Monkbot
Get started

Privacy Policy

Last updated: March 7, 2025

Beta Product Notice

MonkBot is currently in beta. Features, data practices, and third-party integrations may change without prior notice. We make no guarantees regarding data retention, uptime, or the behavior of third-party services used within the platform. By using MonkBot, you acknowledge and accept these limitations.

1. Who We Are

MonkBot (“MonkBot,” “we,” “us,” or “our”) provides an AI-powered automation platform for WordPress site management. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our website at monkbot.app and our software-as-a-service platform (collectively, the “Service”).

If you have questions about this policy, contact us.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, and password when you register.
  • WordPress connection credentials: API keys, site URLs, or plugin credentials you provide to connect your WordPress installations.
  • Prompts and instructions: natural language queries and commands you enter into MonkBot to perform operations on your WordPress sites.
  • Payment information: processed by our third-party payment provider; we do not store raw card data.
  • Communications: messages you send us via contact forms or email.

2.2 Information Collected Automatically

  • Usage data: pages visited, features used, timestamps, and interaction logs.
  • Device and browser data: IP address, browser type, operating system.
  • Session cookies: HTTP-only session tokens used to authenticate your account. We do not use cross-site tracking cookies.
  • API call logs: records of API requests made through your account, including prompt content, for billing, debugging, and abuse prevention.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service.
  • Authenticate your account and maintain your session.
  • Process your WordPress automation requests.
  • Calculate credit usage and enforce plan limits.
  • Send transactional emails (account verification, password resets, billing receipts).
  • Investigate abuse, fraud, or violations of our Terms of Service.
  • Comply with legal obligations.

We do not sell your personal information to third parties, and we do not use your data for advertising.

4. Disclosure to Third Parties

Important: Third-Party AI Processing

To deliver AI-powered responses, your prompts and related context are transmitted to external AI providers. By using MonkBot, you consent to this transmission.

4.1 AI Model Providers

Your natural language prompts and relevant context (such as WordPress site data retrieved to fulfil a request) are forwarded to one or more of the following providers to generate responses:

Each provider has its own data retention and usage policies. MonkBot does not control how these providers handle data once transmitted. We encourage you to review their privacy policies. Do not include sensitive personal data (passwords, financial information, private keys) in your prompts.

4.2 WordPress Abilities API

To execute WordPress operations (plugin management, content creation, WooCommerce actions, etc.), MonkBot transmits your instructions and relevant site context to our WordPress Abilities API service. This service acts as a bridge between MonkBot's AI layer and your WordPress installation. Data sent may include your natural language instruction, the resolved action parameters, and data returned from your WordPress site needed to complete the request.

4.3 MCP Server

MonkBot uses a Model Context Protocol (MCP) server to coordinate multi-step agentic operations. Your prompts, intermediate results, and tool call parameters may be routed through this server. This is required for the Service to function. The MCP server is operated by MonkBot or its infrastructure partners.

4.4 Infrastructure and Service Providers

We use reputable third-party vendors for hosting, database services, email delivery, and payment processing. These vendors are contractually bound to protect your data and are prohibited from using it for purposes other than providing services to us.

4.5 Legal Disclosures

We may disclose your information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of MonkBot, our users, or the public.

5. Data Retention

As a beta product, we have not yet established fixed data retention schedules. We retain your account data for as long as your account is active or as needed to provide the Service. API call logs may be retained for billing, debugging, and abuse prevention purposes for an unspecified period. We reserve the right to delete data at any time during the beta phase.

You may request deletion of your account and associated personal data by contacting us. Note that data already transmitted to third-party AI providers cannot be retrieved or deleted by us.

6. Data Security

We implement reasonable technical and organizational measures to protect your information, including HTTPS encryption, hashed passwords, and HTTP-only session cookies. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, particularly during the beta phase. Use the Service at your own risk.

7. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your personal data (subject to legal obligations and limitations regarding third-party transmitted data).
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise these rights, contact us.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

9. International Transfers

Your information may be transferred to and processed in countries other than your own, including countries where AI model providers and infrastructure partners operate. By using MonkBot, you consent to such transfers. We take steps to ensure adequate protections are in place, but cannot guarantee equivalent legal protections to those in your country.

10. Changes to This Policy

We may update this Privacy Policy at any time, particularly during the beta phase. We will update the “Last updated” date at the top of this page. Continued use of the Service after changes constitutes your acceptance of the updated policy. We recommend reviewing this page periodically.

11. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at:

MonkBot Inc.

Contact us via our contact page

Terms of Service← Back to home