← Back to ModernSite

Privacy Policy

Last updated: June 1, 2025

1. Overview

ModernSite Studio ("ModernSite," "we," "us," or "our") operates the website builder platform at modernsite.studio and all associated services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including when you create, edit, and publish websites through our service.

By using ModernSite, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (used for passwordless login via one-time codes)
  • Business name and practice information you provide when setting up your site

2.2 Site Content

When you build a website on our platform, we store:

  • Page content, text, and layout configurations
  • Images and media you upload
  • Theme settings (colors, fonts, styles)
  • Custom domain information
  • SEO metadata you configure

2.3 Analytics Data

We provide built-in analytics for your published sites. We collect:

  • Page views and visitor counts (aggregated, not individually identifiable)
  • Referring URLs
  • Device type and browser information
  • Approximate geographic location (country level, derived from IP)

We do not use cookies for analytics tracking. We do not track individual visitors across sessions. IP addresses are used only for geographic lookup and are not stored.

2.4 Form Submissions

When visitors submit contact forms on your published site, we store the submission data (name, email, phone, message) and forward it to you via email notification. This data is stored in our systems so you can access it through your lead inbox.

2.5 Payment Information

We use Stripe to process payments. We do not store your credit card number, CVV, or full payment details on our servers. Stripe handles all payment processing in accordance with PCI-DSS standards. We receive and store only: subscription status, billing period dates, and payment failure notifications.

2.6 Automatically Collected Information

When you use our platform (the dashboard and editor), we may collect:

  • Browser type and version
  • Operating system
  • Access times and dates
  • Pages viewed within our dashboard

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our website builder platform
  • Authenticate your account via passwordless one-time codes
  • Publish and host your website on your chosen domain
  • Deliver analytics reports and weekly traffic digests to your email
  • Forward contact form submissions from your site visitors to you
  • Process subscription payments and manage billing
  • Send transactional emails (login codes, payment confirmations, form notifications)
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

We do not use your information for advertising. We do not sell your data. We do not build advertising profiles.

4. AI Content Import

When you use our AI content import feature, we temporarily access the publicly available content of the URL you provide. This content is used solely to populate your new ModernSite template with your existing business information. We do not store the original website content after the import is complete. The imported content becomes part of your site data (covered in Section 2.2).

5. Data Sharing and Third Parties

We share your information only in the following circumstances:

  • Stripe - Payment processing. Stripe receives your email and payment details to process subscriptions.
  • Vercel- Website hosting. Your published site content is deployed to Vercel's infrastructure for serving to visitors.
  • Cloudflare - CDN and asset storage. Images and media you upload are stored on Cloudflare R2.
  • Amazon Web Services (AWS) - Email delivery (SES) for transactional emails and form notifications. Screenshot capture for site thumbnails.
  • Supabase - Authentication service for passwordless login.

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may disclose information if required by law, court order, or governmental authority.

6. Data Storage and Security

Your data is stored on servers located in Europe (Hetzner, Germany) and the United States (Vercel, Cloudflare). We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS for all connections)
  • Encrypted database connections
  • JWT-based authentication with short-lived tokens
  • No password storage (passwordless authentication only)
  • Role-based access controls
  • Regular security updates and patching

While we implement reasonable security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

  • Account data: Retained as long as your account is active. Deleted upon account deletion request.
  • Site content: Retained as long as your site exists. Deleted when you delete your site.
  • Analytics (raw): Raw pageview data is automatically pruned after 48 hours. Hourly aggregates are kept for 7 days. Daily aggregates are kept indefinitely for your reporting.
  • Form submissions: Retained until you delete them from your lead inbox, or until your site is deleted.
  • Payment records: Retained as required by financial regulations (typically 7 years for tax purposes).

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate personal data.
  • Deletion: Request deletion of your account and associated data.
  • Export: Request a machine-readable export of your site content.
  • Objection: Object to processing of your personal data in certain circumstances.

To exercise any of these rights, contact us at privacy@modernsite.studio.

9. Cookies

Our platform uses minimal cookies strictly necessary for functionality:

  • Authentication: We use localStorage (not cookies) to maintain your login session on the dashboard.
  • Published sites: Your published websites do not set any cookies on visitors. Our analytics system is cookie-free.

We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

10. Children's Privacy

ModernSite is not intended for use by children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence (including the United States and Germany). These countries may have different data protection laws. By using our service, you consent to the transfer of your information to these countries.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of ModernSite after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at:

ModernSite Studio

Email: privacy@modernsite.studio

© 2026 ModernSite Studio. All rights reserved.

Terms of ServiceAccessibility