Privacy Policy
SiteForge AI ("SiteForge," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and your rights regarding your information.
Effective Date: May 29, 2026 · Last Updated: May 29, 2026
This Privacy Policy applies to all users of siteforgeai.io and our website-building service (the "Service").
1. Information We Collect
Information You Provide
Account Information: Name, email address, password (encrypted), payment information (handled by Stripe — we do not store full card numbers), and business name.
Business Information: Business description, services, hours, location, photos, logos, brand colors, social media links, and other content you upload to build your website.
Communications: Messages you send through our chat editor, support requests, and any content you share with us.
Customer-of-Customer Data: If you use our storefront feature, your end customers' order information passes through our system; this data is your responsibility under your own privacy practices.
Information Collected Automatically
Usage Data: Pages visited, features used, build counts, edit counts, time spent in the dashboard, and similar analytics.
Device Data: IP address, browser type, device type, operating system, and unique device identifiers.
Cookies and Similar Technologies: See our Cookie Policy for details.
Analytics: We use Google Analytics (gtag) on the marketing site to understand visitor behavior. See Section 4 for opt-out information.
Information from Third Parties
When you connect integrations (Google Business Profile, Stripe, Shopify, Square), we receive information from those services as authorized by you.
2. How We Use Your Information
We use your information to:
- Provide, maintain, and improve the Service
- Process payments and manage subscriptions
- Generate your AI-powered website using the business information you provide
- Communicate with you about your account, billing, and Service updates
- Provide customer support
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
- Conduct internal analytics to improve our product (using aggregated, anonymized data)
What We Do NOT Do:
- We do NOT use your Customer Content to train third-party AI models
- We do NOT sell your personal information to third parties
- We do NOT share your business data with competitors
3. AI Processing
Our Service uses AI models from Anthropic (Claude) and Google (Gemini) to generate website content. When we send your business information to these AI providers:
- We send only the information necessary to generate your content
- We do not include your account credentials, payment information, or end-customer data
- These providers process the data under their own privacy policies and do not retain it for model training under our agreements with them
- AI-generated output is returned to our system and stored as part of your website
You can review Anthropic's privacy practices at https://www.anthropic.com/privacy and Google's at https://policies.google.com/privacy.
4. How We Share Your Information
We share information only as described below:
Service Providers (Sub-Processors)
We engage trusted third-party providers to deliver the Service:
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Stripe | Payment processing | stripe.com/privacy |
| Supabase | Database hosting | supabase.com/privacy |
| Vercel | Website hosting and CDN | vercel.com/legal/privacy-policy |
| Anthropic | AI content generation (Claude) | anthropic.com/privacy |
| Google (Gemini) | AI image generation | policies.google.com/privacy |
| Pexels | Stock photography | pexels.com/privacy-policy |
| Google Analytics | Marketing site analytics | policies.google.com/privacy |
| Resend / Email Provider | Transactional and support emails | resend.com/legal/privacy-policy |
These providers process information only as needed to provide their services and are contractually obligated to protect it.
Legal Compliance
We may share information when required by law, court order, or government request, or to protect our rights, safety, or property.
Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change in ownership or control of your information.
With Your Consent
We share information with third parties when you direct us to (such as enabling an integration).
5. Data Retention
We retain your information as long as your account is active. After account termination:
- Your data remains accessible to you for 30 days for export
- After 30 days, we may delete your data, except where retention is required by law or legitimate business purpose (fraud prevention, financial records, etc.)
- Aggregated, anonymized data may be retained indefinitely
6. Your Rights
Depending on your location, you may have the following rights:
Access: Request a copy of the personal information we hold about you.
Correction: Request that we correct inaccurate information.
Deletion: Request that we delete your personal information, subject to legal retention requirements.
Portability: Request your data in a portable format.
Opt-Out of Marketing: Unsubscribe from marketing emails using the link in any email.
Restriction: Request that we limit how we use your information.
Objection: Object to certain processing of your information.
California Residents (CCPA)
California residents have additional rights including:
- The right to know what personal information we collect and how we use it
- The right to delete personal information (with exceptions)
- The right to opt-out of the "sale" of personal information (we do not sell personal information)
- The right to non-discrimination for exercising your rights
To exercise these rights, contact us at privacy@siteforgeai.io.
European Residents (GDPR)
If you are located in the European Economic Area, United Kingdom, or Switzerland, you have rights under GDPR/UK GDPR including those listed above and the right to:
- Lodge a complaint with your local data protection authority
- Withdraw consent at any time for processing based on consent
Our legal bases for processing include: contract performance, legitimate interests, legal compliance, and consent.
To Exercise Your Rights
Email privacy@siteforgeai.io with your request. We will respond within 30 days (45 days for EU residents). We may need to verify your identity before fulfilling the request.
7. Security
We implement reasonable technical and organizational measures to protect your information including:
- TLS/HTTPS encryption for data in transit
- Encryption at rest for sensitive data
- Access controls and authentication
- Regular security reviews
- Sub-processor due diligence
No system is 100% secure. If you suspect a security incident affecting your account, contact us immediately at security@siteforgeai.io.
8. Children's Privacy
The Service is not intended for individuals under 18. We do not knowingly collect information from children. If you believe a child has provided us information, contact us and we will delete it.
9. International Data Transfers
SiteForge is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. We rely on Standard Contractual Clauses or other lawful transfer mechanisms where required for transfers from the EU/UK.
10. Changes to This Policy
We may update this Privacy Policy. Material changes will be communicated by email or dashboard notification. The "Last Updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes acceptance.
11. Contact
For privacy questions or to exercise your rights:
Email: privacy@siteforgeai.io Support: support@siteforgeai.io Website: https://siteforgeai.io
See also: Terms of Service · Cookie Policy