Support » Plugin: Wordfence Security - Firewall & Malware Scan » Additions to privacy policy due to WordFence

  • Resolved mfijdvvf


    I’m trying to write a privacy policy for a WP site that uses WordFence. Is there anything specific I need to add into it to cover what the free version of WF does or collects?

Viewing 1 replies (of 1 total)
  • wfdave


    Hi @mfijdvvf,

    There’s three things you may want to include in your privacy policy:

    1. Information that Wordfence saves to your database
    2. Information that Wordfence sends to Defiant
    3. Cookies used and their purpose

    1. Every time someone connects to your website, Wordfence will save the following information in your database (for use in Live Traffic viewing):

    – IP Address (which can be used to determine the Country of origin)
    – User agent (which can be used to determine if the device is mobile or desktop)
    – Referrer (which can be used to determine if the request came from Google)

    2. If your website participates in the Wordfence Security Network (within Wordfence -> All Options), some IP addresses that are deemed to be highly malicious are sent over to Wordfence’s servers. The IP address is then stored on Wordfence servers for 90 days and then removed. If the offending IP address still however is attacking websites, it might be re-added to Wordfence servers.

    3. Some cookies may set to aid in various features. The entire list of cookie names and their purpose can be found here:

    You can also link off to Wordfence/Defiant’s privacy policy if you’d like:


Viewing 1 replies (of 1 total)
  • The topic ‘Additions to privacy policy due to WordFence’ is closed to new replies.