Privacy Policy

Last updated: April 1, 2026

1. Introduction

InstantSite ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at goinstantsite.com and the InstantSite platform (collectively, the "Service"). This policy complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Information We Collect

2.1. Account Information

When you create an account, we collect your name, email address, profile picture (if provided), and agency or business name. Authentication is handled through Clerk, our identity provider.

2.2. Payment Information

When you subscribe or make a purchase, payment is processed by Stripe. We do not store your full credit card number, CVV, or bank account details on our servers. Stripe may share with us your card type, last four digits, expiration date, and billing address for record-keeping and fraud prevention.

2.3. Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, site generation activity, timestamps, IP address, browser type, device type, operating system, and referring URLs.

2.4. Generated Content

We store the websites and content you generate through the Service, including HTML, text, and any uploaded images, in order to host and display your sites.

2.5. Cookies and Tracking Technologies

We use cookies and similar technologies for authentication, session management, analytics, and preference storage. You can manage cookie preferences through your browser settings. Disabling cookies may limit certain functionality of the Service. See Section 7 for details on affiliate tracking cookies.

3. How We Use Your Information

  • To provide, operate, and maintain the Service.
  • To process transactions and manage your subscription.
  • To personalize your experience and improve the Service.
  • To communicate with you, including service updates, security alerts, and support messages.
  • To send marketing communications (with your consent; you can opt out at any time).
  • To detect, prevent, and address fraud, abuse, and security issues.
  • To comply with legal obligations.
  • To administer the Affiliate Program and track referral commissions.
  • To generate aggregated, anonymized analytics to improve the Service.

4. Third-Party Service Providers

We share your information with the following third-party providers only as necessary to operate the Service. Each provider processes data in accordance with their own privacy policies:

  • Stripe — Payment processing and client billing. Stripe receives your payment details, billing address, and transaction data.
  • Clerk — Authentication and identity management. Clerk receives your name, email, profile image, and authentication tokens.
  • Supabase — Database hosting and storage. Supabase stores your account data, generated sites, and application data on secure infrastructure.
  • Vercel — Application hosting and delivery. Vercel processes request data including IP addresses and usage information.
  • Resend — Transactional email delivery. Resend receives your email address and message content for the emails we send you.

We do not sell your personal data to third parties. We may share anonymized, aggregated data for analytics purposes.

5. Data Retention

5.1. We retain your account data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.

5.2. Generated website content is retained for as long as your account is active or the site is published. Upon account deletion, published sites will be taken offline and content will be deleted within 30 days.

5.3. Payment records are retained for a minimum of 7 years as required for tax and accounting compliance.

5.4. Usage and analytics data is retained in anonymized form and may be kept indefinitely for service improvement purposes.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
  • Right to Erasure: You may request that we delete your personal data, subject to legal retention requirements.
  • Right to Data Portability: You may request a machine-readable copy of your data to transfer to another service.
  • Right to Restrict Processing: You may request that we limit how we process your data under certain circumstances.
  • Right to Object: You may object to the processing of your data for direct marketing or other purposes based on legitimate interests.
  • Right to Withdraw Consent: Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

CCPA-specific rights: California residents have the right to know what personal information we collect and to whom it is disclosed, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at privacy@goinstantsite.com. We will respond within 30 days.

7. Affiliate Tracking Cookie Disclosure

When you arrive at goinstantsite.com through an affiliate referral link, we place a first-party cookie on your browser containing the referral code. This cookie has a 30-day expiration and is used solely to attribute your signup to the referring affiliate for commission purposes. The cookie contains only the referral code identifier and no personal data. You may delete this cookie through your browser settings at any time; doing so will simply prevent the affiliate from receiving attribution credit.

8. Data Security

We implement industry-standard technical and organizational measures to protect your data, including encryption in transit (TLS/SSL), encryption at rest, access controls, regular security audits, and secure infrastructure providers. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. When we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent mechanisms.

10. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will take steps to delete that information as quickly as possible. If you believe a child under 13 has provided us with personal information, please contact us at privacy@goinstantsite.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this page periodically. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at: privacy@goinstantsite.com