Privacy Policy – AI Story Maker Plugin

Last Updated: October 6, 2025
Version: 2.0.3

1. Introduction

This Privacy Policy describes how the AI Story Maker WordPress plugin (“Plugin”, “we”, “us”, or “our”) collects, uses, and protects information when you use our services. AI Story Maker is developed by Hayan Mamoun and Exedotcom.

2. Information We Collect

2.1 Configuration Data

• OpenAI API Keys: When you configure the plugin with your OpenAI API key, it is stored in your WordPress database (wp_options table) to enable AI story generation
• Unsplash API Keys: If you configure Unsplash integration for image generation, these keys are stored locally in your WordPress database
• Plugin Settings: Various configuration options including story generation preferences, scheduling settings, and content parameters

2.2 Generated Content Data

• Story Content: AI-generated stories and posts created by the plugin are stored as standard WordPress posts in your database
• Post Metadata: The plugin adds metadata to generated posts including:
  • _aistma_generated: Flag indicating AI-generated content
  • _ai_story_maker_sources: Information about content sources
  • ai_story_maker_request_id: Unique identifier for tracking generation requests

2.3 Social Media Integration Data

• Social Media Account Credentials: When you configure social media posting features, account credentials and access tokens are stored locally in your WordPress database
• Social Media Settings: Configuration for automated posting to various social platforms

2.4 Usage and Log Data

• Generation Logs: The plugin maintains logs of story generation activities, including success/failure status and error messages
• Transient Data: Temporary locks and cache data stored using WordPress transients to prevent concurrent operations
• AJAX Request Data: Data from administrative actions performed through the WordPress admin interface

2.5 Subscription and API Data

• Subscription Status: If using the subscription service, the plugin stores information about your subscription status and available credits
• API Usage: Information about API calls made to external services (OpenAI, Unsplash, etc.)

3. How We Use Your Information

3.1 Core Functionality

• Generate AI-powered stories and content using your configured API keys
• Schedule and automate content creation based on your settings
• Manage and organize generated content within your WordPress site
• Provide social media posting capabilities when configured

3.2 Service Communication

• Communicate with external APIs (OpenAI, Unsplash) using your provided credentials
• Validate subscription status and manage credits for premium features
• Fetch general instructions and updates from our master server

3.3 Plugin Operation

• Maintain generation locks to prevent conflicts during story creation
• Log activities for debugging and troubleshooting purposes
• Cache frequently accessed data to improve performance

4. Data Storage and Security

4.1 Local Storage

• All plugin data is stored locally in your WordPress database
• API keys and sensitive credentials are stored using WordPress’s standard security practices
• No sensitive data is transmitted to third parties except as necessary for plugin functionality

4.2 External API Communications

• OpenAI: Your API key and content prompts are sent to OpenAI’s servers for story generation
• Unsplash: Your API key and search queries are sent to Unsplash for image retrieval
• Exedotcom Services: Domain information and subscription data may be sent to our servers for validation

4.3 Security Measures

• AJAX requests are protected with WordPress nonces to prevent unauthorized access
• User capability checks ensure only authorized users can perform administrative actions
• Transient locks prevent concurrent operations that could cause data corruption

5. Data Sharing and Third Parties

5.1 External Service Providers

• OpenAI: Content prompts and API keys are shared for story generation services
• Unsplash: Search queries and API keys are shared for image retrieval services
• Social Media Platforms: Content and credentials are shared when using social posting features

5.2 No Additional Data Sharing

• We do not sell, trade, or otherwise transfer your data to third parties beyond what’s necessary for plugin functionality
• We do not collect or transmit personal information beyond what’s required for the services you’ve configured

6. Data Retention

6.1 Plugin Data

• Configuration data and API keys are retained until you remove them or uninstall the plugin
• Generated content remains in your WordPress database as standard posts
• Log data may be automatically cleaned up based on your WordPress configuration

6.2 Uninstallation

• When you uninstall the plugin, the following data is automatically removed:
  • Plugin-specific transients and cache data
  • Post metadata added by the plugin
  • Plugin configuration options

7. Your Rights and Choices

7.1 Data Control

• You have complete control over all data stored by the plugin
• You can modify or delete any configuration settings at any time
• Generated content can be edited or deleted like any WordPress post

7.2 API Key Management

• You can update or remove API keys at any time through the plugin settings
• Removing API keys will disable related functionality but won’t delete existing content

7.3 Social Media Integration

• Social media credentials can be added, modified, or removed at any time
• You can disable social posting features without affecting story generation

8. Children’s Privacy

This plugin is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. International Data Transfers

When using external APIs (OpenAI, Unsplash), your data may be processed in countries outside your jurisdiction. These services have their own privacy policies and data protection measures.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date.

11. Contact Information

If you have any questions about this Privacy Policy or the plugin’s data practices, please contact:

Developer: Hayan Mamoun
Company: Exedotcom
Website: https://exedotcom.ca
Plugin Repository: https://github.com/hmamoun/ai-story-maker/wiki

12. Legal Compliance

This plugin is designed to comply with:

• WordPress Plugin Directory Guidelines
• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Other applicable data protection laws

Note: This privacy policy covers the AI Story Maker plugin itself. External services (OpenAI, Unsplash, social media platforms) have their own privacy policies that govern their use of your data.

---

Extra Pro Debugging Tip: Enable WordPress debug logging (WP_DEBUG_LOG = true) to monitor plugin activities and API communications for troubleshooting purposes. Remember to disable debug logging in production environments to protect sensitive information.

Related Topics to Learn:

• WordPress Plugin Security Best Practices
• API Key Management and Security
• GDPR Compliance for WordPress Plugins
• Content Generation Ethics and AI Policies
• Social Media API Integration Security