Effective Date: December 13, 2022

Thanks for visiting Squarespace! Squarespace (“Squarespace”, “we”, “us” or “our”) respects your privacy. When it comes to your personal information, we believe in transparency, not surprises. That’s why we’ve set out here what personal information we collect, what we do with it and your choices and rights.

By using any of Squarespace’s Services, you confirm you have agreed to the Terms of Service and read and understood this Privacy Policy and our Cookie Policy.

Certain jurisdictions require us to provide you with specific additional information. Please see this page for such additional information if you are in: (I) California; or (II) Virginia

1. Some key terms

In our Privacy Policy, when we refer to “Users”, we mean our customers who use our Services, including visitors to our sites. We explain who we are in the “Who is Squarespace?” section below. The users, visitors and customers of, our Users’ sites are “End Users”. Any other capitalized terms not defined in this Privacy Policy have the meanings in our Terms of Service.

2. How does this Privacy Policy apply?

This Privacy Policy describes what we do with personal information that we collect and use for our own purposes (i.e., where we are a controller), such as your account information and information about how you use and interact with our Services, including information you submit to our customer support as well as certain information relating to your End Users. This Privacy Policy does not apply to personal information of our employees or job applicants (except to the extent employees or job applicants are Users).

We use cookies and similar technologies. Our Cookie Policy describes what we do in that regard.

With respect to personal information in Squarespace’s possession, we play a few different roles under global data privacy laws. In order to understand your and Squarespace’s obligations, it’s important to understand the difference between Squarespace Controlled PI and User Controlled PI. 

If you are an End User of one of our User’s sites and want to know how a User handles your information, you should check the site's privacy policy, if applicable. If you want to know about what we do with Squarespace Controlled PI for our own purposes, read on.

3. Personal information we collect

We collect various personal information regarding you or your device. This includes the following:

4. How we collect personal information

We obtain personal information from various sources. We do this in three main ways:

We’ve described this in more detail below.

a. Personal information you provide

When you use our Services, we collect information from you in a number of ways.  For instance, we ask you to provide your name and email address to register and manage your Account. We also maintain your marketing preferences and the emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums. You might also provide us with information in other ways, including by responding to surveys, submitting a form or participating in contests or similar promotions.

Sometimes we require you to provide us with information for contractual or legal reasons. For example: (i) when you register or transfer a domain name through the Services, in order to comply with ICANN, registry, ccTLD or registrar policies, we collect your domain registration information; or (ii) we may ask you to provide a mailing address and/or select your jurisdiction when you sign up for Paid Services to determine if, and how much, tax we need to collect from you. We’ll normally let you know when information is required, and the consequences of failing to provide it. If you do not provide personal information when requested, you may not be able to use our Services if that information is necessary to provide you with the service or if we are legally required to collect it.

b. Personal information obtained from your use of our Services

When you use our Services, we collect information about your activity on and interaction with the Services, such as your IP address(es), your device and browser type, the web page you visited before coming to our sites, what pages on our sites you visit and for how long and identifiers associated with your devices. If you’ve given us permission through your device settings, we may collect your location information in our mobile apps.

If you are an End User of our Users’ sites, we also get information about your interactions with their sites, though we use this in anonymous, aggregated or pseudonymized form which does not identify you directly. We use this data to evaluate, provide, protect or improve our Services (including by developing new products and services).

Some of this information is collected automatically using cookies and similar technologies when you use our Services and our Users’ sites. We let our Users control what cookies and similar technologies are used through their sites (except those we need to use to properly provide the Services, such as for performance or security related reasons). You can read more about our use of cookies in our Cookie Policy. Some of this information is similarly collected automatically through your browser or from your device.

c. Personal information obtained from other sources

If you use a Third Party Service (such as Google) to register for an Account, the Third Party Service may provide us with your Third Party Service account information on your behalf, such as your name and email address (we don’t collect or store passwords you use to access Third Party Services). Your privacy settings on the Third Party Service normally control what they share with us. Make sure you are comfortable with what they share by reviewing their privacy policies and, if necessary, modifying your privacy settings directly on the Third Party Service.

If you sign up for Paid Services directly with us, we obtain limited information about your payment card from our payment processor, such as the last four digits, the country of issuance and the expiration date. Currently, our payment processor is Stripe. Stripe uses and processes your complete payment information in accordance with Stripe’s privacy policy. This paragraph is not applicable if you sign up for Paid Services as an in-app purchase via a mobile app store. Please see Google's privacy policy and Apple's privacy policy for information about how they use and process your payment information. 

