These are really exciting times at WP Engine—and in the WordPress space at large. Right now, the number of WordPress sites on the web is higher than ever at 23.1%. Additionally, the rate of adoption is accelerating rapidly across the globe, which means that more and more data on the WP Engine platform is moving across international borders.

In the wake of these changes, WP Engine has made some changes to our legal terms (Privacy Policy, Acceptable Use Policy and Terms of Service). The purpose of this blog post is to call out some of the more important changes.

Changes to our Privacy Policy

Safe Harbor Certification

This is an important data privacy development for WP Engine, our customers, and our customer’s visitors! We now conform to the US-EU & US-Switzerland Safe Harbor Framework. This involves complying with the seven Safe Harbor Privacy Principles of notice, choice, onward transfer, access, security, data integrity, and enforcement, and updating our privacy policy to reflect those principles. All of which means better privacy controls for our customers and their content. For more information on these principles, feel free to reference the Department of Commerce as well as our Privacy Policy.

Changes to our Acceptable Use Policy (AUP)

Storage of certain sensitive data

It is a best practice not to store certain personal data (e.g. credit card numbers, personal health information) on a hosting provider’s platform and accordingly we have updated our AUP to clarify that such data should not be stored on our systems.

Obligation to maintain a privacy policy

More and more frequently companies are getting in trouble with government regulators for not maintaining a privacy policy that accurately reflects the data collection and use processes on the site. We want to make sure that our customers maintain a compliant privacy policy so we’ve updated our AUP to reflect this obligation. While we cannot provide you with legal advice on how to write a privacy policy, there are a lot of great resources out there that can be found by spending a couple of minutes searching online.

Changes to our Terms of Service


We like for things to be easier for our customers, and so we’ve taken as much superfluous language out of our ToS as possible. In fact, we’ve shortened it by almost 450 words! We’ve called out some changes, below, that we believe our customers will be most interested in:


Our ToS used to include a provision which allowed us to limit a customer’s access to support if that customer lacked minimum technical ability. We have removed that provision.

Proprietary Rights

Based on feedback we received from our customers, we’ve modified our license to use customer content. Specifically, we’ve clarified that we can only use customer content to provide, maintain and improve our services.


Because we want a balanced and fair agreement, we’ve added the ability for our customers to terminate the agreement at any time by providing thirty days’ notice.

Safe Harbor

We’ve made one update to the ToS for Safe Harbor certification. We collect data both from our customers (primarily when they sign up) and on behalf of our customers (through the sites we host), and therefore we are both a data controller and a data processor as those terms are defined in the European Data Directive. This section clarifies when each role applies to us.

Thank you for taking the time to read this blog post. We’re incredibly excited about the future and appreciate serving you as a customer.

kirkKirk Larson is WP Engine’s first attorney and serves as its In-House Counsel. While he does handle all types of legal work at WP Engine, his passions are privacy, data security, and maintaining a free and open internet. If you’re ever around downtown Austin in the early morning you’ll likely see Kirk running around the trails and roads.