This Privacy Policy describes how SITE123 Ltd. (“we”, “our”, or “us”) handles personal data (“Information”) collected in connection with our website building platform, related tools, and associated services (collectively, the “Services”).
This policy applies to the following categories of data subjects:
Account Holders / Platform Customers – individuals or entities who register for the Services, build and manage websites, online stores, landing pages, calendars/bookings, newsletters, etc. (“Customers” or “Website Owners”).
Authorized Users on behalf of the Customer – contributors, collaborators, or invited users working on a Customer’s website.
Visitors of Customer Websites – individuals browsing websites built and hosted on our platform (“Customer Sites”).
Visitors of Company Assets – individuals visiting websites, apps, or landing pages operated by the company (“Company Sites”), registering for webinars/events, or receiving marketing content.
Use of the Services and Company Sites is subject to this Privacy Policy and our Terms of Use, and constitutes consent to the processing of Information as described herein. You are not required to provide us with Information; however, without certain Information we may be unable to provide access to the Services, in whole or in part.
Profile & Account: Name, email, phone, profile picture (if provided), role/company, user permissions, hashed password.
Business & Payment Details: Business name/ID, billing address, currency, payment methods via secure third-party processors (we do not store full card details), invoices and transaction records.
Usage & Configuration Data: Website/store settings, domains, active modules and apps, templates/code/design, calendars/bookings, third-party integrations (Analytics, pixels, CRM, payment gateways), logs and administrative records.
Technical Data: IP address, device/browser/OS type, resolution, language/time zone, app/advertising identifiers, cookies/pixels, anonymized click/scroll/heatmap data.
Support & Inquiries: Correspondence, chats, calls (including recordings where permitted), service requests, and resolution records.
Usage Data: IP address, browser/device/OS details, cookies/pixels and analytics (if enabled by the Customer), interactions and browsing behavior.
Forms & Registrations: Contact details, newsletter sign-ups, service inquiries, order/purchase details (via secure processors), and other content submitted on the Customer Site.
Note: This collection is under the Customer’s control and settings.
Usage data, cookies/pixels, contact forms, and marketing preferences.
Payment processors, marketing/analytics tools, social networks (if accounts are connected), APIs or business partners – subject to your authorizations and applicable law.
Providing & Operating the Services: Website creation/hosting/management, add-ons, domains, identity verification, access management, billing, support.
Customization & Improvement: Usability analysis, performance monitoring, troubleshooting, developing new features.
Security & Fraud Prevention: Monitoring, logs, cybersecurity measures, enforcement of Terms of Use.
Operational & Marketing Communication: System messages, service updates, changes; promotional content subject to consent and applicable law.
Legal & Regulatory Compliance.
Aggregated/Anonymous Data: Creating and using statistics that cannot reasonably identify individuals.
For Customer/Account Holder data and Company Site visitors, we act as the Data Controller.
For Customer Site visitors, the Customer (Website Owner) is the Data Controller of the data collected on their site; we provide the infrastructure and may act as a Processor on their behalf.
Customers must publish a privacy policy on their site, implement cookie/consent mechanisms as required, and handle data subject requests in compliance with applicable law. We provide templates/tools, but the Customer is fully responsible for implementation.
Service Providers: Data processing, hosting/cloud/CDN, payment, mailing, security, analytics, support, consulting – limited to what is necessary and subject to data processing agreements.
Third Parties Connected by the Customer: Pixels/Analytics/CRM/payment providers, per Customer settings and authorization.
Authorities: If required by law or necessary to protect rights and safety.
Group Companies / M&A Events: In the event of a change of control or merger, subject to notice and safeguards.
With Consent: In all other cases, only with explicit consent. We may share anonymized/aggregated data that cannot identify individuals.
Location: Israel and/or abroad (including EEA/US), with us and/or our service providers, subject to appropriate safeguards ensuring a level of protection not lower than Israeli law.
Retention: As long as necessary for the purposes outlined above and in accordance with legal/record-keeping obligations. Afterwards, data will be deleted or anonymized.
We and Customer Sites (depending on Customer settings) use cookies/pixels/identifiers for operation, performance, security, analytics, and marketing. Preferences may be managed through browser settings or cookie banners (if enabled), but full blocking may impair functionality. See our Cookie Policy for details.
The Services may include AI-based tools to assist with generating content or suggestions (text, images, etc.). Such outputs are for assistance only; we do not guarantee their accuracy, reliability, or legal compliance. Customers are responsible for reviewing, verifying, and adapting content before publication.
Service/Operational Notices: Sent as needed (changes, billing, security). Some are mandatory and cannot be opted out.
Marketing: Subject to consent and applicable law; opt-out available at any time.
Support: Inquiries, chats, calls, and emails may be logged for documentation and service improvement.
We apply reasonable and industry-standard organizational and technical measures (encryption, access controls, monitoring, logical separation, backups) to reduce risks of unauthorized access, loss, or misuse. However, absolute protection cannot be guaranteed.
Subject to applicable law (including Israel’s Amendment 13 to the Privacy Protection Law and GDPR), you may have rights such as: access, rectification, deletion, restriction of processing, data portability, and objection to direct marketing.
Requests should be sent to privacy@site123.com. We will verify identity and respond within legally required timeframes.
Where we process data on behalf of a Customer (Customer Site), we will direct the request to the Customer as Data Controller.
The Services are not intended for children under 18. We do not knowingly collect data about minors. If discovered, we will block or delete such data in accordance with law.
Company Sites and Customer Sites may include links, scripts, or services from third parties. We are not responsible for their policies or practices. Use of such services is subject to the third party’s privacy policy.
You are responsible for reviewing the legal requirements applicable to your activities and consulting with relevant professionals.
A Customer (Website Owner) is generally the Data Controller of data collected on their site. They must:
Publish a tailored privacy policy.
Implement cookie/consent mechanisms.
Obtain proper consents (e.g., forms/newsletters).
Respond to data subject requests.
We provide templates and tools, but are not responsible for wording or implementation. You may be deemed a “Database Owner” or “Data Controller” under law. This section is general guidance only; you must seek professional advice and adapt your documents, settings, and processes accordingly before publishing your site.
We may update this Policy from time to time. The latest version will be published on our sites. For material changes, we will notify you through a reasonable channel. Continued use after updates constitutes acceptance of the revised Policy.
Data Protection Officer Email: privacy@site123.com
