Privacy Policy

Last updated: March 10, 2026

1. Introduction

SiteAI ("we", "us", "our") operates the siteai.dev website and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Data Controller

The data controller for SiteAI is Nordic Hosting AS, org.nr 989 383 930, Stasjonsvegen 21A, 3800 Bø i Telemark, Norway. Contact: [email protected]

3. Information We Collect

3.1 Information you provide

  • Account information: name, email address, password
  • Project information: business name, business type, website content, design preferences
  • Payment information: processed securely by Stripe — we do not store card details
  • Communications: emails you send to update your website

3.2 Information collected automatically

  • Usage data: pages visited, features used, timestamps
  • Device information: browser type, operating system, IP address
  • Cookies: see our Cookie Policy

4. How We Use Your Information

  • To create and maintain your account and website(s)
  • To process your AI-powered website generation requests
  • To process payments and manage subscriptions
  • To send transactional emails (confirmations, updates, support)
  • To improve our service and develop new features
  • To comply with legal obligations
  • To analyze content sent to the Service (emails, form data, AI requests) for detecting violations of our content guidelines, which may include use of third-party AI services (Anthropic) for automated classification

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Service providers: Stripe (payments), Cloudflare (hosting/CDN), Brevo (transactional email), GitHub (code hosting)
  • AI providers: to process website generation requests
  • Anthropic: Excerpts of user content may be sent to Anthropic Claude for automated content moderation. Data is used solely for classification and is not permanently stored by Anthropic.
  • Legal authorities: when required by law

6. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove your personal data within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

If you are in the EEA, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

You have the right to lodge a complaint with Datatilsynet (datatilsynet.no).

To exercise these rights, contact us at [email protected].

8. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, and access controls. No system is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or a notice on our website.

11. Contact

For privacy-related inquiries: [email protected]