Privacy Notice

This notice applies when you sign up for LayoutPages, administer a tenant, submit a support or compliance request, receive transactional email from us, or visit platform-controlled pages such as layoutpages.com.

Hosted customer sites may have their own visitor-facing privacy notices. In those cases, the site operator is generally the primary controller for visitor content, forms, and marketing activity, while LayoutPages acts as a hosting and service provider for parts of that processing. See the Data Processing Addendum for the processor terms.

We may collect account details such as name, email address, password hash, tenant slug, custom domain settings, plan, billing status, and basic account preferences.

We also process content and operational data you place into the service, including published pages, portfolio items, blog posts, custom content, uploaded files, client pages, forms, submissions, user-management settings, API keys, webhooks, and backups or revision metadata.

For billing, Stripe provides customer and subscription metadata such as customer IDs, subscription IDs, invoice state, plan, billing interval, and renewal or cancellation state. We do not intentionally store full payment card numbers on our own servers.

Tenants who enable creator monetization onboard a Stripe Connect Express account. Stripe collects identity, business, and tax information directly from that account; LayoutPages receives only the Connect account identifier, charges/payouts enablement flags, sale amounts, and the platform fee amount per transaction. KYC and tax documentation remain with Stripe.

If you submit a marketing lead — for example through the "Talk to sales" form on /contact-sales or one of the /marketplace waitlist forms — we store your name, email address, the form source, any notes you provide, and basic request metadata so we can follow up. You can request deletion at any time via /privacy-requests.

We collect first-party analytics on platform-controlled pages (the LayoutPages marketing site, pricing, signup, contact-sales, and marketplace) to understand how visitors arrive and convert. This includes pageview records, navigation events, CTA clicks, signup-form interactions, and aggregated web-vital measurements, recorded under a platform-level tenant identifier so they can be queried separately from tenant site analytics.

Analytics for visitor sites hosted on LayoutPages is the responsibility of the site operator under the Data Processing Addendum. We do not use platform-side analytics to track individuals across the public internet, and we do not sell personal information.

We use cookies and local storage for session management, CSRF protection, client-page access, consent preferences, and similar core product functions. See the Cookie Notice for more detail.

We also collect service logs and security telemetry such as IP address, request path, timestamps, host, user agent, request identifiers, and error data as needed to operate, secure, and troubleshoot the service.

We use information to provide and improve the service, authenticate users, host sites, process subscriptions, operate forms and client pages, deliver emails, prevent abuse, respond to support issues, and maintain backups and audit trails.

We share information with subprocessors and infrastructure providers that help us operate the service, including hosting, edge and storage providers, payment processors, and email-delivery vendors. The current list is in our Subprocessors page.

We may also disclose information where required by law, in connection with a lawful request, business transfer, fraud investigation, security incident, or other legitimate protection need.

We and our vendors may process data in the United States and other jurisdictions. Where required, appropriate transfer mechanisms should be addressed by contract, including the DPA and any supplemental measures needed for a particular customer deployment.

We retain information for as long as reasonably necessary to provide the service, maintain security, satisfy legal obligations, resolve disputes, and enforce agreements.

We use reasonable administrative, technical, and organizational measures to protect information, but no system is perfectly secure. You should use strong credentials and control access to your admin accounts, webhooks, and API keys.

Depending on where you live, you may have rights to request access to, correction of, deletion of, restriction of, objection to, or export of certain personal information. LayoutPages account holders can use the in-product Privacy Center, and anyone can use our Privacy Requests page.

We aim to respond within one month where required by law. To contact us directly, email [email protected].

LayoutPages is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

We may update this notice from time to time. Questions can be sent to [email protected].