Privacy Policy
Your privacy matters to us. Here's how we handle your data.
Introduction
MRN24 LLC, doing business as Siteavail ("Siteavail," "we," "our," or "us"), a Florida limited liability company, respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.
By using Siteavail's services, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use our services.
Information We Collect
Information You Provide
We collect information that you voluntarily provide to us, including:
- Account Information: Name, email address, and password when you create an account.
- Billing Information: Payment method details and billing address, processed securely through our third-party payment processor (Stripe). We do not store your full credit card number.
- Website Information: Domain names and URLs of websites you add to Siteavail for backup and failover services.
- Communications: Any messages, support requests, or feedback you send to us.
Information Collected Automatically
When you visit our website or use our services, we may automatically collect:
- Usage Data: Pages visited, features used, actions taken within the dashboard, and timestamps.
- Device Information: Browser type, operating system, device type, and screen resolution.
- Log Data: IP address, access times, referring URLs, and other standard web server log information.
- Cookies: Small data files stored on your device to maintain your session and remember your preferences. See the "Cookies" section below for more details.
Website Archive Data
As part of our core service, we crawl and create archives of the websites you register with Siteavail. These archives consist of the publicly accessible front-end content of your website (HTML, CSS, JavaScript, images, and other static assets). We store this data solely to provide the backup and failover services you have subscribed to. We do not use the contents of your archives to train artificial intelligence or machine learning models, and we do not analyze archive contents for any purpose other than operating the Service.
Important: Website archives may incidentally contain data submitted by your website's visitors (e.g., publicly visible comments, forum posts, or other user-generated content). We recommend that you configure your crawl settings to avoid capturing sensitive form data or personally identifiable information of third parties. You are responsible for ensuring that your use of Siteavail's archiving service complies with your own privacy policy and applicable laws.
Failover serving. When you activate failover, we serve the static archive of your site as captured. Visitors to your site during failover are interacting with content under your control; we do not collect personal data from your visitors beyond standard server access logs (IP address, request path, user agent, timestamp) used to operate, secure, and bill the Service. With respect to data of your visitors that is contained in or submitted to your archived site, Siteavail acts as a processor on your behalf, and you are the controller.
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our backup and failover services.
- Process your transactions and manage your account.
- Send you service-related communications (account confirmations, billing notices, technical alerts).
- Respond to your support requests and inquiries.
- Monitor and analyze usage patterns to improve our platform.
- Detect, prevent, and address technical issues or fraudulent activity.
- Comply with legal obligations.
Information Sharing & Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Sub-processors: We work with trusted third-party companies (sub-processors) that help us operate our business. These providers have access only to the information needed to perform their services and are contractually obligated to protect it. Our current sub-processors include:
- Stripe (United States) — payment processing and billing
- Hetzner — cloud compute, archive storage, and failover infrastructure
- Resend (United States) — transactional email delivery
- Cloudflare (global edge) — homepage hosting via Cloudflare Pages and, where customers opt in, DDoS mitigation during failover events
- Google (United States) — inbound email routing and processing via Google Workspace
- Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request. Where permitted, we will notify you before doing so.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
- With Your Consent: We may share information for any other purpose with your explicit consent.
Data Retention & Account Deletion
We retain your personal information for as long as your account is active or as needed to provide you with our services. We retain website archive data according to the retention schedule you configure in your dashboard settings.
You may delete your account at any time from the dashboard, or by emailing [email protected]. When you delete your account, we will delete your personal data and archives within 30 days, except where we are required to retain certain information for legal, tax, accounting, or compliance purposes (for example, billing records that we are required to keep for tax reporting).
Data Security
We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL) and at rest, secure authentication, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
Security Incident Notification
If we become aware of a security incident that materially affects your personal data or your website archives, we will notify you without undue delay. Notification will describe, to the extent then known, the nature of the incident, the data affected, the steps we are taking to address the incident, and the steps you should consider taking to protect yourself.
Cookies
We use cookies and similar technologies to maintain your session and remember your preferences. You can control cookie settings through your browser preferences. Disabling cookies may affect certain features of our service.
