Ettic Docs
OpenTrust

Installation

Install OpenTrust, activate it, and pass the pretty-permalinks check.

Install

Upload the plugin

Either install via Plugins → Add New in wp-admin and search for "OpenTrust", or upload the zip to /wp-content/plugins/opentrust.

Activate

Activate it through the Plugins screen. Activation does five things:

  1. Registers the five custom post types and flushes rewrite rules.
  2. Inserts default opentrust_settings (autoload off).
  3. Creates the {prefix}opentrust_chat_log table.
  4. Seeds the default FAQ entries (only on first install, once a flag is set).
  5. Schedules the daily opentrust_chat_log_purge cron.

Configure the basics

Open OpenTrust → Settings. Set your company name, page title, tagline, and accent colour, and upload a logo. The defaults are safe; branding is the most common first edit. Every field is documented in Configuration.

Add some content

Use the menu items under OpenTrust to add policies, certifications, subprocessors, data practices, and FAQs. The Add-New screen for subprocessors, data practices, and certifications offers a typeahead over the bundled catalog, so most of the form auto-fills as you type.

Visit your trust center

Open /trust-center/ (or the endpoint slug you configured). That's your live trust center, with policies grouped by category, certifications, subprocessors, data practices, FAQs, and contact block.

OpenTrust uses rewrite rules for every page (/trust-center/, /trust-center/policy/{slug}/, /trust-center/ask/). Plain permalinks (?p=123-style URLs) break all of them.

If Settings → Permalinks is set to Plain, every OpenTrust admin screen renders a persistent error notice and your trust center pages return 404. Switch to any other structure (Post name is recommended) and the notice disappears.

Switching permalink structure changes every URL on your site, not just OpenTrust's. If you have an existing site with established URLs, set up redirects before flipping the switch.

Requirements check

  • PHP 8.1+. OpenTrust uses match expressions, readonly properties, and named arguments. The plugin will not activate on older PHP.
  • WordPress 6.0+. Tested up to 7.0.
  • libsodium. Bundled with PHP 7.2+, present on virtually every modern host. Required for encrypting AI provider keys at rest. If your host disables sodium for some reason, OpenTrust will still run but the AI Chat tab will refuse to save a key and surface an admin notice explaining why.

Verify it works

After activation:

  1. Visit /trust-center/ on the front end. You should see a branded page with whatever sections you've enabled in settings (defaults: hero + FAQ + contact).
  2. Add one Policy under OpenTrust → Policies → Add New. Publish. Reload the trust center. The policy should render under your selected category.
  3. Open OpenTrust → Settings. The Save button should round-trip without errors. If you see "WordPress permalinks are set to Plain," switch them.

Updating

Update through Plugins → Installed Plugins as normal. OpenTrust runs a schema check on init (via OpenTrust::maybe_upgrade()) and back-fills any new postmeta keys (_ot_uuid was added in DB v2). Migrations are idempotent and never block the page load.

Overview

Self-hosted WordPress trust center with policies, subprocessors, certifications, data practices, and an optional AI assistant grounded in your own corpus.

Configuration

Every OpenTrust settings field across General, Contact, AI Chat, and Import & Export.

On this page

InstallUpload the pluginActivateConfigure the basicsAdd some contentVisit your trust centerFirst-run safety check: pretty permalinksRequirements checkVerify it worksUpdating