Our commitment to safeguarding your data with industry-leading security practices.
SiteSinc ("we," "us," "our") is committed to protecting your data in compliance with GDPR, UK GDPR, and other applicable data protection laws. This Data Protection Policy outlines our practices for securing your personal data and Content while using our document hosting, RFI, and forms platform.
All data is stored in secure data centers in Frankfurt, Germany, ensuring compliance with EU data protection standards. We implement industry-standard measures, including:
In the event of a data breach, we will:
You are responsible for:
We use third-party subprocessors to deliver the Service. All subprocessors are bound by GDPR/UK GDPR-compliant data processing agreements. Key subprocessors include:
International transfers to subprocessors outside the UK use Standard Contractual Clauses and, where required, the UK IDTA or UK Addendum. For the full subprocessor register or a copy of our DPA, email support@sitesinc.co.uk or dpo@sitesinc.co.uk, or visit /legal/subprocessors and /legal/dpa.
SiteSinc offers optional per-user Microsoft 365 integrations. Your organisation's administrator controls whether users may connect a personal Outlook mailbox. These features are separate from the shared Project Mailbox.
We retain your data for the duration of your account’s active term, subject to the 50GB limit for "unlimited" plans. Project Assistant conversations are retained until you delete them or your account is terminated. Personal Outlook mailbox data is retained while your connection is active; disconnecting and deleting synced data removes indexed mail and follow-up suggestions from SiteSinc. OneDrive / SharePoint OAuth tokens are removed on disconnect; imported files remain in SiteSinc as project content until you delete them. Upon account termination, data may be deleted after 30 days unless required by law to retain longer.
You have the right to access, correct, delete, or restrict the processing of your data. To exercise these rights, contact our Data Protection Officer at dpo@sitesinc.co.uk. We will respond within 30 days.