Privacy Notice Addendum
Last updated: May 26, 2026
This Privacy Notice Addendum supplements the SiteEngine Privacy Notice and applies where a specific service, jurisdiction, customer relationship, data-processing role, or consent-management implementation requires additional privacy terms.
This addendum applies to websites, services, support channels, client portals, hosting environments, managed WordPress services, professional services, consent-management tools, analytics tools, advertising tools, forms, customer websites, and related systems operated or supported by SiteEngine Web Services LLC, a Florida limited liability company, doing business as SiteEngine, North Georgia Web, and North Florida Web (“SiteEngine,” “we,” “us,” or “our”).
If this addendum conflicts with a jurisdiction-specific privacy notice, signed data processing agreement, or signed customer agreement, the more specific document controls to the extent required for that specific context.
1. Relationship to the Privacy Notice
This addendum does not replace the SiteEngine Privacy Notice. It provides additional information about SiteEngine’s data roles, customer website data, consent-management tools, advertising-related processing, privacy requests, and service-provider relationships.
Capitalized terms not defined in this addendum have the meanings given in the SiteEngine Privacy Notice, Terms of Service, or applicable Data Processing Addendum.
2. SiteEngine as Controller or Business
SiteEngine may act as an independent controller or business for personal information we process for our own business purposes.
This may include account information, billing information, support information, sales information, marketing information, website analytics, security records, legal records, abuse records, consent records, domain-related account records, service records, and administrative communications.
When SiteEngine acts as a controller or business, we determine the purposes and means of processing that information, subject to applicable law.
3. SiteEngine as Processor, Service Provider, Contractor, or Subprocessor
When SiteEngine processes personal information contained in a customer’s website, forms, databases, CRM integrations, analytics tools, email systems, support records, or hosted systems solely to provide services to that customer, SiteEngine generally acts as a processor, service provider, contractor, or subprocessor, depending on the applicable law and contract.
In that role, SiteEngine processes customer personal information to provide services, follow documented customer instructions, maintain and secure systems, troubleshoot issues, prevent abuse, comply with law, and perform the applicable agreement.
The customer is generally responsible for determining the purposes and means of processing, providing required notices, obtaining required consents, responding to privacy requests, setting retention requirements, and determining whether the services are appropriate for the customer’s data.
4. Customer Website Data
Customer website data may include form submissions, comments, user accounts, order records, membership records, contact records, CRM records, analytics data, cookies, logs, media, backups, database records, and other information collected through or stored on a customer website.
SiteEngine may access, process, store, transmit, back up, restore, migrate, scan, troubleshoot, export, or delete customer website data as needed to provide contracted services.
SiteEngine does not control the content of customer websites unless expressly agreed in writing. Customers remain responsible for the personal information they choose to collect, store, publish, process, or transmit through their websites.
5. Consent-Management Services
SiteEngine may implement, configure, maintain, or support consent-management tools on SiteEngine websites or customer websites.
Consent-management tools may display a cookie or consent banner, allow users to accept all cookies, reject non-essential cookies, manage preferences, or otherwise express privacy choices.
Consent-management tools may store preference information in first-party cookies, localStorage, server-side databases, form submissions, audit records, Google Consent Mode signals, analytics settings, advertising settings, or related systems.
Consent-management implementation is a technical service. Unless expressly agreed in writing, SiteEngine does not provide legal advice about whether a particular banner design, consent flow, disclosure, privacy notice, cookie notice, or opt-in language satisfies all laws applicable to a customer’s business or audience.
6. Consent Receipts and Audit Trails
Where SiteEngine’s consent-management system is deployed, consent interactions may create consent receipts or audit records.
Consent receipts may include receipt ID, consent method, policy version, banner version, consent state, Google Consent Mode state, page URL, referrer URL, timestamp, hashed IP address, hashed user agent, and related technical metadata.
Consent receipts are used to verify consent choices, support audit needs, support privacy requests, troubleshoot consent behavior, support advertising-compliance workflows, and determine whether downstream analytics or advertising processing should occur.
