Privacy Policy

1. Scope

This policy applies to Siteway websites, forms, emails, product experiences, the Siteway dashboard, integrations, support, billing, audit workflows, and managed services. It does not apply to third-party websites or tools that are governed by their own privacy policies.

Siteway provides business-to-business services. We process most client data on behalf of the organization that signs up for or purchases the service. If you use Siteway through your employer or another organization, that organization may control the account, connected data, user access, and retention decisions.

2. Information you provide

We collect information you submit directly, including your name, business email address, company, website, phone number, location, marketing budget range, industry, competitors, goals, messages, support requests, and other details you include in forms or communications.

If you create an account or join an organization, we collect account information such as your name, email address, authentication identifiers, organization membership, role, dashboard settings, and related administrative details.

If you purchase a paid plan, we collect billing and subscription information needed to manage checkout, subscriptions, invoices, payment status, taxes, renewals, cancellations, and customer support. Payment card details are handled by our payment processor and are not stored directly by Siteway.

3. Client dashboard and integration data

When you use the Siteway dashboard or managed services, we collect the business data needed to operate your funnel. This may include project names, domains, verified websites, connected account identifiers, search queries, keywords, prompts, AI-answer visibility, citations, competitor names, analytics, attribution, lead details, CRM fields, campaign metadata, tasks, notes, and performance history.

If you connect third-party systems, we process the credentials, tokens, account identifiers, and synced data required to provide the integration. Integration credentials are stored in encrypted form where the service architecture supports storage, and access is limited to what we need to provide and support the service.

You are responsible for making sure you have the rights and permissions needed to connect tools, websites, CRM records, analytics accounts, Search Console properties, billing systems, automation workflows, or other data sources to Siteway.

4. Information collected automatically

We collect technical and usage information automatically when you visit our site or use the dashboard. This may include IP address, device and browser details, operating system, approximate location derived from IP address, referring page, pages viewed, UTM parameters, session events, error reports, log data, and timestamps.

We use this information to secure the service, understand how people use Siteway, diagnose problems, measure marketing performance, improve conversion flows, and maintain reliability.

5. Cookies and similar technologies

We use cookies, pixels, local storage, and similar technologies for essential site and product functions, authentication, security, preferences, analytics, attribution, and form performance. Some cookies are set by Siteway, and some are set by service providers we use.

You can control cookies through your browser settings. Blocking some cookies may affect login, dashboard functionality, form submission, analytics accuracy, or fraud-prevention features.

6. How we use information

We use information to provide, operate, secure, support, and improve Siteway; deliver audits and managed services; create and administer accounts; monitor connected websites and channels; process payments; send service, billing, sales, and support communications; personalize dashboard experiences; measure marketing and product performance; prevent abuse; and comply with legal obligations.

We may also use aggregated or de-identified information to understand trends, benchmark product performance, improve service quality, train internal processes, and develop new features. Aggregated or de-identified information does not identify a specific person or customer organization.

We do not sell personal information. We do not use client confidential data to build public marketing materials without permission.

7. Legal bases for processing

Where privacy law requires a legal basis, we process personal information to perform a contract, take steps requested before entering a contract, comply with legal obligations, protect legitimate business interests, prevent fraud or security incidents, and, where required, based on consent.

You may withdraw consent where processing depends on consent, but doing so may not affect processing that happened before withdrawal or processing that is allowed under another legal basis.

8. AI-answer, search, and third-party data workflows

Siteway monitors how search engines, analytics tools, AI-answer engines, and third-party data sources describe and surface your business. To do that, we may process public website content, domain names, competitor names, target prompts, search queries, citations, rankings, traffic data, attribution records, and related business context.

We try to avoid sending unnecessary personal information to AI-answer or search-analysis providers. When a workflow requires a provider to process business context or connected data, we use it only to deliver the requested service, evaluate visibility, generate analysis, or support the managed engagement.

