This page is intended to explain what data is accessed or processed during usage (both installation and ongoing usage) of the UpdraftPlus backup/restore plugin, both free and Premium versions. In the general case this is “nothing – or, if using an explicit online service, then the minimum required to deliver that service” – but you can and should read the full details below. If you explicitly take other actions whose obvious nature is to sign up for something – e.g. sign up for a newsletter, or follow us on Twitter – then these may involve some data sharing. In such cases, the information will be available in the place where that action is taken. This page is intending to describe plugin usage only.
General note on logging of server requests
In the case of any HTTP requests sent to our servers (including not just explicit visits in your web browser, but API calls made by any software involved), under UK law these requests are logged and stored for 6 months. They are then automatically rotated. We do not process these logs for other purposes except as part of normal server operation (e.g. summarising statistics, or searching for information on particular server events, e.g. investigating unusual load or access patterns). They are never processed for any marketing purposes. Note that this information is assumed in all sections below where it applies and is not repeated.
General notes on data collection and sharing
Where any data needs to be processed by us for an indicated or necessary usage described on this page, then the definition of “us” includes our partner, Xibo Limited (UK registered company 6841995), who provide us with various support services in both customer support and product development, under a strict data sharing agreement for defined usages only. Where “third parties” are mentioned below, these references exclude Xibo.
When taking and restoring backups
In the general case, taking and restoring backups does not result in any communications at all with any of our servers. i.e. No data is gathered by us, and hence none is processed in any way. Neither is there any other gathering of telemetric data on the WordPress dashboard in UpdraftPlus. i.e. There is no observation of how you use the plugin within your WordPress install, and no reporting back of the resulting data to our servers.
In the case of backup destinations which provide security via an OAuth communication flow which uses our authentication server as part of the OAuth protocol (this includes Dropbox, Google Drive, Google Cloud and Microsoft OneDrive in cases where you have not explicitly set up a personal application for authentication), out of necessity of the OAuth protocol, an authentication token passes through our authentication server. No personally identifiable information is stored, or processed, by us as part of this procedure.
Backup storage in UpdraftVault
If you are using UpdraftVault as your storage option, then your site will communicate with our servers over a secure SSL connection to obtain a credential (a ‘token’) (i.e. verify that you currently have an account with us). This token is then used to communicate with our object storage servers which are part of the Amazon AWS platform. Your backup data itself does not pass through any of our servers. All data on this platform is encrypted using server-side encryption (SSE). You can additionally use the feature in UpdraftPlus Premium to encrypt your database backup file using your own key. We do not process any of your backup data in any way (except in response to an explicit support request). It will be retrieved directly to your UpdraftPlus install, or to your computer via your web browser if you use the Vault browser, upon your request. There are no circumstances in which your backup data is processed for any other purpose than backup and restoration, and it is not shared with any other parties.
When using UpdraftPlus Premium’s “site-to-site clone” feature, there are no communications with any of our servers, and hence no data is either stored or processed by us.
When using UpdraftPlus’s “temporary clone” (“UpdraftClone”) feature, your site needs to communicate with our servers in order to establish entitlement (i.e. that you have sufficient ‘credits’, of whatever sort), and request the clone to be created, including the specifics of the clone desired (including WP version to install, PHP version, and the username who created the clone so that they can log in on it). Data on how many clones you currently have active is stored in our databases. It is not processed for any purpose beyond providing the service, and advising you of the credit level on your account and any appropriate actions to take. It is not shared with any third party. When your clone is created, it will have its own VPS (Virtual Private Server), not shared with any other site or customer. Your site will send your backup data directly to the new WordPress install on the clone directly (i.e. not using our servers as an intermediary). We do not access the cloned site except for explicitly requested support, and for general monitoring of the health of the platform. We do not take, or keep, any copy of your data; i.e. when the clone is destroyed, none of your data from it remains.
When you use UpdraftPlus to initiate a new clone, your webserver may make a request to ipinfo.io (or a similar service, if we change it in future) to work out which country your server is located in, in order to show you a suitable default region choice for your clone). You can prevent this lookup and selection of a default choice by defining the constant
UPDRAFTPLUS_DO_NOT_USE_IPINFO with value
truein your site’s
Connecting for updates in paid versions
If you connect UpdraftPlus for receiving updates in your WordPress dashboard, then the information on which site has been connected to receive updates is stored in our database. It is used only via automated code to then send back information on update availability upon request from your site, and for other directly related tasks (e.g. providing information on upcoming licence expiry events). When an update request is sent, it includes your WordPress, PHP and UpdraftPlus version numbers, current language in WordPress, whether your install is a multisite install or not, and the PHP memory limit. Our plugin updates server is capable of using this information to decide what is an appropriate update for you. We reserve the right to summarise this data (i.e. anonymise and aggregate it) for the purpose of producing aggregated statistics on our user base, which we may use to guide our development.
If you are using a self-install version of UpdraftCentral (whether free or paid), then no data is sent to, or processed by, any of our servers. Communications are only between your servers on which the controlled site, and dashboard, are. In the case of the paid version, the above section on connecting for updates also applies.
If you are using our hosted UpdraftCentral product, UpdraftCentral Cloud, then our servers necessarily store information on which sites you have connected to UpdraftCentral, how many licences you have purchased, and they dispatch commands to those sites in accordance with UpdraftCentral’s normal operation. We do not process any data stored or obtained for unrelated purposes. If you approach your licence limit then we may inform you and present your options for upgrades. UpdraftCentral Cloud data is not shared with any third party.
UpdraftPlus may fetch a news feed from our blog and display headlines within the WP admin dashboard. This news feed is fetched from Feedburner, a service operated by Google. As a conseqence, we do not receive (and therefore do not process) any data when this is done.
Posted in: Account management