Sites That Grow
Sign Up

Privacy Policy

What we collect, why we collect it, and how we keep it safe.

Last updated: April 27, 2026

Sites That Grow (“we,” “us,” or “our”) operates the website sitesthatgrow.com and the client portal at /home(together, the “Service”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

Information we collect

Information you give us

  • Account information — your name, email, password hash, and (for team accounts) your company name and website URL
  • Contact form submissions — your name, email, and the contents of your message
  • Project details — anything you submit through the client portal: requests, replies, files, project notes
  • Payment information — handled directly by Stripe. We never see or store your card details

Information collected automatically

  • Usage data — pages visited, time spent, browser and device type, referring URL
  • Log data — IP address, request timestamps, error traces (used for security and debugging)
  • Cookies and similar tech — see our Cookie Policy

How we use your information

  • To provide and operate the Service
  • To communicate with you about your account, projects, and invoices
  • To improve the Service based on aggregate usage patterns
  • To comply with legal obligations and protect against fraud
  • To send you transactional notifications you've opted into in your notification settings

We do not sell your personal information, and we do not use your data to train third-party AI models.

Third-party services

We share data only with the providers needed to run the Service:

  • Supabase — database, authentication, file storage
  • Stripe — payments, invoicing, subscription management. Stripe processes card details directly under their own privacy policy
  • Resend — transactional email delivery
  • Vercel — hosting, edge network, basic analytics
  • Cloudflare — DNS and CDN

Each of these providers is contractually bound to handle your data in accordance with applicable privacy laws.

Data retention

We keep your account data for as long as your account is active. If you ask us to close your account, we'll delete or anonymize your data within 30 days, except where we're required to retain it for legal, tax, or accounting purposes (typically up to 7 years for financial records).

Your rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data in a portable format
  • Opt out of non-essential email communications at any time

To exercise any of these rights, email hello@sitesthatgrow.com. We respond within 30 days.

Security

We use industry-standard encryption in transit (TLS) and at rest. All authenticated routes require a valid session, and database access is gated by row-level security policies. We require multi-factor authentication for administrators.

No system is perfectly secure. If you suspect your account has been compromised, contact us immediately.

Children

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to active clients. The “Last updated” date at the top of this page reflects the most recent revision.

Contact

Questions about this policy or how we handle your data? Email us at hello@sitesthatgrow.com.