Privacy Policy
Last updated: July 11, 2026
This policy explains what information BuildBy1st collects, why we collect it, and who processes it on our behalf. The short version: we collect only what we need to run a website builder, we never sell personal data, and we use no third-party ad trackers.
1. Information we collect
Account information. Your email address and password, used to sign you in. Passwords are managed by our authentication provider and are never visible to us in plain text.
Your websites. The website documents you create — pages, text, design settings, business details — and any images you upload.
Leads. Form submissions that visitors send through the contact forms on your published websites (typically a name, email, phone number, and message), stored so you can see them in your leads inbox.
Simple analytics. Anonymous page-view counts for your published websites. No visitor profiles, no cross-site tracking.
2. How we use your information
We use this information to operate BuildBy1st: signing you in, saving and hosting your websites, delivering form submissions to you, showing you page-view counts, processing subscription payments, and sending transactional emails such as form notifications and password resets. That is it — we do not use your data for advertising and we do not sell personal data to anyone.
3. Visitors to published websites
If you visit a website built with BuildBy1st and submit its contact form, your submission (name, email, phone, message) is stored so the site owner can read it in their leads inbox, and it is emailed to the site owner. Page views on published sites are counted anonymously — we do not build visitor profiles or track visitors across sites. The site owner is responsible for how they use the details you send them.
4. Service providers
We use a small number of trusted providers to run the service, each processing data only on our instructions:
- Stripe — subscription billing and payment processing. BuildBy1st never sees or stores your full card number.
- Supabase — data storage and account authentication.
- Netlify — hosting infrastructure for published websites.
- Resend — delivery of transactional emails (form notifications, password resets).
- Anthropic — AI text generation for the Premium plan's AI content and design assistant.
5. Cookies and local storage
We use cookies and browser localStorage only for three things: keeping you signed in, remembering your light/dark theme preference, and saving local drafts of your work. There are no advertising cookies and no third-party trackers.
6. Payment information
All payments are processed by Stripe. Your card details go directly to Stripe; BuildBy1st never sees or stores full card numbers. You can manage or cancel your subscription anytime through the self-serve billing portal.
7. Data retention and deletion
Your websites, drafts, and designs stay in your account for as long as you keep it, including after a subscription is cancelled — free of charge, so you can republish later. If you want your account or specific data deleted, contact us through the support page and we will take care of it.
8. Security
Published websites are served over SSL, passwords are handled by our authentication provider rather than stored by us directly, and access to production data is limited to what is needed to operate the service. No system is perfectly secure, but we take protecting your data seriously.
9. Your rights
You can view and edit your account email and password in Account settings, export or delete your content by contacting support, and cancel your subscription anytime. Depending on where you live, you may have additional legal rights over your personal data — contact us and we will honor them.
10. Changes to this policy
If we change this policy, we will post the new version here with an updated "Last updated" date. Questions? Reach us through the support page — we respond within 1 business day.