, you may submit a data termination request via the contact engineering matrix. Execution of this request will permanently sever your access to the portal.
8. Breach Notification & Incident Response
In the highly unlikely event of a catastrophic cryptographic failure or unauthorized database intrusion resulting in the exposure of personally identifiable information (PII), PineX Limited adheres to a strict 72-hour incident response protocol. All affected users will be notified via their registered email addresses with a detailed forensic breakdown of the breach and the mitigation strategies deployed.