Privacy policy.

Instinctor is operated by the Instinctor team based in Philadelphia, Pennsylvania, USA. For data-protection purposes we are the controller of personal data we collect about account holders, designers, and visitors to instinctor.com. Designers using the platform to deliver client sites are joint controllers for their own clients' personal data.

Account: name, email, billing address, phone (optional). Billing: handled by Stripe, we never see your card number; we store Stripe customer/payment IDs only. Builder content: pages, images, video, copy, products, code, and design choices you upload. Operational data: page views, errors, deploy logs, AI chat transcripts, login timestamps, IP address, user agent. SMS opt-ins: phone number and which message stream you opted into. Support email: anything you send us at helpdesk@instinctor.com.

To run your account and bill you (contract). To deliver the service you signed up for, building, hosting, and deploying your site (contract). To send transactional and SMS messages you asked to receive (consent + contract). To detect fraud and abuse, keep the platform secure, and improve the product (legitimate interest). To meet our legal and tax obligations (legal obligation). We never use your personal data for advertising or to build advertising profiles.

We rely on these GDPR legal bases: contract performance (running your account and billing), consent (SMS marketing, optional analytics, AI training opt-ins), legitimate interest (security, fraud prevention, product analytics on aggregated data), and legal obligation (tax records, accounting, lawful requests). You can withdraw consent at any time without affecting prior processing.

Sub-processors we rely on to run the service: Stripe (payments and Connect payouts), our transactional email provider, OpenAI or equivalent (AI features when you use them), Twilio or equivalent (SMS delivery), screenshot capture services, and your hosting provider once you publish a site. We do not sell, rent, share, or trade your personal data with anyone for marketing or any other purpose. We do not put your data into ad networks, tracking pixels, or cross-site profiling. We disclose data only when legally required (subpoena, court order) and we tell you when we can.

We are based in the United States. If you are in the EU, UK, or another region, your personal data is transferred to the US to be processed. We rely on Standard Contractual Clauses (SCCs) for these transfers. Stripe and our other sub-processors maintain their own GDPR-compliant transfer mechanisms; copies are available on request.

Account data: while your account is active, plus 7 years after closure for tax/accounting. Builder content: while the site is active; permanently deleted within 30 days of account closure. Logs: 90 days. AI chat transcripts: 90 days unless you delete them sooner. SMS opt-in records: while opt-in is active, plus 18 months after opt-out for compliance audit. Backups are retained for 30 days then expire.

We use a small set of strictly-necessary first-party cookies: a session cookie for login, a CSRF token for form security, and a first-party analytics cookie that records page-load times and JavaScript errors with no cross-site tracking. We do not use third-party advertising cookies, trackers, or pixels.

If you choose Google sign-in we receive your email address, display name, Google account identifier, and profile picture URL (if set). We do not request access to Gmail, Contacts, Calendar, Drive, or any other Google service data. The OAuth flow is processed by Google's OAuth service. You can revoke our access at any time from your Google account settings.

If you provide a phone number to us or to a site running on Instinctor, we use it only to deliver messages you opted in to receive. We do not sell, rent, share, or trade your phone number, contact information, or message content with third parties or affiliates for marketing or any other purpose. Consent is not transferred between brands or sites, opting in to one does not opt you in to another. Reply STOP to unsubscribe from any stream, HELP for help. Message frequency varies by service. Message and data rates may apply.

When you use Instagent or other AI features, your prompt is sent to a third-party language model provider (currently OpenAI) for processing. We do not use your private chat conversations to train external AI models. We do retain conversation transcripts for 90 days for support and abuse detection. We may use anonymized, aggregated metrics to improve the service. Do not enter passwords, payment details, or sensitive personal data into AI chat.

If you hire a designer through the marketplace, that designer has access to your site's content and admin while the engagement is active. They cannot see your billing details or your hosting credentials. When the engagement ends or you close the relationship, their access is revoked automatically. Designers are bound by these terms and have signed a data-processing agreement with us.

Instinctor is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe we have collected data from a minor, email helpdesk@instinctor.com and we will delete it.

If you are in the EU, UK, EEA, or Switzerland you have the right to: access the personal data we hold about you; correct inaccurate data; delete your data (right to be forgotten); restrict processing in some cases; export your data in a portable format; object to processing based on legitimate interest; lodge a complaint with your supervisory authority. To exercise any right, email helpdesk@instinctor.com, we respond within 30 days. You can also export everything you've uploaded directly from your dashboard at any time.

If you are a California resident you have the right to: know what personal information we collect, why, and who we share it with; access a copy of your personal information; delete your personal information; opt out of any sale or sharing of your personal information; not be discriminated against for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising, so there is nothing to opt out of in that sense, but the right exists. To exercise any right, email helpdesk@instinctor.com.

Primary storage: US-based servers. Backups: US-based, encrypted at rest. Stripe stores its own data in regions per its privacy policy. AI providers process prompts in their own infrastructure (currently US).

TLS everywhere. Passwords hashed with bcrypt. Hosting credentials, API keys, and other secrets encrypted at rest with AES-256. Payments handled by Stripe (PCI-DSS Level 1 compliant). Two-factor authentication available on all accounts. Regular dependency audits and access reviews.

If we learn that personal data has been improperly accessed, we notify affected users within 72 hours of confirming the breach, by email and in-app banner. We notify supervisory authorities (EU/UK GDPR) and California Attorney General (CCPA) within the legally required timeframes. We will tell you what was accessed, what we are doing about it, and what steps you should take.

We will email you at least 30 days before any material change to this policy. Minor wording fixes may be published without notice. The "Last updated" date at the top always reflects the most recent revision.

Privacy questions, data requests, anything: helpdesk@instinctor.com. We respond within one business day. EU representative: not yet appointed; for now, all EU/UK requests should also email helpdesk@instinctor.com.