SiteYak Get started

Security & Trust

Built with security from the ground up

SiteYak handles real visitor conversations and indexes your website content. Here's exactly how we protect your data and your visitors' privacy.

Five layers of protection

01

Data transmission encryption

All data in transit between your visitors, the SiteYak widget, and our API is encrypted using TLS 1.2 or higher. We do not accept unencrypted connections.

02

Data storage and isolation

Your site's indexed content, conversation logs, and configuration are logically isolated per site. No data is shared across customer accounts.

03

AI model security

SiteYak uses Anthropic's Claude API. Conversation data sent to Anthropic is subject to Anthropic's data handling policy. We do not use your conversations to train models.

04

Access controls

Your dashboard is protected by a Site ID credential. Production database access is restricted to authorised team members only via VPN and key-based authentication.

05

Third-party dependencies

SiteYak uses a small set of vetted third-party services: Anthropic (AI), Stripe (billing), Resend (email), and Cloudflare (CDN). Each is SOC 2 certified or equivalent.

Your data

What we store

  • The text content of pages you index
  • Visitor chat messages and AI responses
  • Conversation counts for billing purposes
  • Your site's branding and configuration

What we don't store

  • Visitor IP addresses or device identifiers
  • Payment card details (handled by Stripe)
  • Passwords or authentication credentials
  • Data from pages you haven't chosen to index

Data retention

  • Conversation logs: retained for 90 days
  • Indexed content: retained until you delete the document
  • Site configuration: retained until you delete your account
  • Billing records: retained as required by law

Anthropic & AI safety

SiteYak is powered by Claude, Anthropic's AI assistant. Anthropic is an AI safety company whose mission is the responsible development of AI for the long-term benefit of humanity.

Conversations sent to Claude through SiteYak are governed by Anthropic's usage policies. Anthropic does not use API conversations to train its models by default. You can review Anthropic's privacy and safety practices at anthropic.com/safety .

Your responsibilities

As a SiteYak customer, you agree to use the service responsibly. Key obligations:

  • Keep your Site ID confidential. Anyone with your Site ID can access your dashboard.

  • Do not index pages containing sensitive personal data (passwords, payment card numbers, private health information).

  • Ensure your own website's Terms of Service permit automated crawling and AI-powered responses.

  • Configure your monthly conversation cap to limit unexpected usage.

  • Report any suspected misuse or security concerns promptly.

Full details are in our Terms of Service.

Reporting a security concern

If you discover a potential security vulnerability or have concerns about how SiteYak handles data, please contact us immediately. We take all reports seriously and will respond within 48 hours.

security@siteyak.ai

Please include as much detail as possible: the affected URL or feature, steps to reproduce, and the potential impact. We ask that you give us reasonable time to investigate before public disclosure.

Questions about security? Email security@siteyak.ai