5. How we use your personal information

We use the personal information we obtain about you for the following purposes:

We process your personal information for the above purposes when:

6. How we share your personal information

We share personal information in the following ways:

7. Your rights and choices

Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete personal information.

You can access, update, change or delete personal information (or that of your End Users) either directly in your Account or by contacting us at [email protected] to submit your request. You can also delete your account by following the instructions in this support guide. Please note that we may need to verify your identity in connection with your requests, and such verification process may, if you do not have access to your Account, require you to provide us with additional information we maintain about you to verify your identity. Even if you have access to your Account, we may request additional information if we believe it’s necessary to verify your identity. If we are unable to verify your identity or request, we may not, in accordance with applicable law, be able to fulfill your request.

You can also elect not to receive marketing communications by changing your preferences in your Account or by following the unsubscribe instructions in such communications.

Please note that, for technical reasons, there is likely to be a delay in deleting your personal information from our systems when you ask us to delete it. We also will retain personal information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.

You may have the right to restrict or object to the processing of your personal information or to exercise a right to data portability under applicable law. You also may have the right to lodge a complaint with a competent supervisory authority, subject to applicable law. If you are subject to EU data protection laws, we suggest you lodge any such complaints with our lead supervisory authority:

Irish Data Protection Commissioner
Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28 
Ireland
Phone 01 7650100 & 1800437 737
Email: [email protected]

If you are a resident of the United Kingdom (the “UK”) or otherwise subject to UK data protection laws, you may lodge such complaints with the UK supervisory authority:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF United Kingdom, Phone 0303 123 1113, Live Chat

Additionally, if we rely on consent for the processing of your personal information, you have the right to withdraw it at any time and free of charge. When you do so, this will not affect the lawfulness of the processing before your consent withdrawal.

Our Cookie Policy explains how you can manage cookies and similar technologies.

If you are an End User of one of our User’s sites, you should contact them to exercise your rights with respect to any information they hold about you.

8. How we protect your personal information

While no service is completely secure, we have a security team dedicated to keeping personal information safe. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing, of the personal information in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities.

9. How we retain your personal information

We retain personal information regarding you or your use of the Services for as long as your Account is active or for as long as needed to provide you or our Users with the Services. We also retain personal information for as long as necessary to achieve the purposes described in this Privacy Policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements and to protect our and others’ interests.  

The precise periods for which we keep your personal information vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter, whether the personal information has been aggregated or pseudonymized, and other relevant criteria. For example, the period we keep your email address is connected to how long your Account is active, while the period for which we keep a support message is based on how long has passed since the last submission in the thread.

As Users may have a seasonal site or come back to us after an Account becomes inactive, we don’t immediately delete your personal information when your trial expires or you cancel all Paid Services. Instead, we keep your personal information for a reasonable period of time, so it will be there for you if you come back.

You may delete your Account by following the instructions in this support guide and/or contacting us at [email protected] and Squarespace will delete the personal information it holds about you (unless we need to retain it for the purposes set out in this Privacy Policy).

Please note that in the course of providing the Services, we collect and maintain aggregated, anonymized or de-personalized information which we may retain indefinitely.

10. Data transfers

Personal information that you submit through the Services may be transferred to countries other than where you live, such as, for example, to our servers in the U.S. We also store personal information locally on the devices you use to access the Services.

Your personal information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information. For example, data we store may be accessible to law enforcement and national security authorities under certain circumstances.

We rely upon a number of means to transfer personal information which is subject to: (a) the European General Data Protection Regulation (“GDPR”) in accordance with Chapter V of the GDPR; or (b) applicable UK data privacy laws in accordance therewith. These include:

You can find out more information about these transfer mechanisms here or you can request a copy from us. 

11. Privacy Shield

While Squarespace no longer relies upon the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each individually and jointly, the “Privacy Shield”) to provide a legal basis for transfers to the US, Squarespace, Inc. has certified its compliance to the Privacy Shield, which continues to apply. Squarespace, Inc. 

Squarespace is committed to treating personal information received from the European Economic Area, Switzerland and the United Kingdom pursuant to the Privacy Shield in accordance with the applicable Principles. You can find our certification here and you can learn more about the Privacy Shield and Principles by visiting https://www.privacyshield.gov/.

