Site Rep Privacy and Data Handling

Site Rep is in self-serve setup beta. These notes describe the current product behavior and should not be read as a compliance certification.

What Site Rep collects

• Website URLs and approved source text used to train a customer bot.
• Visitor questions, cited answers, feedback, and unknown-question repair items.
• Lead details that a visitor chooses to submit, such as name, email, and buying need.
• Basic install, usage, quota, and source-health events needed to run the service.

How Site Rep uses this data

• To answer only from approved sources or refuse when proof is missing.
• To show the site owner leads, conversations, source gaps, install health, and exports.
• To improve that customer's bot and repair missing source coverage.

Owner controls

• Owners can export bot backup data, leads, conversations, and proof reports from the dashboard.
• Source edits create rollback snapshots where the source set is small enough to restore safely.
• Deletion review requests can be opened from the owner workspace and are tracked in the owner queue. Export requests can use the dashboard exports or hello@siterep.net.

Visitor-facing behavior

Site Rep should make the data boundary visible in the answer flow. If a visitor asks a question that the approved

sources do not prove, the assistant should refuse instead of inventing a policy, price, timeline, or support answer.

If the visitor asks for human follow-up, the lead form collects only the details needed for the owner to reply.

Operational data

The service keeps setup state, install checks, source health, answer feedback, and owner queue items so a site owner

can see what worked and what needs repair. Those records are product operations data, not public search content.

Current limits

Site Rep does not claim SOC 2, GDPR, HIPAA, zero retention, or no-training-on-data status. Those claims require verified policy, provider settings, product behavior, and legal review before they appear in sales copy.