Last updated: November 2, 2025
This Privacy Policy explains how SiteSpeedFix (“we,” “us,” “our”) handles personal information when you visit sitespeedfix.com (the “Site”) and when you use our performance consulting and optimization services (the “Services”).
Who we are and scope:
SiteSpeedFix is the controller for personal information collected through the Site and our own marketing and operations. For client data we access to deliver Services, we act only as a processor/service provider on the client’s instructions. This Policy covers the Site and our Services. If a signed Data Processing Addendum (DPA) applies, it controls for the processing it covers.
Information we collect:
Information you provide (for example contact details, account or portal details, project materials you share, and billing details handled by our payment processors; we do not store full card numbers). Information collected automatically (for example IP address, device and usage data, cookies, logs). Information from third parties (for example payment processors, analytics or performance tools, partners and referrals, and public business sources). We do not intentionally collect sensitive personal information via the Site.
How we use information:
Provide Services and support; operate and secure the Site; communicate with you; process payments and maintain accounting records; improve the Site and Services; comply with law and enforce our agreements. Where the GDPR/UK GDPR applies, our legal bases are contract, legitimate interests, consent for optional cookies/marketing, and legal obligation.
Cookies and tracking:
We use essential, analytics/performance, and functional cookies. If advertising or retargeting is enabled, it is optional and will be subject to consent where required. You can manage cookies in your browser, through any cookie settings link we provide, and via Global Privacy Control (GPC). We do not sell personal information. We do not share personal information for cross‑context behavioral advertising unless you opt in.
How we disclose information:
We disclose personal information to vendors and sub‑processors under contract (hosting/CDN, infrastructure, analytics, diagnostics, project tools, payment processing, communications), payment processors, professional advisors, potential acquirers in connection with business transfers, and to comply with law or protect rights and safety. Vendors are not permitted to use personal information for their own independent marketing.
International transfers:
We are based in the United States. If you access the Site from the EEA/UK or other regions, your information may be transferred to the United States and other countries with different data protection laws. Where required, we use safeguards such as Standard Contractual Clauses and supplementary measures.
Security:
We use administrative, technical, and physical safeguards designed to protect personal information, including access controls, multi‑factor authentication, encryption in transit (and at rest where supported), logging and monitoring, and vendor reviews. No method is 100% secure. If a breach affects your personal information, we will notify you as required by law.
Retention:
We keep personal information only as long as needed for the purposes above and to meet legal obligations. Typical periods include marketing leads and inquiries for about 24 months after the last interaction, client and project files for the project term plus a reasonable archival period (for example 3 to 5 years), and invoices and accounting records for up to 7 years. We may retain anonymized or aggregated data.
Your rights:
Depending on your location, you may request access, deletion, correction, portability, restriction or objection, and you may withdraw consent where applicable. In the United States, you may also opt out of sale and sharing for cross‑context behavioral advertising (if applicable) and you have a right to non‑discrimination. In the EEA/UK you may also lodge a complaint with a supervisory authority. To exercise rights, email [email protected] with your request and your region. We will verify your identity (and any agent’s authority) and respond within required timelines. To appeal a decision where available, reply “Appeal.”
Children:
The Site and Services are not intended for children under 13 (or under 16 where applicable). We do not knowingly collect children’s data. Contact us if you believe a child has provided personal information and we will delete it where required.
Third‑party links:
The Site may link to third‑party sites or services. Their privacy practices are governed by their own policies.
Role clarification:
Controller for Site and our own operations. Processor/service provider for client data handled during engagements. A DPA with SCCs is available on request.
Sub‑processors and key service providers (illustrative):
Hosting/CDN and infrastructure; analytics and diagnostics; collaboration and project management; payments and accounting (for example Stripe); communications. We maintain a current list on request.
Your choices:
Email preferences can be managed using unsubscribe links or by contacting us. Cookies can be managed via any cookie settings link, your browser, or GPC. Clients may revoke our access to their systems at any time; we will follow off‑boarding instructions.
Changes:
We may update this Policy. The “Last updated” date will change. Material updates will be posted on the Site or otherwise communicated where required. Continued use of the Site or Services after an update means you accept the updated Policy.
Contact:
SiteSpeedFix — Privacy Team
Email: [email protected]
California notice at collection (CPRA):
Categories collected may include identifiers (name, email, IP), internet/technical information (usage, device), commercial information (transactions), professional information (role, company), and limited inferences. We do not intentionally collect sensitive personal information via the Site. Purposes: see “How we use information.” Retention: see “Retention.” Sale/sharing: we do not sell personal information and do not share it for cross‑context behavioral advertising unless you opt in. Rights and non‑discrimination: see “Your rights.” To exercise CPRA choices, use a “Do Not Sell or Share My Personal Information” link if present or email [email protected].
Conflict of terms:
If this Policy conflicts with a signed agreement between you and SiteSpeedFix, that agreement controls for the Services it covers.