Privacy Policy for Sitetor.ai

Last Updated: July 22, 2025

Welcome to Sitetor.ai (“we,” “us,” or “our”). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and our WordPress plugin (collectively, the “Service”). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access or use the Service.

1. Information We Collect

We collect information that you provide to us directly, information that is collected automatically when you use our Service, and information from the content you ask us to process.

a) Account and Site Information:

• Account Data: When you register for our Service, we collect your email address to create and manage your account. Our authentication is handled securely through AWS Cognito.

• Site Registration Data: During setup, we collect your website’s name and URL to connect it to our Service.

b) Your Website Content:

• Public Content: Our core service involves ingesting the publicly available content from your website’s posts and pages. We do not access password-protected, private, or non-public areas of your site. The purpose of ingesting this content is solely to create a searchable AI index to power your /ask endpoint.

c) Usage and Transactional Data:

• API Key: We generate a unique, secret API key for your website, which is stored in your WordPress database. This key authenticates all communication between your site and our Service.

• Query Logs: We may log the questions sent to your /ask endpoint. This data is used for billing purposes, to monitor for abuse, and to improve the quality and performance of our Service. We do not use your specific queries to train models for other customers.

• Job Logs: We maintain logs of content ingestion jobs, including their status and a summary of pages processed. This is for auditing and providing you with a history of your site’s scans.

d) Automatically Collected Information:

• When you visit our website, we may use cookies and similar tracking technologies to collect standard information like your IP address, browser type, and operating system for operational and analytical purposes.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To Provide and Maintain the Service: To create your account, connect your website, process your content into an AI index, and operate the /ask endpoint.

• To Improve Our Service: To analyze usage patterns, diagnose technical issues, and enhance the accuracy and efficiency of our AI models and infrastructure.

• To Communicate With You: To send you service-related announcements, updates, security alerts, and support messages.

• For Security and Compliance: To prevent fraud, enforce our terms of service, and comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We may share your information with third-party service providers who perform services for us or on our behalf, but only under strict confidentiality agreements.

• Cloud Infrastructure Providers: Our entire backend is built on Amazon Web Services (AWS). All your data, including your indexed content, resides within their secure infrastructure.

• AI and Vector Database Providers: To provide our core functionality, we use third-party AI services.

  • OpenAI: We send your public website content and queries to the OpenAI API to generate vector embeddings and produce answers. Your data is processed in accordance with OpenAI’s data usage policies.

  • Pinecone: We store the vector embeddings generated from your content in a Pinecone vector database. Your site’s data is strictly isolated in its own dedicated namespace and cannot be accessed by other customers.

• Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, or prevent fraud.

4. Data Security

We implement a variety of security measures to maintain the safety of your information.

• Encryption: All data is encrypted in transit using TLS and at rest using industry-standard encryption protocols.

• Access Control: Your data is protected by your unique, secret API key. Access to our backend systems is strictly limited to authorized personnel.

• Data Isolation: As stated above, your indexed website content is logically isolated in a dedicated namespace within our vector database, preventing any cross-customer data leakage.

5. Data Retention and Your Choices

You are in control of your data.

• Data Retention: We retain your account information and indexed content as long as your account is active. Usage logs may be retained for a longer period for analytical and billing purposes.

• Access and Updates: You can manage your account and site information from within the Sitetor.ai plugin dashboard on your WordPress site.

• Data Deletion: If you deactivate and uninstall the plugin, you can request the permanent deletion of your account and all associated indexed content from our systems by contacting us at the email address below.

6. International Data Transfers

Our Service is hosted and operated in various locations by our cloud provider (AWS). By using our Service, you acknowledge that your information may be transferred to, stored, and processed in a country other than your own.

7. Children’s Privacy

Our Service is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Email: [Your Contact Email, e.g., privacy@sitetor.ai]