Legal

Privacy Policy

How SiteKnock handles account, billing, analytics, support, and customer-content data across its developer starter kit and CMS platform.

Effective date: March 21, 2026

This Privacy Policy explains how SiteKnock collects, uses, discloses, and protects personal information when you access or use our website, hosted products, starter templates, CMS tooling, APIs, documentation, billing workflows, and support channels.

It also explains the choices and rights you may have depending on your jurisdiction and the relationship you have with us as a visitor, customer, workspace member, or end user acting on behalf of an organization.

1. Information We Collect

1.1 Information you provide directly

Account and profile details, such as your name, email address, organization name, job title, login credentials, and account preferences.
Billing and licensing details, such as billing contact information, subscription selections, invoice metadata, tax data, payment-related identifiers supplied by our payment providers, and order history.
Customer content and project data that you upload, generate, configure, store, or transmit through the Services, including CMS content, assets, environment configuration, localization data, support attachments, and deployment settings.
Communications you send to us, such as support tickets, feedback, survey responses, sales inquiries, webinar registrations, or other messages.

1.2 Information collected automatically

Device and browser details, including IP address, browser type, operating system, referring URLs, locale, time zone, and approximate region derived from network information.
Usage and event data, such as pages viewed, features used, button clicks, session timestamps, page performance, API usage, error logs, and administrative actions taken inside the Services.
Cookie, local storage, and similar technology data used to keep you signed in, remember settings, protect the Services, understand traffic patterns, and measure product performance.

1.3 Information from third parties

Identity and authentication data provided by social sign-in or SSO providers you choose to use.
Payment status, card-brand metadata, and fraud-prevention signals from payment processors and billing platforms.
Analytics, advertising, support, hosting, email, storage, or infrastructure partners that help us operate the Services.
Information you authorize us to receive from integrations connected to your account.

2. How We Use Information

We use personal information to:

Provide, secure, maintain, and improve the Services and related support.
Create and manage accounts, organizations, workspaces, and licensing entitlements.
Process transactions, issue invoices, collect payments, prevent fraud, and enforce commercial terms.
Authenticate users, detect suspicious behavior, investigate abuse, and protect the confidentiality, integrity, and availability of the Services.
Personalize content, product settings, onboarding flows, and communications based on language, organization, usage, or subscription context.
Respond to inquiries, troubleshoot issues, fulfill support requests, and communicate service notices or product changes.
Measure adoption, diagnose performance issues, conduct research, and guide roadmap decisions.
Send marketing communications where permitted by law and subject to your choices.
Comply with legal obligations, resolve disputes, establish or defend legal claims, and enforce our agreements.

3. Legal Bases for Processing

Where data protection laws such as the GDPR or UK GDPR apply, we generally rely on one or more of the following legal bases: performance of a contract with you, legitimate interests in operating and improving the Services, compliance with legal obligations, consent where required, and protection against fraud, abuse, or security incidents.

4. Cookies and Similar Technologies

We use cookies, pixels, SDKs, and similar technologies to operate authentication flows, remember preferences, maintain sessions, measure traffic, evaluate campaign effectiveness, and improve product reliability. Some technologies are strictly necessary, while others support analytics or marketing. Depending on your jurisdiction, you may be able to manage certain cookie preferences through your browser, device settings, or any consent tools we make available.

5. How We Disclose Information

We may disclose information to:

Service providers and subprocessors that support hosting, cloud infrastructure, storage, analytics, communications, payments, customer support, security, and other business operations.
Professional advisers, auditors, insurers, or financing counterparties under appropriate confidentiality obligations.
Corporate affiliates or successors in connection with a merger, financing, acquisition, reorganization, dissolution, or sale of assets.
Government authorities, regulators, courts, or other third parties when disclosure is reasonably necessary to comply with law, protect rights, investigate fraud or abuse, or prevent harm.
Other users or administrators within your organization when account roles, permissions, or collaboration features make information visible to them.

We do not sell personal information for money. If certain privacy laws treat some analytics, ad-tech, or cross-context disclosures as a "sale" or "sharing," you may have rights to opt out where required by law.

6. Customer Content and End-User Data

If you upload content, databases, assets, prompts, translations, analytics events, or other data into the Services, we process that material on your behalf to provide the product functionality you request. You are responsible for ensuring that you have all rights, notices, consents, and lawful bases needed to submit and use that information through the Services. If you are using SiteKnock for clients or end users, you should maintain your own privacy policy and data processing terms that reflect your implementation.

7. International Data Transfers

We and our service providers may process information in countries other than the one where you live. When personal information is transferred across borders, we take steps intended to provide an appropriate level of protection under applicable law, which may include contractual safeguards, organizational measures, technical controls, or reliance on recognized transfer mechanisms where available.

8. Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, maintain legitimate business records, resolve disputes, enforce agreements, comply with tax, accounting, and legal obligations, and protect against fraud or abuse. Retention periods depend on the nature of the data, the sensitivity of the information, the purposes for which it was collected, account status, and applicable legal requirements. We may delete or anonymize information when it is no longer needed.

9. Security

We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. Those measures may include access controls, encryption in transit, network protections, logging, least-privilege practices, vendor reviews, backups, and incident response procedures. No system is completely secure, and we cannot guarantee absolute security.

10. Your Choices and Rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or port certain personal information, as well as rights related to marketing preferences, consent withdrawal, or appeals. You may also be able to:

Update profile information and organization settings through your account.
Disable certain cookies or analytics through browser or device controls.
Unsubscribe from marketing emails by using the opt-out link in the message.
Request account deletion or export by contacting us.

We may need to verify your identity and authority before honoring a request, and some rights may be limited where exceptions apply, such as legal obligations, security needs, fraud prevention, or the rights of other users.

11. Children's Privacy

The Services are intended for businesses, developers, operators, and adults acting on behalf of organizations. We do not knowingly collect personal information directly from children under the age at which parental consent is required in the applicable jurisdiction. If you believe a child has provided personal information to us without appropriate permission, contact us so we can review and take appropriate action.

12. Third-Party Services and Links

The Services may link to websites, repositories, documentation, integrations, payment processors, app stores, social platforms, or other third-party services. We are not responsible for the privacy practices of third parties, and their handling of information is governed by their own policies and terms.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, or operational practices. When we make material changes, we may post the revised policy, update the effective date, or provide additional notice where required. Your continued use of the Services after the updated policy becomes effective means the updated policy will apply going forward.

14. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our privacy practices, contact us at [email protected] or write to us through the contact channels published on https://siteknock.com.