Consent receipts may be retained according to the applicable site configuration, SiteEngine policy, customer instructions, or legal requirements.
7. Consent Data in Form Submissions
Where configured, SiteEngine’s consent-management system may stamp consent state onto form submissions.
Consent data attached to form submissions may include receipt ID, advertising consent, analytics consent, personalization consent, method, timestamp, policy version, banner version, page URL, and Google Consent Mode values.
Where technically supported, SiteEngine may use server-side logic to verify or override client-supplied consent values with the more authoritative consent source to reduce tampering risk.
Customers using forms are responsible for ensuring that form disclosures, privacy notices, consent language, data retention, and downstream use of form submissions comply with laws applicable to their business.
8. Google Consent Mode and Advertising Processing
SiteEngine may configure Google Consent Mode, Google Tag Manager, Google Ads, Google Analytics, Customer Match, enhanced conversions, conversion tracking, or similar tools on SiteEngine websites or customer websites.
Consent signals may include ad storage, analytics storage, ad user data, ad personalization, personalization storage, functionality storage, and security storage.
Where consent is denied or limited, SiteEngine may configure tools to restrict or deny certain advertising or analytics processing to the extent supported by the applicable tools.
Where Customer Match, enhanced conversions, offline conversions, or similar advertising features are used, SiteEngine may use consent-gating logic so that email addresses, phone numbers, or other identifiers are hashed, uploaded, or used for advertising-related processing only when the applicable consent gate is satisfied.
9. Customer Match and Consent-Gated Uploads
Where SiteEngine assists with Google Ads Customer Match, customer list uploads, conversion uploads, or similar advertising workflows, customer information may be processed through consent-gated workflows.
Consent-gated workflows may evaluate whether advertising and analytics consent have been granted before hashing, uploading, matching, or otherwise using identifiers for advertising purposes.
Identifiers such as email addresses and phone numbers may be hashed before upload where required or supported by the advertising platform.
SiteEngine does not guarantee that a platform will accept, match, use, or report uploaded data, even where consent exists and data is hashed.
10. Privacy Requests for Customer Website Data
If SiteEngine receives a privacy request involving personal information controlled by a SiteEngine customer, SiteEngine may refer the request to the customer or process the request according to the customer’s documented instructions.
SiteEngine may require identity verification, account verification, authority verification, or additional information before assisting with a privacy request.
Customers are responsible for determining whether a request is valid, whether an exception applies, what response is legally required, and whether deletion, access, correction, restriction, opt-out, or portability is appropriate.
SiteEngine may charge reasonable fees for assistance that requires custom development, data export, database search, forensic review, backup restoration, log review, or substantial manual effort, unless prohibited by applicable law or covered by a signed agreement.
11. Privacy Requests for SiteEngine Account Data
If a privacy request relates to personal information SiteEngine controls for its own business purposes, such as account information, billing information, support communications, marketing records, consent records, security logs, or legal records, SiteEngine will evaluate and respond to the request as required by applicable law.
To submit a privacy request, contact privacy@siteengine.io.
SiteEngine may verify your identity and authority before acting on a request.
12. Cookies, LocalStorage, and Similar Technologies
SiteEngine may use cookies, localStorage, pixels, tags, scripts, server logs, analytics tools, advertising tools, security tools, consent tools, and similar technologies.
These technologies may be used for website operation, login, security, fraud prevention, consent management, preference storage, analytics, advertising, conversion tracking, form functionality, troubleshooting, and service improvement.
Where SiteEngine’s consent-management system is deployed, consent choices may be stored in first-party cookies and localStorage and may be refreshed when the applicable policy version, banner version, or consent configuration changes.
13. Retention of Consent and Audit Data
Consent and audit data may be retained for as long as reasonably necessary to support service delivery, compliance, consent verification, privacy requests, advertising workflows, security, troubleshooting, dispute resolution, and legal obligations.
Retention periods may vary by site, customer, configuration, service, jurisdiction, or legal requirement.
