MysticSites Logo
MysticSites

Privacy Policy

Last updated: August 28, 2025

At MysticSites ("we", "our", or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered website builder platform.

1. Information We Collect

1.1 Personal Information

When you create an account with MysticSites, we collect:

  • Google Account Information: Name, email address, and profile picture through Google OAuth authentication
  • Account Data: User ID, account creation date, and last login information
  • Contact Information: Email address for account management and support communications

1.2 Business Information

When you create a website, we collect and process:

  • Google Places Data: Business name, address, phone number, opening hours, and business type
  • Business Photos: Images from your Google Places listing, processed and stored in Google Cloud Storage
  • Customer Reviews: Public reviews from Google Places to display on your website
  • Website Content: Custom text, descriptions, and edits you make to your website
  • Template Preferences: Your chosen design template and customization settings

1.3 Technical Information

  • Usage Data: How you interact with our platform, pages visited, and features used
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP addresses, access times, and error logs for security and troubleshooting
  • Cookies: Session cookies for authentication and user experience enhancement

1.4 Payment Information

  • Subscription Data: Payment history, subscription status, and billing preferences
  • Domain Purchases: Domain registration details and payment records
  • Third-Party Payment Processing: We use secure payment processors and do not store credit card information

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: Generate and host your professional website
  • Account Management: Create, maintain, and secure your user account
  • Content Generation: Use Google Places data to create website content automatically
  • Photo Processing: Optimize and store business photos for website display
  • Domain Management: Register, configure, and maintain custom domains
  • Platform Improvement: Analyze usage patterns to enhance our services
  • Customer Support: Provide technical assistance and resolve issues
  • Security: Protect against fraud, abuse, and unauthorized access
  • Legal Compliance: Meet regulatory requirements and legal obligations
  • Communications: Send important updates, security alerts, and support messages

3. Third-Party Services

MysticSites integrates with several third-party services to provide our functionality:

3.1 Google Services

  • Google OAuth: For secure user authentication
  • Google Places API: To retrieve business information and photos
  • Google Maps API: For location services and geocoding
  • Google Cloud Storage: For photo processing and content delivery

3.2 Domain and Hosting Services

  • NameSilo/GoDaddy: For domain registration and management
  • Vercel: For website hosting and content delivery
  • MongoDB Atlas: For secure database storage

3.3 Payment Processing

  • PayPal: For subscription payments and billing management
  • Secure Payment Gateways: All payment data is processed through PCI-compliant systems

4. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

  • Service Providers: Trusted third-party services that assist in our operations (as listed above)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfer: In the event of a merger, acquisition, or sale of assets
  • Protection of Rights: To protect our rights, property, or safety, or that of our users
  • Public Information: Business information that is already publicly available through Google Places
  • Consent: When you explicitly consent to sharing your information

5. Data Security

We implement robust security measures to protect your information:

  • Encryption: All data transmission is encrypted using SSL/TLS protocols
  • Secure Storage: Data is stored in secure, encrypted databases
  • Access Controls: Strict access controls and authentication measures
  • Regular Audits: Security assessments and vulnerability testing
  • Incident Response: Procedures for detecting and responding to security breaches
  • Data Minimization: We collect only necessary information and retain it only as long as needed

6. Data Retention

We retain your information for the following periods:

  • Account Data: Until you delete your account or request data deletion
  • Website Content: As long as your website remains active
  • Payment Records: As required by financial regulations (typically 7 years)
  • Log Data: Generally retained for 90 days for security and troubleshooting
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications
  • Restrict Processing: Request limitation of how we use your data
  • Object: Object to certain types of data processing

To exercise these rights, please contact us at privacy@mysticsites.com

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards, including standard contractual clauses and adequacy decisions.

9. Children's Privacy

MysticSites is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

10. Cookies and Tracking

We use cookies and similar technologies to:

  • Authentication: Keep you logged in securely
  • Preferences: Remember your settings and preferences
  • Analytics: Understand how our platform is used
  • Security: Detect and prevent fraudulent activity

You can control cookies through your browser settings, but disabling cookies may affect platform functionality.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Regional Privacy Laws

12.1 GDPR (European Union)

If you are located in the EU, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

12.2 CCPA (California)

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to delete personal information.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Officer

📧 Email: privacy@mysticsites.com

🌍 Website: www.mysticsites.com

📞 Support: Available through our website contact form

We are committed to resolving any privacy concerns promptly and transparently.

14. Effective Date

This Privacy Policy is effective as of the date listed at the top of this document and applies to all information collected by MysticSites.