SiteTac

Privacy Policy

Last updated July 17, 2026

This policy explains what SiteTac collects and how it is used, both for dealers who run their business on the platform and for shoppers who visit dealer storefronts we host.

What we collect

  • Dealer account data: name, email, phone, business details, and — for licensed dealers — license information you provide or that appears in the public ATF Federal Firearms Licensee listing.
  • Storefront customer data, on dealers’ behalf:when a shopper places an order on a dealer’s storefront, we process the order details (name, contact info, items, fulfillment choice) as the dealer’s service provider. The dealer is the merchant of record; their own privacy practices also apply.
  • Payment data:handled by payment processors (such as Stripe, or the dealer’s own gateway). Full card numbers never touch SiteTac servers.
  • Usage data: logs and diagnostics needed to run and secure the Service.

How we use it

To operate, secure, and improve the Service: hosting storefronts, processing orders for dealers, billing subscriptions, registering domains, verifying dealer accounts, sending transactional email, and support. We do not sell personal information.

Service providers

We use a small set of processors to run the platform — currently including Stripe (billing), Clerk (authentication), Vercel (hosting, domains, DNS), Neon (database), Postmark (transactional email), Twilio (verification codes), and Google (product-copy generation). Each receives only what its function requires.

Text messages

We send SMS for one purpose: one-time account verification codes that a signed-in dealer explicitly requests. Phone numbers collected for verification, and text messaging originator opt-in data and consent, are not shared with any third parties or affiliates for marketing or promotional purposes. Reply STOP to opt out or HELP for help at any time. See our SMS opt-in policy.

Retention and your choices

We keep data while your account is active and as needed for legal and bookkeeping obligations, then delete or de-identify it. Dealers can export their data and transfer their domains out at any time. To access, correct, or delete personal information, email info@sitetac.com — shoppers should contact the dealer they bought from first, since the dealer is the merchant of record, and we assist dealers in honoring those requests.

Security and changes

Credentials and sensitive integrations are encrypted at rest, access is scoped, and traffic is encrypted in transit. No system is perfectly secure, but we treat your business data like the livelihood it is. We may update this policy; material changes will be announced through the dashboard or by email.