Our accountability for personal information we receive and subsequently transfer to a third party is described in the Privacy Shield Principles. In particular, we may use third parties to process data on our behalf as described in this Privacy Policy, and we remain liable if they do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

If you have a question or complaint you believe to be within the scope of our Privacy Shield certification, please contact us first at [email protected], or using the contact details in the “How to contact us” section below. We'll respond within 45 days.

For any complaints that we can’t resolve directly, JAMS is the independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance. You can contact JAMS free of charge at https://www.jamsadr.com/eu-us-privacy-shield. JAMS is an alternative dispute resolution provider based in the U.S.

If your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under the Privacy Shield Principles. For purposes of enforcing compliance with the Privacy Shield, Squarespace, Inc. is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.

Nothing in Privacy Shield affects your rights as a data subject under any European Commission approved standard data protection clauses we use for transfers to the US.

12. End Users’ personal information

Our Users who have created a site using Squarespace are responsible for what they do with the personal information they collect, directly or through Squarespace, about their End Users.  This Section 12 is directed to such Users.

a. Your relationship with End Users

If you’re one of our Users, you will collect personal information about your End Users. For example, during checkout you may ask your End Users to provide their name, address, email address and payment information so that you can complete their orders. You may also use cookies and similar technologies to analyze usage and other trends.

You're solely responsible for complying with any laws and regulations that apply to your collection and use of your End Users’ information, including personal information you collect about them from us or using Squarespace functionality or cookies or similar technologies. Please be aware that you and Squarespace may be independent controllers of some data (“Independently Controlled Data”). Independently Controlled Data includes data related to your End Users’ interactions with Your Site such as IP address, device/browser details, web pages visited prior to coming to Your Site and browsing activity on Your Site. Independently Controlled Data may be collected by the Services through an End User’s browser and technologies like cookies. Note that Independently Controlled Data is both Squarespace Controlled PI and User Controlled PI. 

You must publish your own privacy and cookie policies and comply with them.

We’re not liable for your relationship with your End Users or how you collect and use personal information about them (even if you collect it from us or using Squarespace functionality or cookies or similar technologies) and we won’t provide you with any legal advice regarding such matters.

b. End User payment information

Your End Users’ payment information may be processed via third party eCommerce Payment Processors with which you integrate your Account, in accordance with such eCommerce Payment Processors’ terms and policies. We transmit your End Users’ complete payment information when they initially provide or update it only so that we can pass it along to the eCommerce Payment Processors you agree to use. We don’t collect or store your End Users’ payment information.

13. Updates to this Privacy Policy

We’ll update this Privacy Policy from time to time to reflect changes in technology, law, our business operations or any other reason we determine is necessary or appropriate. When we make changes, we’ll update the “Effective Date” at the top of the Privacy Policy and post it on our sites. If we make material changes to it or the ways we process personal information, we’ll notify you (by, for example, prominently posting a notice of the changes on our sites before they take effect or directly sending you a notification).

We encourage you to check back periodically to review this Privacy Policy for any changes since your last visit.  This will help ensure you better understand your relationship with us, including the ways we process your personal information.

14. Who is Squarespace?

When we say “Squarespace” (or “we”, “us” or “our”), we mean: (a) Squarespace, Inc. if you are a resident of or have your principal place of business in the United States of America or any of its territories or possessions (the “US”); or (b) Squarespace Ireland Limited, in any other case.

If your place of residence or principal place of business changes, the Squarespace entity that controls your personal information will be determined by your new residence or principal place of business from the date it changes.

15. How to contact us

If you have questions, comments or complaints about this Privacy Policy or our privacy practices or if you would like to exercise your rights and choices, please email us at [email protected], or write to us at the addresses below:

If you are a resident of or have your principal place of business in the US:
Squarespace, Inc.
Attention: Legal - Privacy
225 Varick Street, 12th Floor
New York, NY 10014 United States

If you are a resident of or have your principal place of business anywhere other than the US:

Squarespace Ireland Limited
Attention: Legal - Privacy
Squarespace House
Ship Street Great
Dublin 8, D08N12C
Ireland

If you are a resident of or have your principal place of business in the UK, you may prefer to write to Squarespace UK Limited, Attention: Legal - Privacy, 10 John Street, London, WC1N 2EB United Kingdom.