Privacy Policy

Last updated: April 1, 2026

1. Information We Collect

When you use our services, we may collect the following types of information:

  • Contact Information: Name, email address, phone number, and business name provided through our intake forms and onboarding questionnaire.
  • Project Information: Website preferences, design choices, content, and other details you share during the project process.
  • Analytics Data: If you connect your Google Analytics account through our client portal, we access read-only analytics data (sessions, users, pageviews, top pages) to inform your website design. We never modify your analytics data.
  • Usage Data: Pages visited, browser type, and general interaction data collected through standard analytics tools.
  • Payment Information: Processed securely through Stripe. We do not store your credit card details on our servers.

2. How We Use Your Information

  • To design and develop your website
  • To analyze your visitor traffic patterns and create data-driven designs
  • To communicate with you about your project via our client portal
  • To process payments and manage your account
  • To improve our services and user experience
  • To send project updates, invoices, and important service notifications

3. Google Analytics Integration

Our client portal allows you to connect your Google Analytics account using Google's secure OAuth 2.0 protocol. When you connect:

  • We request read-only access to your analytics data
  • We access only aggregate metrics (sessions, users, pageviews, average session duration) and top-performing pages
  • We never modify, delete, or write to your analytics data
  • You can disconnect your analytics account at any time from your client portal
  • Upon disconnection, all stored access tokens are immediately deleted from our systems

4. Data Sharing

We do not sell, rent, or share your personal information with third parties except:

  • Service Providers: We use trusted third-party services (Stripe for payments, Google APIs for analytics) that process data on our behalf under strict confidentiality agreements.
  • Legal Requirements: When required by law, regulation, or legal process.

5. Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS/TLS), secure token storage, and access controls. However, no method of electronic transmission or storage is 100% secure.

6. Data Retention

We retain your project data for the duration of our business relationship and for a reasonable period afterward for record-keeping. Analytics tokens are stored only while your Google Analytics account is connected and are deleted upon disconnection.

7. Your Rights

You have the right to:

  • Access and review your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Disconnect third-party integrations at any time
  • Opt out of non-essential communications

8. Cookies

We use essential cookies for authentication and session management in our client portal. We also use Google Analytics to understand how visitors use our marketing website. You can control cookie preferences through your browser settings.

9. AI Transparency & Third-Party AI Services

Covenant Sites integrates with Anthropic's Claude API to power the following AI-driven features:

  • AI Customer Service Chat Agents: Our optional AI chat widget provides 24/7 customer support for client websites, handling visitor inquiries and capturing leads.
  • Internal Business Automation: Our backend AI agent (Enoch) assists with prospect research, proposal drafting, email classification, and meeting preparation.

Data Separation

Google Analytics data accessed via OAuth is used exclusively for displaying analytics within our client dashboard. This data is never sent to, processed by, or shared with Anthropic's Claude API or any other AI service. The AI integration and Google Analytics integration operate as completely separate systems.

AI Data Handling

  • Chat conversations are processed by Anthropic's Claude API in real-time and are not stored by Anthropic beyond the API request
  • We do not use customer data to train or fine-tune any AI models
  • AI-generated content (proposals, email drafts) is always reviewed by a human before being sent to clients
  • You may opt out of AI-powered features at any time by contacting us

10. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at hello@covenantsites.com.

View Terms of Service →