Other Covered Entities



  • Information and Communications Technology


EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 5/12/2017
Next Certification Due Date: 4/7/2022
Data Collected: NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 5/12/2017
Next Certification Due Date: 4/7/2022
Data Collected: NON-HR

Purpose of Data Collection

Automattic’s WordPress VIP service provides website hosting, support and professional services to enterprises and other high profile, high traffic online publishers. The WordPress VIP service is primarily an online publishing system, built on the popular WordPress open source platform. WordPress VIP clients use the WordPress VIP service to build, publish, maintain, and support websites that often serve as the face of their business or publication. In the course of using the service, WordPress VIP clients may create and upload data for public dissemination, such as articles and other website content, much of which is ultimately published publicly to their site. WordPress VIP clients may also create or collect other types of data, in the course of the operation and use of their site. In connection with our WordPress VIP service, our WordPress VIP clients may provide personal data to Automattic about their own customers and end-users in participating EU countries, the United Kingdom and Switzerland that the WordPress VIP clients (the data controllers) collect through the operation and use of their websites (“WordPress VIP Services Personal Data”). WordPress VIP clients may collect WordPress VIP Services Personal Data when, for example, (1) an end-user creates an account with the WordPress VIP client (for clarity, not a WordPress account); (2) a WordPress VIP client administrator adds content to the site that may include WordPress VIP Services Personal Data, or (3) a WordPress VIP client provides directory or other information about its end users as part of an intranet (i.e., a website that is only accessible to authorized, internal personnel) used by that WordPress VIP client. The type of WordPress VIP Services Personal Data varies by each WordPress VIP client, but typically includes personal data that allows our WordPress VIP clients’ customers and end-users to access and use the WordPress VIP client’s website, such as a username and e-mail address. Automattic adheres to the principles of the EU-U.S. and Swiss-U.S Privacy Shield frameworks with respect to WordPress VIP Services Personal Data. This Privacy Shield Certification applies to our core WordPress VIP services, and does not include any plug-ins provided by third parties or Automattic (e.g., Jetpack and WooCommerce), or any other software or services, that our WordPress VIP clients elect to use on their websites. The certification also does not cover personal data related to WordPress.com user accounts or our standard WordPress.com service, but you can read more about our privacy policy for that personal data here: https://automattic.com/privacy/.

Privacy Policy

Non-HR Data


Automattic's EU-U.S. and Swiss-U.S. Privacy Shield Notice describes our participation in these frameworks and provides the information required by the Notice Principle.

Effective Date: 5/2/2017

Verification Method


Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Automattic Inc. at:

Catherine Scheer
Legal Operations Wrangler
Automattic Inc.
60 29th Street #343
San Francisco, California 94110

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Automattic Inc. to your question or complaint, please contact the independent recourse mechanism listed below


Appropriate statutory body with jurisdiction to investigate any claims against Automattic Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission