AutoSite AI is operated by Dylan McCormack (ABN 46 906 512 871), trading at buildautosite.com. We are committed to protecting your personal information. This policy explains what we collect, why, and your rights — whether you are located in Australia, the European Union, California, Canada, or elsewhere.
2. What We Collect
We collect the following information when you use our services:
Name and email address (provided when you request a preview or purchase)
Phone number (provided in the intake or brief form)
Business details — name, industry, location, description, services offered
Uploaded photos, logos, and other assets you provide for your site build
Payment information — processed entirely by Stripe; we never store card numbers
Website usage data and analytics (aggregated, non-personally identifiable)
3. How We Use Your Information
We use your information to:
Generate website previews (SiteSneak™) before purchase
Deliver your completed website and associated files
Send transactional emails about your order status and delivery
Process payments and issue refunds through Stripe
Comply with legal obligations
Improve our AI pipeline and service quality (using aggregated, anonymised data only)
We do not sell your personal information to third parties. We do not use your data for advertising.
4. Third-Party Services
We share data with the following services only as necessary to operate:
Stripe — payment processing (your card details go directly to Stripe)
Supabase — secure data storage and file hosting
SendGrid — transactional email delivery
Anthropic — AI content generation (business details are sent to generate your site preview and final site; Anthropic does not use API inputs to train models)
Google Places — business directory lookup used in our outreach programme
Hunter.io — email address lookup used in our outreach programme
Vercel — website hosting for delivered sites
Each of these services operates under its own privacy policy and data processing agreements.
5. Data Retention
We retain your personal information for up to 3 years from your last interaction with us, unless a longer retention period is required by law. You may request deletion at any time (see Section 6). On deletion, we remove your data from our systems within 30 days, except for records we are legally required to retain (e.g. financial records).
6. Your Rights
Depending on your location, you have the following rights over your personal data:
Access — request a copy of the data we hold about you
Correction — ask us to correct inaccurate or incomplete data
Deletion — request erasure of your personal data
Opt-out — opt out of marketing communications at any time
Portability (EU/California) — receive your data in a portable format
Objection (EU) — object to processing based on legitimate interests
To exercise any right, email us at ssjdmack@gmail.com. We will respond within 30 days.
7. International Compliance
Australia — we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
European Union — where the GDPR applies, we rely on contractual necessity (Art. 6(1)(b)) as our lawful basis for processing data you provide when purchasing a service. You may lodge a complaint with your local supervisory authority.
California (CCPA) — California residents have the right to know what personal information is collected, to delete it, and to opt out of its sale. We do not sell personal information.
Canada (CASL / PIPEDA) — we only send commercial electronic messages to individuals who have given express or implied consent. Every outreach email includes a clear unsubscribe mechanism.
8. Cookies
We use session cookies only. Session cookies are used solely to maintain your browsing session (e.g. to keep the preview form state while you navigate). They contain no personal information, expire when you close your browser, and are strictly necessary for the service to function. Under most privacy laws, strictly necessary session cookies are exempt from cookie consent requirements. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
9. Security
We take reasonable steps to protect your information from unauthorised access, loss, or misuse. Personal data is encrypted at rest using AES-256-GCM. Payment data is handled entirely by Stripe and never stored on our infrastructure.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be notified by email at least 30 days before taking effect. The effective date at the top of this page indicates when it was last revised.
11. Contact
Privacy questions, access requests, or deletion requests: ssjdmack@gmail.com
AutoSite AI · operated by Dylan McCormack · ABN 46 906 512 871 · buildautosite.com