We use only essential cookies that are required for the service to function:
- Session Cookies: Used to maintain your authenticated session while using the dashboard. These are deleted when you close your browser or when your session expires.
- Device Trust Cookies: Used to remember trusted devices for login verification. These expire after 30 days of inactivity.
We do not use analytics cookies, advertising cookies, or third-party tracking cookies. Because we only use essential cookies that are strictly necessary for the service to function, cookie consent is not required under most privacy regulations (including the EU ePrivacy Directive).
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information.
- Deletion: Request deletion of your personal information, subject to certain exceptions.
- Data Portability: Request a machine-readable copy of your data.
- Opt-Out: Unsubscribe from non-essential email communications at any time.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
Data Locations & International Transfers
Siteavail relies on reputable third-party cloud infrastructure providers for compute, archive storage, and failover serving. Your account data, website archives, and operational data are stored and processed on this infrastructure, which may be located in multiple countries. We may change or add infrastructure providers and locations as our service evolves.
Because our providers and users may be located in different countries, your information may be transferred to and processed in countries other than the one in which you reside. By using the Service, you consent to such transfers. For transfers of personal data out of the European Economic Area, the United Kingdom, or Switzerland, we rely on Standard Contractual Clauses or another lawful transfer mechanism where required.
GDPR & Lawful Basis
Siteavail does not specifically target customers in the European Union. However, we recognize that website archives created through our Service may incidentally contain data from EU visitors to our customers' websites, and that we may have EU-based customers. Where the General Data Protection Regulation (GDPR) applies, we process personal data on the following lawful bases:
- Performance of a contract — to provide the Service to you (account, billing, archives, failover).
- Legitimate interests — to secure the Service, prevent fraud and abuse, and improve the Service, balanced against your rights.
- Legal obligation — to comply with tax, accounting, and other legal requirements.
- Consent — where we ask for it (for example, optional communications). You may withdraw consent at any time.
With respect to personal data of your website visitors that is contained in archives we hold on your behalf, you are the controller and Siteavail is the processor. Business customers requiring a Data Processing Addendum (DPA), including the Standard Contractual Clauses for international transfers, may request one by emailing [email protected].
If you are located in the EU/EEA, the United Kingdom, or Switzerland, you also have the right to lodge a complaint with your local data protection supervisory authority. We would, however, appreciate the chance to address your concerns first — please contact us at [email protected].
Children's Privacy
Siteavail is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). Additionally, you must be at least 18 years old to create an account and use the Service. If we learn that we have collected information from a child under 13, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at [email protected].
California Privacy Rights
If you are a California resident, you have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA").
Categories of personal information we collect. In the past 12 months, we have collected the following categories of personal information about California consumers, drawn from the categories in Cal. Civ. Code § 1798.140:
- Identifiers — name, email address, account ID, IP address.
- Commercial information — subscription plan, billing history, transaction records.
- Internet or other electronic network activity — dashboard usage data, log data, device and browser information.
- Geolocation data — coarse location inferred from IP address (country/region only).
- Other information you provide — support requests, feedback, and any other communications you send us.
Sources. We collect this information directly from you when you create an account and use the Service, and automatically from your device and browser when you interact with the Service. We do not purchase personal information from data brokers.
Business purposes. We use this information to provide and operate the Service, process payments, communicate with you, secure the Service, and comply with legal obligations, as described above in "How We Use Your Information."
Disclosures. We disclose personal information only to the sub-processors listed under "Information Sharing & Disclosure" and only for the business purposes described in this Policy.
Sale or sharing. We do not sell personal information, and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined under the CCPA. We have not done so in the past 12 months.
Sensitive personal information. We do not use or disclose sensitive personal information for any purpose other than what is necessary to provide the Service.
Your rights. California residents have the right to (i) know what personal information we collect, use, and disclose; (ii) request a copy of their personal information in a portable format; (iii) request correction of inaccurate personal information; (iv) request deletion of personal information; and (v) not be discriminated against for exercising any of these rights. To exercise any of these rights, contact us at [email protected]. We will verify your request using information already associated with your account. You may also designate an authorized agent to make a request on your behalf.
Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, by sending you an email notification. We encourage you to review this page periodically.
Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
- Email: [email protected]
- Web: Contact Page