SmolSites: Privacy in Plain English

(How we handle your data – short & clear)

We know privacy policies can be painful to read. Here’s the straightforward version of how we collect, use, and protect information. If you ever want the full legal details, our complete Privacy Policy is available anytime.

1. The Two Roles We Play

We handle data in two ways — depending on what you’ve hired us for:

When you’re our client
We collect your business contact details (like name, email, and payment info) so we can communicate, invoice, and deliver services. Here, we’re the Data Controller — responsible for keeping that information safe.

When we handle your customers’ data
If we run your website, chatbot, or AI voice agent, we process information belonging to your customers (“End-Users”) — such as form entries, call recordings, or order details.
In this case, you are the Data Controller and we are the Data Processor — meaning we follow your instructions only. We never use your customers’ data for our own purposes.

2. What We Collect

We only collect what’s needed to provide or improve your service:

  • Client data: Name, email, billing details, messages, and project content.
  • Customer data: Information entered through your systems (e.g., form submissions, booking details, call transcripts).
  • Website visitor data: Standard technical info like IP addresses, analytics data, and cookies — to keep sites secure and running smoothly.

3. How We Use It

  • Client data: Used to communicate with you, deliver services, send invoices, and maintain your account.
  • Customer data: Used strictly to operate your service — never sold or used for our own marketing.
  • AI voice data: Used to power your AI agent. We may use anonymized and aggregated data (with personal details removed) to improve performance across our systems.

4. Who We Share Data With

We rely on secure, reputable partners (called Sub-processors) to run parts of our infrastructure, including:

  • OpenAI – AI processing
  • Hostinger / Cloudflare – web hosting and security
  • Google / Meta – marketing platforms (used only under your instruction)
  • Stripe – payment processing

We only work with providers that meet strong privacy and security standards. Some operate in the US or other regions, so data may be transferred securely under approved data-protection frameworks.

5. Your Rights (and Your Customers’ Rights)

Both you and your customers can request access, correction, or deletion of personal data.

  • If it’s your data, contact us directly at hello@smolsites.com.
  • If it’s your customer’s data, they should contact you first. We’ll assist once you instruct us.

6. Data Protection & Retention

We apply reasonable technical and organizational safeguards to keep data secure.
We retain personal data only as long as necessary to provide the service or as required by law.

7. Final Notes

We comply with the Singapore PDPA and the Australian Privacy Act.
We may update this summary or our full Privacy Policy occasionally — any changes will be reflected on our website.

Questions?
Email hello@smolsites.com and we’ll help.