Pagesmith.ai
Start building
Back to home

Privacy Policy

Last updated: February 3, 2026

This Privacy Policy explains how Pagesmith ("we", "us", or "our") collects, uses, shares, and protects your personal information when you use our AI-powered website building service at pagesmith.ai (the "Service").

1. Data Controller

The data controller responsible for your personal information is:

Pagesmith
Helsinki, Finland
Email: [email protected]

For EU residents, you may also contact your local data protection authority if you have concerns about how we process your data.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Profile Information: Optional profile details such as company name or profile picture
  • Website Content: Text, images, and other content you create or upload for your websites
  • Payment Information: Billing details processed securely by Stripe (we do not store full card numbers)
  • Communications: Messages you send to our support team
  • AI Prompts: Instructions and descriptions you provide to our AI website builder

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, and actions taken within the Service
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and referring URLs
  • Analytics: Aggregated data about Service usage patterns

2.3 Information from Third Parties

  • Authentication Providers: If you sign in with Google or other providers, we receive your name and email
  • Connected Integrations: Data from services you connect (see Section 8)

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide the Service you signed up for, including creating and hosting your websites
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Consent: For optional features like marketing emails or third-party integrations (you can withdraw consent anytime)
  • Legal Obligations: To comply with applicable laws, such as tax and accounting requirements

4. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process your AI prompts to generate website content
  • Build, host, and deploy your websites
  • Process payments and manage subscriptions
  • Send transactional emails (account updates, billing receipts)
  • Provide customer support
  • Analyze usage to improve features and user experience
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations
  • Send marketing communications (with your consent)

5. AI and Automated Processing

Pagesmith uses artificial intelligence to generate website content based on your instructions. This involves:

  • Content Generation: AI models process your prompts to create website text, layouts, and code
  • No Profiling: We do not use AI to make automated decisions that significantly affect you
  • Human Oversight: You review and control all AI-generated content before publishing
  • Third-Party AI: We use AI services from providers like Google (Gemini) to power content generation

Your prompts and generated content may be used to improve our AI systems, but we do not share identifiable data with AI providers for their model training without your consent.

6. Data Sharing and Third-Party Services

We do not sell your personal data. We share data only with:

6.1 Service Providers

  • Supabase: Database and authentication (EU servers)
  • Cloudflare: Website hosting, CDN, and security
  • Stripe: Payment processing
  • Google Cloud: AI services for content generation
  • Vercel: Application hosting
  • PostHog: Product analytics
  • Resend: Transactional emails

These providers process data on our behalf under strict contractual obligations.

6.2 Legal Requirements

We may disclose data when required by law, court order, or to protect our rights and safety.

6.3 Business Transfers

In the event of a merger, acquisition, or sale, your data may be transferred to the new entity.

7. International Data Transfers

Your data is primarily stored in the European Union (Supabase EU servers). Some data may be transferred to the United States for processing by our service providers (Cloudflare, Stripe, Google).

For transfers outside the EU/EEA, we rely on:

  • EU-US Data Privacy Framework certifications
  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions where applicable

8. Third-Party Integrations

Pagesmith allows you to connect third-party services to enhance your website:

8.1 Instagram Integration

When you connect your Instagram Business or Creator account:

  • We store your Instagram access token and account ID
  • We fetch your public Instagram posts to display on your website
  • We do not access your Instagram password or private messages
  • Tokens are automatically refreshed to maintain the connection

8.2 Other Integrations

Additional integrations (Google Analytics, contact forms, etc.) may collect data according to their own privacy policies. We encourage you to review the privacy practices of any third-party service you connect.

8.3 Disconnecting Integrations

You can disconnect any integration at any time from your project settings. This immediately removes stored credentials and stops data synchronization.

9. Data Retention

  • Active Accounts: We retain your data as long as your account is active
  • Deleted Accounts: Data is deleted within 30 days of account deletion
  • Backups: Backup copies may persist for up to 90 days
  • Legal Requirements: Some data may be retained longer for tax, legal, or compliance purposes
  • Anonymous Analytics: Aggregated, non-identifiable data may be retained indefinitely

10. Data Deletion Requests

You can request deletion of your data at any time. To do so:

  • Self-Service: Delete your account from Account Settings in the dashboard
  • Integrations: Disconnect specific integrations from your project settings
  • Email Request: Contact [email protected] for data deletion
  • Third-Party Access: Revoke Pagesmith's access from the third-party service (e.g., Facebook Settings → Apps and Websites)

We will process deletion requests within 30 days and confirm completion via email.

11. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for optional processing at any time
  • Complaint: Lodge a complaint with your local data protection authority

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

12. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Analytics Cookies: To understand how users interact with our Service
  • Preference Cookies: To remember your settings and preferences

You can manage cookie preferences through your browser settings. For more details, see our Cookie Policy.

13. Security

We implement industry-standard security measures:

  • All data transmitted via HTTPS/TLS encryption
  • Data encrypted at rest in our databases
  • Regular security audits and vulnerability assessments
  • Access controls and authentication for all systems
  • Employee security training and access limitations

While we strive to protect your data, no system is 100% secure. Please use strong passwords and protect your account credentials.

14. Children's Privacy

Pagesmith is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification for material changes
  • Displaying a notice in the Service dashboard

Your continued use of the Service after changes constitutes acceptance of the updated policy.

16. Contact Us

For privacy-related questions, concerns, or to exercise your rights:

Email: [email protected]
Support: [email protected]

We aim to respond to all inquiries within 5 business days.

Terms of Service Cookie Policy