SiteSupport.ai
Log inGet Started

Privacy Policy

Last updated: March 16, 2026

SiteSupport.ai ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (hashed).

Website Content

When you add a website to SiteSupport.ai, our crawler accesses publicly available pages on your site to index content. This content is used solely to power your AI assistant.

Conversation Data

We store conversations between your website visitors and the AI assistant, including messages, timestamps, and optional visitor information (name, email) if provided through pre-chat forms.

Usage Data

We collect standard usage data including IP addresses, browser type, pages visited within our dashboard, and feature usage to improve our service.

2. How We Use Your Information

  • To provide and maintain the SiteSupport.ai service
  • To power your AI assistant with your website's content
  • To send transactional emails (welcome, verification, usage alerts)
  • To process payments and manage subscriptions
  • To improve our product and develop new features
  • To prevent fraud and abuse

3. Data Sharing

We do not sell your data. We share information only with:

  • Service providers — Hosting (Vercel), database (Neon), payments (Dodo Payments), email (Resend), AI (OpenAI) — all under data processing agreements.
  • Legal requirements — When required by law, subpoena, or to protect our rights.

4. AI & Your Data

Your website content and conversation data are processed by OpenAI to generate AI responses. We use the API with data retention disabled — your data is not used to train AI models.

5. Data Retention

  • Active accounts — Data is retained for the lifetime of your account.
  • Inactive free accounts — Site data and conversations may be deleted after 90 days of inactivity.
  • Cancelled subscriptions — Data is retained for 30 days after cancellation, then deleted.
  • Account deletion — All data is permanently deleted within 30 days of request.

6. Data Security

We use encryption in transit (TLS) and at rest. Passwords are hashed with bcrypt. Access to production systems is restricted and audited.

7. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to processing

To exercise these rights, contact privacy@sitesupport.ai.

8. Cookies

Our dashboard uses essential cookies for authentication. The embeddable widget uses localStorage (not cookies) to maintain conversation state. We do not use tracking cookies.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or a notice on our website.

10. Contact

Questions? Contact us at privacy@sitesupport.ai.