// newAll eight services in one subscription — $1,200/mo save 76%Get the bundle →
// legal

Privacy Policy

Last updated: May 30, 2026

This policy explains what personal data SiteOnTop (“we”, “us”, the “Studio”) collects when you use getsiteontop.com and our services, why we collect it, who we share it with, and the choices you have. SiteOnTop is operated as an independent studio. Questions? Email info@getsiteontop.com.

1. Data we collect

We only collect data you give us or that is needed to run the service:

  • Lead & contact details — name and email when you request a project, join a waitlist, or use our contact form.
  • Account details — name, email, and a password (stored only as a one-way bcrypt hash; we never see your plaintext password) if you create an account.
  • Billing & order details — billing contact and address, the plan you chose, and a snapshot of the engagement contract you agreed to. We never receive or store your full card number — card data is collected and processed directly by Stripe.
  • Project brief — the information you submit in the intake form after purchase, so we can deliver your project.
  • Support messages — the content of any message you send us.
  • Usage & device data — IP address, browser / user-agent, pages visited, and a first-party visitor cookie (“vid”). We use this for analytics, security, and rate-limiting to prevent abuse.

2. How we use it

  • To provide, deliver, and support the services you purchase.
  • To process payments and send transactional emails (receipts, order and project updates).
  • To create and secure your account and prevent fraud or abuse.
  • To understand how the site is used and improve it.
  • To respond to your enquiries and support requests.

We do not sell your personal data, and we do not use it for third-party advertising.

3. Service providers (sub-processors)

We share data only with the providers we need to operate, each acting on our instructions:

  • Stripe — payment processing. Stripe collects and processes your payment details under its own privacy policy.
  • Resend — sending transactional email (receipts and order updates).
  • MongoDB — database hosting for accounts, orders, and briefs.
  • Google Tag Manager / analytics — measuring site usage. You can block these with your browser or an extension.
  • Our hosting / infrastructure provider, which processes requests to serve the site.

4. Cookies

We use a small number of cookies: a session cookie to keep you signed in, a first-party visitor identifier (“vid”) for analytics, and any cookies set by Google Tag Manager. We do not use cross-site advertising cookies. You can clear or block cookies in your browser; signing in will not work without the session cookie.

5. Data retention

We keep personal data for as long as your account or engagement is active and as needed for the purposes above — for example, we retain order and billing records to meet tax and accounting obligations. When data is no longer needed, we delete or anonymise it.

6. Your rights

You can ask us to access, correct, export, or delete your personal data, or to stop processing it. To make a request, email info@getsiteontop.com from the address associated with your account and we will respond within a reasonable time.

7. Security

Passwords are hashed with bcrypt, payment data is handled by Stripe, and access to our systems is restricted. No method of transmission or storage is perfectly secure, but we take reasonable measures to protect your data.

8. Changes & contact

We may update this policy from time to time; the “last updated” date above reflects the latest version. For any privacy question or request, contact info@getsiteontop.com. See also our Terms of Service, Refund & Cancellation Policy, and Service Delivery Policy.