Privacy Policy — SiteTwin

Last Updated 2026-04-21

1. Data Collection

SiteTwin collects personal information through various channels to provide and improve our services. The types of data we collect include: (1) Information you provide directly, such as your name, email address, phone number, company name, and project details when you fill out our contact form, request a consultation, or engage our services. (2) Information collected automatically when you visit our website, including your IP address, browser type and version, operating system, referring URL, pages visited, time spent on pages, click patterns, and other usage data gathered through cookies and similar tracking technologies. (3) Information from third-party sources, such as publicly available business information, social media profiles (when you connect via social login), and data from analytics and advertising partners. We only collect data that is necessary for the purposes described in this policy, and we strive to minimize the amount of personal data we process. You are never required to provide personal information to browse our website, but certain features and services may require specific data to function properly.

2. Use of Data

We use the personal information we collect for the following purposes: (1) To provide, maintain, and improve our website creation and digital services, including processing your project requests, communicating about project status, and delivering completed websites. (2) To respond to your inquiries, support requests, and feedback in a timely and helpful manner. (3) To send you relevant communications, including project updates, service announcements, newsletters, and promotional materials (only with your consent, and you can opt out at any time). (4) To analyze website usage patterns and user behavior to improve our website's functionality, content, and user experience. (5) To detect, prevent, and address technical issues, security threats, and fraudulent activity. (6) To comply with legal obligations, enforce our terms of service, and protect the rights, property, and safety of SiteTwin, our clients, and the public. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Any data sharing is limited to the purposes described in this policy and is conducted in accordance with applicable data protection laws.

3. Data Storage

Your personal data is stored on secure servers located in the United States, managed by reputable hosting providers that maintain industry-standard security certifications including SOC 2 Type II compliance. We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Specifically: (1) Contact form submissions and consultation requests are retained for up to 24 months after your last interaction with us, unless you request earlier deletion. (2) Client project data is retained for the duration of our business relationship plus an additional 36 months for legal and warranty purposes. (3) Website analytics data is retained in anonymized form for up to 26 months. (4) Marketing communication preferences are retained until you withdraw your consent. When data is no longer needed, we securely delete or anonymize it using industry-standard methods. If you request deletion of your personal data, we will process your request within 30 days, subject to any legal obligations that may require us to retain certain information.

4. User Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal data: (1) Right of Access — You have the right to request a copy of the personal data we hold about you, along with information about how it is processed. (2) Right to Rectification — You can request correction of any inaccurate or incomplete personal data we hold about you. (3) Right to Erasure — You can request deletion of your personal data, subject to certain legal exceptions. (4) Right to Restrict Processing — You can request that we limit how we use your data in certain circumstances. (5) Right to Data Portability — You can request to receive your personal data in a structured, commonly used, machine-readable format. (6) Right to Object — You can object to our processing of your personal data for direct marketing purposes or where processing is based on legitimate interests. (7) Right to Withdraw Consent — Where processing is based on your consent, you can withdraw that consent at any time. To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days and may ask you to verify your identity before processing your request.

5. Third-Party Services

SiteTwin uses select third-party services to operate our website and deliver our services effectively. These third-party providers may have access to your personal data only to perform specific tasks on our behalf and are contractually obligated to protect your information. The categories of third-party services we use include: (1) Analytics Services — We use Google Analytics and similar tools to understand how visitors interact with our website. These services collect anonymized usage data to help us improve our content and user experience. (2) Hosting Providers — Our website and client data are hosted on secure cloud infrastructure provided by reputable hosting companies with strong privacy and security practices. (3) Communication Tools — We use email service providers and customer relationship management (CRM) systems to manage client communications and project workflows. (4) Payment Processors — When you make payments for our services, transactions are processed by PCI DSS-compliant payment processors. We do not store your full credit card details on our servers. (5) Marketing Platforms — With your consent, we may use email marketing platforms to send newsletters and promotional content. Each third-party service has its own privacy policy, and we encourage you to review them. We regularly audit our third-party relationships to ensure they maintain adequate data protection standards.

6. Data Security

SiteTwin implements comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security practices include: (1) Encryption — All data transmitted between your browser and our website is encrypted using TLS/SSL (HTTPS) encryption. Sensitive data at rest is encrypted using AES-256 encryption standards. (2) Access Controls — Access to personal data is restricted to authorized SiteTwin team members who need it to perform their job functions. All access is logged and monitored. (3) Infrastructure Security — Our servers are protected by firewalls, intrusion detection systems, and regular security patches. We use multi-factor authentication for all administrative access. (4) Regular Audits — We conduct periodic security assessments and vulnerability scans to identify and address potential risks. (5) Employee Training — All SiteTwin team members receive regular training on data protection best practices and security awareness. (6) Incident Response — We maintain a documented incident response plan to quickly detect, contain, and remediate any data security incidents. While we strive to protect your personal data using commercially reasonable measures, no method of transmission over the Internet or electronic storage is 100% secure. In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law.

7. Children's Privacy

SiteTwin's website and services are designed for businesses and individuals who are at least 18 years of age. We do not knowingly collect, solicit, or maintain personal information from children under the age of 13 (or under 16 in the European Economic Area). Our services are business-to-business in nature and are not directed at children or minors in any way. If we become aware that we have inadvertently collected personal information from a child under the applicable age threshold, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided personal information to SiteTwin without your consent, please contact us immediately at [email protected], and we will work promptly to remove the data and ensure no further collection occurs. We encourage parents and guardians to monitor their children's online activities and to help enforce this policy by instructing their children never to provide personal information through our website without parental permission.

8. Policy Updates

SiteTwin reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will take reasonable steps to notify you, which may include: (1) Posting the updated policy on this page with a revised 'Last Updated' date. (2) Sending an email notification to registered users and active clients. (3) Displaying a prominent notice on our website for a reasonable period following the change. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of our website and services after any changes to this policy constitutes your acceptance of the updated terms. If you disagree with any changes, you should discontinue use of our website and services and contact us to request deletion of your personal data. For questions about this policy or any updates, please contact us at [email protected]. We are committed to transparency and will be happy to explain any changes in detail.

Contact Information

[email protected]