OctoPress Page
Privacy Policy
Last updated: June 4, 2026
OctoPress is a WordPress-hosted AI workspace for site administrators. This Privacy Policy explains how the OctoPress website and the OctoPress plugin handle information.
Who we are
Our website is https://octopress.dev. OctoPress is developed by Nazmul Alam.
Information collected by this website
When you visit this website, the web server may process standard technical information such as your IP address, browser type, requested pages, referring page, and request timestamps. This information is used for site security, troubleshooting, and basic operation.
If this website offers comments, contact forms, downloads, newsletter signup, account login, or support features in the future, we may process the information you submit through those features so we can provide the requested service.
Cookies
This website may use standard WordPress cookies for login, administration, comments, and security. If analytics, embedded media, or third-party services are added later, those services may set their own cookies according to their own policies.
How the OctoPress plugin handles data
OctoPress runs inside your WordPress admin area. The plugin stores operational data in your own WordPress database, including provider configuration, encrypted provider secrets, chats, messages, runs, settings, agent profiles, tool settings, skill settings, extension settings, and related workflow state.
OctoPress does not include an AI model. An administrator must configure an external AI provider before chat and agent workflows can run. Depending on the workflow, OctoPress may send prompts, chat messages, selected WordPress content, tool context, model names, provider metadata, and generated responses to the AI provider selected by the administrator.
Provider API keys and OAuth credentials are stored server-side in WordPress and are not returned to normal browser-facing REST responses. Site owners are responsible for choosing providers, reviewing provider terms, and deciding what data should be sent to those providers.
External AI providers
Built-in provider options include OpenAI services. You can review OpenAI’s policies here:
OctoPress also supports custom OpenAI-compatible endpoints. If you configure a custom provider, that provider receives the request data for the models you use. Review that provider’s terms, privacy policy, and data handling practices before connecting it.
Content and tool actions
OctoPress can read or update WordPress content only through enabled tools, agent profiles, and permissions. Approval-gated actions require confirmation unless a chat has been configured for auto approval. Site administrators remain responsible for reviewing AI-generated content and changes before publishing or approving them.
Data retention
Data stored by the plugin remains in your WordPress database until it is deleted by a site administrator, removed by plugin cleanup tools, or removed during normal WordPress database management. External providers may retain submitted data according to their own terms and privacy policies.
Security
OctoPress uses WordPress permissions and server-side credential storage to limit access to sensitive settings and workflow data. No system can be guaranteed completely secure, so site owners should keep WordPress, OctoPress, themes, plugins, and server software up to date.
Your choices
Site owners can control which providers, models, tools, agents, skills, and extensions are enabled. You can avoid sending data to an AI provider by not configuring a provider, disabling provider access, or not using chat and agent workflows.
Children’s privacy
OctoPress is intended for WordPress site administrators and is not directed to children.
Changes to this policy
We may update this Privacy Policy as OctoPress changes. The updated date at the top of the page will reflect the latest revision.
Support
For support with the free WordPress.org plugin, use the WordPress.org support forum for OctoPress.