Privacy Policy of Sitely App

Last updated: October 28, 2025

Sitely app (“the App”) collects some Personal Data from its Users.

Types of Data Collected

Among the types of Personal Data that Sitely app collects, by itself or through third parties, there are:

Usage Data, diagnostic and crash data, license and activation data, AI request data (where applicable), and email address when voluntarily provided.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this Privacy Policy or through specific explanations displayed before Data collection.

Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically when using Sitely app.

Unless otherwise specified, all Data requested by the App is mandatory. Failure to provide it may make it impossible for Sitely to deliver certain services or features.

Where the App specifically states that some Data is not mandatory, Users may choose not to provide it without affecting the availability or functioning of the core App.

Users are responsible for any third-party Personal Data obtained, published, or shared through Sitely app.

Mode and Place of Processing the Data

Methods of Processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Data.

Data processing is carried out using computers and IT-enabled tools, following organizational procedures strictly related to the stated purposes.

In addition to the Owner, certain categories of persons involved in the operation of Sitely app (administration, customer support, legal, system administration) or external parties (technical service providers, analytics providers, cloud computing and AI service partners) may have access to the Data.

Such parties, if necessary, may be appointed as Data Processors by the Owner.

An updated list of these parties can be requested from the Owner at any time.

Place

The Data is processed at the Owner’s offices and in other locations where the involved parties operate.

Depending on the User’s location, Data transfers may involve transferring the User’s Data to a country other than their own. Users can find more details about such transfers in the section on International Data Transfers.

Retention Time

Personal Data is processed and stored for as long as required for the purpose it was collected and may be retained longer due to legal obligations or based on User consent.

Purposes of Processing

The Data concerning the User is collected to allow the Owner to:

• Provide and maintain the App and its Services
• Verify and manage software licenses
• Deliver optional AI-powered or cloud-based features
• Comply with legal obligations
• Respond to support or enforcement requests
• Detect malicious or fraudulent activity
• Protect its rights and interests (or those of Users or third parties)

For detailed information on each purpose and the Personal Data involved, refer to the section “Detailed Information on the Processing of Personal Data.”

Detailed Information on the Processing of Personal Data

Analytics and Diagnostics

• Sentry (Functional Monitoring): Diagnostic and crash reports (anonymous or user-submitted)
• Apple System Analytics (macOS): Aggregated, anonymized usage data if enabled in system preferences

Personal Data: Usage Data; Diagnostic Data; Crash Logs

License Management

Sitely Licensing Service: License key, activation token, and hashed device identifier used to verify app activation and prevent fraud

Personal Data: License Data; Email address (if provided for license registration)

AI and Cloud Features

• OpenAI (AI Processing): Requests made through Sitely’s AI features (e.g., AI website generation, image descriptions) are securely transmitted for processing.

Personal Data: Data communicated while using the AI feature; may include text, image, or project content provided by the User.

Contacting the User

• Support Requests: Direct email or in-app contact forms. Used only to respond to inquiries.

Personal Data: Email address; message content.

Legal Basis of Processing

The Owner may process Personal Data if one of the following applies:

• The User has given consent for one or more specific purposes;
• Processing is necessary for the performance of an agreement with the User or pre-contractual obligations;
• Processing is required to comply with a legal obligation;
• Processing is necessary for the legitimate interests pursued by the Owner (such as improving reliability or preventing fraud).

To clarify which legal basis applies, Users may contact the Owner.

International Data Transfers

Personal Data may be transferred to and processed in countries outside the European Economic Area (EEA).

When this occurs, the Owner ensures that appropriate safeguards are in place—such as Standard Contractual Clauses approved by the European Commission or adequacy decisions—to protect User Data.

Further Information on Retention Time

• Contract performance: Data is retained until the contract or license is fully performed.
• Legitimate interests: Data is retained as long as necessary to fulfill such purposes.
• Consent-based processing: Data may be retained until consent is withdrawn.
• Legal obligations: Data may be kept longer if required by law or authorities.

Once the retention period expires, Personal Data will be deleted. After deletion, rights such as access, erasure, or portability cannot be exercised.

Users’ Rights under the GDPR

Users may exercise certain rights regarding their Data processed by the Owner. In particular, Users have the right to:

• Withdraw consent at any time
• Object to Data processing
• Access their Data and obtain a copy
• Verify and request correction of their Data
• Restrict Data processing
• Request deletion of their Data
• Receive their Data in a structured, machine-readable format and transfer it to another controller
• Lodge a complaint with a Data Protection Authority

Right to Object

Users may object to Data processing based on legitimate interests or for direct marketing purposes, at any time and free of charge.

How to Exercise These Rights

Requests to exercise User rights can be made via the contact details provided below.

Requests are free of charge and will be addressed within one month.

The Owner will inform each recipient of any rectification, erasure, or restriction of processing unless this proves impossible or involves disproportionate effort.

Additional Information

Legal Action

User Data may be used for legal purposes by the Owner in court or prior to legal action arising from misuse of Sitely app or related services.

System Logs and Maintenance

For operation and maintenance purposes, Sitely app and third-party services may collect system logs or diagnostic data.

Further Information

More details about the collection or processing of Personal Data can be requested from the Owner at any time via the contact information below.

Changes to this Privacy Policy

The Owner reserves the right to modify this Privacy Policy at any time by posting notice within the App and, where feasible, notifying Users via available contact information.

Users are encouraged to check this document often, referring to the date of the last modification.

If changes affect processing activities based on User consent, the Owner shall request new consent where required.

Owner and Data Controller

Crinon SRL

Via Frusa 3 – 50131 Firenze (Italy)

Email: privacy@sitely.app