Search results, AI answers, rankings, citations, and third-party metrics can change quickly and may contain errors. Siteway uses them for monitoring and analysis, but we cannot control the data practices or output of independent providers.

9. Service providers and subprocessors

We use service providers to operate Siteway. These may include providers for hosting, databases, infrastructure, authentication, payment processing, billing, analytics, error monitoring, CRM, lead management, email, scheduling, queues, support tooling, search data, SEO data, AI-answer monitoring, and integrations.

Service providers may process information for us under contracts or platform terms that restrict how they use the information. We evaluate providers based on operational need, security posture, and the type of data they process.

If you need a current subprocessor list or a data processing addendum for a paid engagement, contact us at legal@siteway.ai.

10. How we share information

We share information with service providers who help us run Siteway, with your organization and authorized users according to account settings, with connected tools you authorize, and with professional advisors such as legal, accounting, insurance, and security providers when needed.

We may disclose information if required by law, subpoena, court order, regulatory request, or similar process; to protect rights, safety, security, and property; to enforce agreements; to investigate suspected abuse; or as part of a merger, acquisition, financing, restructuring, sale of assets, or similar corporate transaction.

We do not disclose client confidential information to another client, and we do not sell personal information.

11. Data retention

We keep information for as long as needed to provide Siteway, administer accounts, deliver managed services, resolve disputes, enforce agreements, maintain security, comply with legal and tax obligations, and preserve accurate business records.

Lead and audit submissions are retained for sales, support, and relationship management unless deleted earlier. Dashboard and integration data is generally retained while the account or engagement remains active and for a reasonable period afterward for continuity, backup, audit, legal, and security purposes.

When information is no longer needed, we delete it, de-identify it, or isolate it from active use according to our operational needs and legal obligations. Backup copies may persist for a limited period before deletion.

12. Security

We use administrative, technical, and organizational safeguards designed to protect information, including access controls, encrypted transport, credential protection, logging, least-privilege access practices, monitoring, and encrypted storage for sensitive integration credentials where supported by the service architecture.

No method of transmission or storage is perfectly secure. You are responsible for protecting your login credentials, managing authorized users, reviewing connected tools, and promptly telling us about suspected unauthorized access.

13. Your choices and rights

If you are a Texas resident and applicable law gives you these rights, you may request to confirm whether we process your personal data, access it, correct inaccuracies, delete personal data provided by or obtained about you, obtain a portable copy of personal data you previously provided, and opt out of targeted advertising, sale of personal data, or profiling that produces legal or similarly significant effects.

You can request privacy assistance by contacting legal@siteway.ai. Texas residents may also appeal a refusal to act on a privacy request by replying to our decision email or sending an appeal to legal@siteway.ai with "Privacy Appeal" in the subject line. If an appeal is denied, you may contact the Texas Attorney General through the complaint mechanism made available by that office.

If your information is controlled by a Siteway customer organization, we may refer your request to that organization or ask them for direction before acting. We may need to authenticate your identity, residence, account relationship, or authority to act on behalf of another person or organization.

You can unsubscribe from marketing emails by using the unsubscribe link or contacting us. We may still send transactional, account, security, billing, and service messages.

14. International processing

Siteway and its providers may process information in the United States and other countries where we or our providers operate. Those countries may have privacy laws that differ from the laws where you live.

Where required, we use appropriate safeguards for cross-border transfers, such as contractual commitments, provider data-processing terms, and other mechanisms recognized by applicable law.

15. Children

Siteway is not directed to children and is intended for business use. We do not knowingly collect personal information from anyone under 16. If you believe a child provided personal information to Siteway, contact us so we can review and delete it where appropriate.

16. Changes to this policy

We may update this policy from time to time. When we make changes, we will revise the last updated date above. If changes are material, we may provide additional notice through the site, dashboard, email, or another reasonable channel.

Questions about this document can be sent to legal@siteway.ai.