Privacy Policy
Last updated: 04 July 2026
Note: This privacy policy is a draft and must be reviewed by a legal professional before going live, especially before enabling payments, AI processing, analytics, or database storage.
1. Who operates this website
SiteBriefly is operated by Mihail Carbune Digital Solutions, Owner: Mihail Carbune, St.-Georgen Str. 45, 75175 Pforzheim, Germany. Contact details are listed in the Legal Notice (Impressum).
2. What data may be collected
SiteBriefly is designed to collect as little data as possible. Depending on how you use the service, the following data may be processed:
- Data you enter into the client brief form (stored locally in demo mode; stored in the database when using a real brief link)
- Freelancer details when creating a brief (name, email, project name, client name) — stored in the database
- Basic server logs (IP address, browser type, pages visited) — standard hosting logs
- Payment information — handled by a third-party payment provider (future)
- Email address — if you contact us directly
3. Demo mode, localStorage, and database storage
In demo mode (/en/brief/demo), form data is stored exclusively in your browser's localStorage and is not transmitted to any server.
- When you use a real brief link (/en/b/[token]), your answers are securely stored in a database (Supabase). This data is used only to create and display the website brief.
- No AI processing takes place. No payment processing takes place. No analytics are collected.
- Please do not enter sensitive personal data, passwords, payment details, or confidential access credentials into the form.
4. Third-party service providers
Hosting provider: IONOS. The hosting provider may process standard server log data. Please refer to their privacy policy for details.
- Payment provider (future): Stripe. When payments are enabled, payment data will be processed by the payment provider. SiteBriefly will not store payment card details.
- AI provider (future): OpenAI. If AI-assisted brief generation is enabled, form data may be sent to an AI provider for processing. This will be disclosed clearly before use.
- Analytics: No analytics service is used in the current MVP. No tracking data is collected.
5. Purpose of processing
Data is processed for the following purposes:
- To provide the website brief generation service
- To process payments (when enabled)
- To respond to support or business inquiries
- To maintain and improve the service
- The legal basis for processing is Article 6(1)(b) GDPR (performance of a contract) and Article 6(1)(f) GDPR (legitimate interests).
6. Data retention
Demo form data is stored exclusively in the browser and not transmitted to servers. Brief data submitted via real brief links is stored in the database for up to 30 days (the validity period of the brief link). Server logs are retained according to the hosting provider's standard policies. Payment records are retained as required by applicable law.
7. Your rights under GDPR
As a person in the EU/EEA, you have the following rights regarding your personal data:
- Right of access — You can request a copy of the data we hold about you.
- Right to rectification — You can request correction of inaccurate data.
- Right to erasure — You can request deletion of your personal data.
- Right to restriction — You can request that we limit how we use your data.
- Right to data portability — You can request your data in a portable format.
- Right to object — You can object to processing based on legitimate interests.
- Right to lodge a complaint — You can complain to your national data protection authority.
8. Contact for data requests
To exercise any of your rights or to request deletion of your data, please contact us at: legal@sitebriefly.com. We will respond within 30 days as required by GDPR.
9. Safety note
Please do not enter sensitive personal data, passwords, payment details, or confidential access credentials into the client form.