Data Policy

When you submit a URL, the Service reads that page the way a regular visitor would and uses the publicly visible content — text, headings, structure, basic styling, image references — to inform the redesign.

We respect robots.txt. If your site disallows our user-agent at the path you submitted, we stop and return a clean error.

We don’t fetch private resources behind authentication, paywalls, or signed URLs, and we don’t bypass bot-protection systems. If your site is gated, we surface a clear error rather than working around it.

Captured content is held in our secure infrastructure (in the United States) tied to your run. Relevant text and metadata are sent to a third-party AI / LLM provider via that provider’s API to produce structured output that drives the redesign.

• Our AI / LLM provider does not train on customer content. Our agreement with the provider expressly prohibits the use of prompts, completions, or any data submitted through their API to train, fine-tune, or otherwise improve their models. We don’t opt in to any training-eligibility program.
• Content is processed in transit over TLS and retained transiently by the provider for a short abuse-monitoring window per their standard data-processing terms, after which it is purged from their systems.
• Captured assets are stored in our infrastructure and shown only inside the administrative and preview surfaces of WebsiteMaxxing; they aren’t shared externally.
• Provider identity is available on request to team@websitemaxxing.com.

• Source content we read from your URL: up to 90 days, then purged. We don’t need raw source content longer than that.
• Structured output that drives your redesign: retained for the lifetime of the generated site. You can delete a generated site any time and the purge is immediate — no soft-delete, no recovery window.
• Rendered preview pages: live until the generated site is deleted (free) or refunded (paid). After deletion the URL stops responding and the underlying render is purged on the same request.
• Code exports: generated on purchase, kept available for 7 days via short-lived links, then deleted. Re-issue from /account while the window is open.

You retain full ownership of the source content. By submitting a URL you grant WebsiteMaxxing, which is operated by First Commit LLC, a limited, non-exclusive license to read, process, and redesign it solely for the purpose of operating the Service for you. We don’t resell your content. We don’t use your content to train anything. We don’t build a derivative dataset out of your site.

You’re responsible for having the right to submit the URL you submit. Don’t point us at sites you don’t own — see Terms § Acceptable Use.

Free previews are visibly watermarked so they can’t be passed off as the unwatermarked paid version.

Paid renders and code exports are unwatermarked. The exported source contains a single comment with your purchase ID for our internal audit trail. Removing that comment is permitted; it’s for our records, not yours.

If you believe a redesigned page on our infrastructure infringes your copyright (for example, someone submitted your site without authorization), email team@websitemaxxing.com with the subject line DMCA. See Terms § DMCA for the required notice format.

Once we receive a valid notice we take the rendered page offline within 24 hours and notify the user who submitted it. They have an opportunity to file a counter-notice; if they don’t, the page stays offline and the source content is purged immediately rather than waiting for the 90-day window.

When you confirm a deletion we hard-delete: your data is removed from our active systems on the same request. No 30-day soft-delete window, no undo, no holding pen.

To delete a single site you generated:

• Sign in
• Go to /account
• Click Delete on any generated site, confirm
• The preview URL stops responding and the render, structured output, captured assets, and source content are purged from the database and blob storage on the same request

To delete your entire account and all associated data:

• Email team@websitemaxxing.com from the address on file with the subject “Delete my account”
• We reply to confirm it's really you; once you confirm, we hard-delete every record tied to your account on the same business day

The one exception — bare-minimum audit retention. US tax and audit law requires us to keep evidence of transactions even after a customer deletes their account. The only data that survives a deletion request is the minimum needed for that purpose: Stripe transaction IDs, charge amounts, and dates. No card numbers (we never had them), no profile, no usage history, no generated content. This residue is anonymized to a billing reference + amount and kept for the period required by applicable US tax and audit law.

Backups. Hard-delete happens immediately in our active systems. Encrypted off-site backups rotate on a 7-day cycle, so a copy of the deleted data may exist in a sealed backup for up to that long; the backups are write-once and aren’t accessible to any human process — they’re restored only in a disaster-recovery scenario, and any restore re-applies your deletion before the system is brought back online.

Anything not covered here: team@websitemaxxing.com.