DesignSetGo apps
Product

Overview

How it works Live demo Quickstart Examples Use cases

Build with AI

Connect your AI New Riff (AI builder) Astro + WooCommerce Security

Who it's for

Site owners Developers Agencies
Docs

Get started

Getting started Quickstart Astro on WordPress

Reference

Bridge API Manifest CLI reference
Pricing Blog Install free

Legal

Privacy policy.

What DesignSetGo collects, what we do not collect, who handles your payments and AI prompts, and your rights over your data.

Effective May 25, 2026.

1. Who we are

DesignSetGo LLC ("DesignSetGo," "we," "us," "our") is the controller of the personal data described in this Privacy Policy. We are an Arizona limited liability company. You can reach our privacy team at privacy@designsetgo.dev.

2. Scope

This Privacy Policy covers data we collect through:

  • The DesignSetGo Apps plugin you install on your WordPress site;
  • The designsetgo.dev marketing and documentation website;
  • The Riff in-admin AI builder;
  • License management, telemetry, and update channels;
  • Email correspondence you initiate with our team.

It does not cover data you collect from your own site's visitors using Apps you install. You are the controller of that data. We are a processor only for the narrow telemetry and license-management purposes described below.

3. What we collect

Account and license data (collected by Freemius on our behalf)

When you purchase a Subscription, start a Trial, or opt in to Freemius from the plugin's admin UI, our payment and license-management partner Freemius collects:

  • Your name and email address;
  • Billing address and tax-relevant information required by your jurisdiction;
  • The Site URL where the plugin is activated, the plugin version, the WordPress version, the PHP version, and the active site language;
  • License key, activation timestamps, and Site count for license enforcement.

We do not see your full payment card details. Payments are processed by Freemius's PCI-DSS-compliant payment processor; only a tokenized reference is shared with us.

Telemetry from the installed plugin

The plugin sends limited operational telemetry to our infrastructure to support billing, product analytics, and trial nudges:

  • Aggregate counts of harness operations (for example, the number of apps generated during a Trial);
  • Aggregate counts of dsgo.ai.prompt calls (the count only; we do not log the prompts or AI responses);
  • Trial state transitions (started, day-7 nudge fired, expired);
  • Plugin error reports when you explicitly submit them.

Telemetry payloads do not include the contents of your posts, your visitors' data, the source of the Apps you install, or AI prompt or response content.

Website analytics (designsetgo.dev)

The designsetgo.dev website uses Google Analytics 4 to measure visit counts, traffic sources, page paths, and high-level click events on calls-to-action (such as "Install free plugin" or "Start 14-day Pro trial"). Google Analytics sets cookies on your browser. We do not enable Google Signals, advertising features, or remarketing audiences.

Cloudflare provides our content delivery network. Cloudflare may receive your IP address and TLS handshake metadata for routing and DDoS protection. See Cloudflare's privacy policy.

Communications

If you email us at support@, privacy@, or legal@designsetgo.dev, we receive your email address, any contents you send, and (depending on your email client) metadata such as the timestamp and your IP address at the time of sending. We retain support correspondence as long as needed to resolve your inquiry and to comply with our records-retention obligations.

4. What we do not collect

  • AI prompt or response content. When you use dsgo.ai.prompt or Riff with the WordPress Connectors path (the dominant case), prompt content is sent directly from your WordPress site to your configured AI provider (such as Anthropic, OpenAI, or Google) under your provider's terms. None of that content passes through our infrastructure.
  • Your AI provider API keys. Your provider keys live in your WordPress Connectors configuration. We do not have access to them.
  • Your site's visitor data. The plugin does not exfiltrate, transmit, or store data about visitors to your WordPress site. Apps you install may collect their own visitor data; that is governed by the privacy policy you publish on your site, not this one.
  • The contents of your WordPress posts, pages, users, or commerce data that Apps read through the bridge. The bridge runs server-side on your site; we never receive that content.
  • Payment card numbers, CVVs, or full card data. Freemius's payment processor handles those.

We process your personal data on the following legal bases:

  • Performance of a contract: processing required to provide the Services to you (license enforcement, account management, subscription billing).
  • Legitimate interests: measuring website usage and product analytics, sending operational service emails, preventing fraud and abuse. We balance these interests against your rights and offer opt-outs where required.
  • Consent: non-essential website cookies and any optional marketing email you opt in to (we do not currently send marketing email).
  • Legal obligation: tax records, sanctions screening, and other obligations imposed by law.

6. Who we share data with

We share personal data only with the following categories of recipients, and only as needed:

  • Freemius (payment processing, license management, subscription billing, trial state).
  • Google (Google Analytics 4 on the designsetgo.dev website only).
  • Cloudflare (CDN, DDoS protection for the designsetgo.dev website).
  • GoDaddy Managed WordPress (the hosting provider for designsetgo.dev).
  • Service providers we engage to support our operations (such as email infrastructure for transactional and support email), bound by written confidentiality and data-processing agreements.
  • Successors in a merger, acquisition, sale of assets, or similar corporate transaction, in which case we will give notice before personal data becomes subject to a different privacy policy.
  • Authorities when required by law, subpoena, or other valid legal process.

We do not sell your personal data. We do not share your personal data for cross-context behavioral advertising.

7. International transfers

We are based in the United States. Our service providers (including Freemius, Google, and Cloudflare) may process data in countries other than your own. Where we transfer personal data from the European Economic Area, the United Kingdom, or Switzerland, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

8. Retention

We retain personal data only as long as needed for the purposes for which it was collected:

  • Account and license data: for the life of your account plus 7 years for tax and audit records.
  • Telemetry data: rolling 24-month window (aggregated and de-identified beyond that point).
  • Website analytics: as configured in our Google Analytics 4 property (currently 14 months for event-level data; aggregated reports persist indefinitely).
  • Support correspondence: 3 years after the case is closed, or longer if required by law.

9. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate personal data;
  • Delete your personal data (subject to legal retention obligations);
  • Restrict or object to certain processing;
  • Receive a portable copy of your personal data;
  • Withdraw consent at any time (without affecting prior processing);
  • Lodge a complaint with your data protection authority.

To exercise any of these rights, email privacy@designsetgo.dev. We respond within 30 days. We may ask you to verify your identity before fulfilling a request.

California residents. The California Consumer Privacy Act (CCPA) gives you specific rights described above and prohibits us from discriminating against you for exercising them. We do not "sell" or "share" personal information as defined by the CCPA.

10. Cookies on designsetgo.dev

The designsetgo.dev website uses the following cookies:

  • Essential session cookies set by WordPress and Cloudflare to keep the site working.
  • Analytics cookies set by Google Analytics 4 to measure visit counts and traffic sources.

The plugin itself sets no cookies on your visitors' browsers, except as needed by an App you install (which is your responsibility to disclose).

11. Security

We use commercially reasonable technical and organizational measures to protect personal data, including TLS encryption in transit, encrypted database backups, principle-of-least-privilege access controls, and routine review of our service providers' security posture. No system is perfectly secure; we will notify affected users without undue delay if we become aware of a personal-data breach that creates a real risk of harm.

12. Children

The Services are not directed to children under 13 (or 16 in the EU/UK). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact privacy@designsetgo.dev and we will delete it.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will give you reasonable notice through the plugin's admin UI, by email, or by posting a notice on designsetgo.dev before the changes take effect.

14. Contact

DesignSetGo LLC
Arizona, USA
privacy@designsetgo.dev