Last updated: 7 May 2025
SiteSorted (“we”, “us”, or “our”) is a software-as-a-service company based in Ireland that provides AI-powered Facebook ad generation and scheduling for small businesses. We are subject to the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018.
As data controller, we are responsible for deciding how and why your personal data is processed. You can contact us at: privacy@sitesorted.ie
We collect the following categories of personal data:
We process your personal data for the following purposes and legal bases:
| Purpose | Legal basis |
|---|---|
| Providing the SiteSorted service | Contract performance |
| Processing subscription payments via Stripe | Contract performance |
| Generating AI ad content using your business data | Contract performance |
| Sending monthly performance reports by email | Contract performance |
| Preventing fraud and ensuring platform security | Legitimate interests |
| Complying with legal obligations (e.g. tax records) | Legal obligation |
| Improving our service through aggregated analytics | Legitimate interests |
We use Anthropic's Claude API to generate advertisement copy and Unsplash to source accompanying images. Your business information is sent to Anthropic's API for this purpose. Anthropic processes this data under their own privacy policy and data processing agreement. We do not use your data to train AI models.
Generated ad content is stored in our database (Supabase, hosted on AWS infrastructure in the EU) and associated with your account for the duration of your subscription.
We share your data with the following trusted third-party processors under appropriate data processing agreements:
We do not sell your personal data to third parties. We do not share your data with advertisers or data brokers.
Some of our third-party processors are based in the United States. Where we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on an adequacy decision.
We retain your personal data for the following periods:
After the applicable retention period, your data is securely deleted or anonymised.
Under the GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at privacy@sitesorted.ie. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with the Data Protection Commission (Ireland).
We use essential cookies required for authentication (managed by Clerk) and session management. We do not use advertising or tracking cookies. We do not use Google Analytics or similar third-party tracking services.
We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS), encryption at rest for database storage, access controls limiting data access to authorised personnel, and regular security reviews.
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours and affected individuals without undue delay.
SiteSorted is intended for use by businesses and individuals aged 18 and over. We do not knowingly collect data from children under 18. If you believe a child has provided us with personal data, contact us and we will delete it promptly.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by displaying a notice in the dashboard. The date at the top of this page reflects when the policy was last updated.
If you have any questions about this Privacy Policy or how we handle your data, please contact us at: privacy@sitesorted.ie