1.    Core Principles

When it comes to your personal information we believe in transparency, not surprises. So before we get into the details, we want to share with you a few of our core privacy principles. First, we don’t sell your personal information to anyone. It’s just not the type of business we’re in. Second, we don’t ask for your personal information unless we need it to provide or improve the Services for you. Third, we don’t share your personal information unless you’ve specifically allowed it, or for the very limited purposes described below. Finally, we appreciate that when you use our Services, you trust us with your information, and we take that responsibility very seriously. This Privacy Policy holds us accountable for protecting your rights and your privacy.

2.    Collection

When you use the Services, we collect the following information, and use it only as described below:

2.4. Communications With Us. When you send us emails or other communications, such as customer support inquiries, we maintain those communications and their contents so that we can resolve your inquiries or otherwise assist you.

2.7. Usage Information. This includes information about your activity on and interaction with the Services, such as your IP address, your device or browser type, the webpage you visited before coming to our sites and identifiers associated with your devices. This information enables us to analyze how the Services are being accessed and used, and to track performance of the Services.

3.    Sharing

When you use the Services, we may share your information only as described below:

3.1. Third Parties You Authorize. You can give third parties access to your and your End Users’ information on the Services. For example, you may wish to integrate Your Sites with a third party newsletter service that requires access to the email addresses you collect from your End Users, in order for that newsletter service to send emails on your behalf and at your direction. Just remember that such third party’s use of this information will be governed by the terms and privacy policies of the third party.

3.2. Following The Law. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to comply with the law, protect our rights or prevent fraud or abuse of Squarespace or our users. When we receive law enforcement or national security requests for information, we strongly believe in privacy and transparency. We scrutinize such requests carefully and challenge vague, overbroad or otherwise unlawful requests. And when legally permitted, we provide our users with notice that their information is being requested. This notice is provided so that you have the opportunity to challenge such requests.

4.    Protection

While no service is completely secure, we have a security team dedicated to keeping your information safe. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities. Payment information is transmitted using HTTPS encryption, and we maintain a PCI DSS certification.

8.    Communications

We may periodically email you service-related announcements. We'll also send you emails related to your transactions. We may also send you marketing or promotional communications, but you can opt out of receiving subsequent marketing or promotional communications by clicking the link marked unsubscribe (or a similar phrasing) that’s included in those communications.

10.    Privacy Shield

10.1. Compliance. Squarespace complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union to the United States (“EU Personal Data”). We’ve certified to the Department of Commerce that we adhere to the Privacy Shield Principles and, assuming our certification is approved, you’ll be able to find it here. You can learn more about Privacy Shield by visiting https://www.privacyshield.gov/.

10.2. Accountability. Our accountability for EU Personal Data we receive under the Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles. In particular, we may use third parties to process data on our behalf as described in this Privacy Policy, and we remain liable if they do so in a manner inconsistent with the Privacy Shield Principles and we're responsible for the event giving rise to the damage.