Where SiteEngine’s consent-management system is deployed on a customer site, the customer may be responsible for determining the appropriate retention period unless SiteEngine controls that site or otherwise agrees in writing.
14. Subprocessors and Service Providers
SiteEngine may use subprocessors and service providers to provide hosting, backups, DNS, CDN, email delivery, SMS delivery, client portals, payment processing, support, analytics, advertising, security, monitoring, domain services, consent management, development, and professional services.
Subprocessors and service providers may process personal information as needed to provide services to SiteEngine or to SiteEngine customers.
SiteEngine will require subprocessors and service providers to protect personal information under terms appropriate to the services they provide where required by applicable law or contract.
15. International Processing
SiteEngine is based in the United States.
Personal information may be processed in the United States or other countries where SiteEngine, SiteEngine vendors, or customer-selected vendors operate.
If international transfer mechanisms are required by applicable law, the parties will use appropriate transfer mechanisms where required and commercially feasible.
16. Regulated and Sensitive Data
Unless expressly agreed in a signed written agreement, SiteEngine services are not designed for HIPAA-regulated protected health information, full payment card data storage, government classified information, or other highly regulated data.
Customers are responsible for determining whether SiteEngine services are appropriate for the type of personal information they collect, process, transmit, or store.
If a customer intends to process regulated or sensitive data through SiteEngine services, the customer must notify SiteEngine before doing so and obtain any required written agreement or compliance arrangement.
17. Security Measures
SiteEngine uses commercially reasonable administrative, technical, and physical safeguards designed to protect personal information.
Security measures may include access controls, logging, backups, monitoring, encryption where appropriate, password controls, vulnerability response, malware review, rate limiting, and security-focused configuration depending on the service.
No system can be guaranteed secure. Customers remain responsible for securing their own users, passwords, devices, third-party accounts, website content, plugins, themes, and integrations.
18. Customer Instructions
Where SiteEngine acts as a processor, service provider, contractor, or subprocessor, SiteEngine will process personal information according to the customer’s documented instructions unless required otherwise by law, security needs, abuse prevention, or the applicable agreement.
Customer instructions may include support tickets, statements of work, project approvals, configuration requests, written agreements, data-processing agreements, or other documented directions accepted by SiteEngine.
SiteEngine may decline instructions that are unlawful, unsafe, unsupported, technically impractical, inconsistent with SiteEngine policies, or likely to harm SiteEngine, the customer, another customer, or a third party.
19. Deletion, Return, and Export
Upon termination of services, SiteEngine may delete or return customer personal information as required by the applicable agreement and applicable law.
Deletion or return may be subject to backup retention, legal retention, security retention, billing records, dispute records, fraud-prevention records, technical feasibility, and ongoing legitimate business needs.
Data exports, custom reports, database searches, backup restoration, log retrieval, consent-receipt exports, or historical reconstruction may be billable unless prohibited by applicable law or covered by a signed agreement.
20. No Legal Advice
SiteEngine may provide technical implementation services related to privacy notices, cookie notices, consent banners, analytics settings, advertising tools, opt-in language, and data workflows.
SiteEngine does not provide legal advice unless expressly stated in a signed agreement with qualified legal counsel, which SiteEngine does not ordinarily provide.
Customers are responsible for obtaining legal advice regarding privacy laws, cookie laws, consent requirements, advertising rules, SMS rules, email marketing rules, accessibility requirements, and regulated-industry obligations.
21. Changes to This Addendum
SiteEngine may update this Privacy Notice Addendum from time to time. Updated versions will be posted on our website with a revised “Last updated” date.
Your continued use of SiteEngine websites or services after an updated Privacy Notice Addendum is posted means you accept the updated addendum to the extent permitted by law.
22. Contact
SiteEngine Web Services LLC
931 Claeven Circle
Ft. Walton Bch., FL 32541
Okaloosa County
United States
Phone: (850) 368-9833
Support: support@siteengine.io
Privacy: privacy@siteengine.io
Abuse/Security: abuse@siteengine.io
Legal: legal@siteengine.io
