Annual hosting plans include 2 months free, a free domain, and free migration.

View Hosting Plans β†’

SiteHeros

Start My Website Plan

Data Processing

Data Processing Addendum

This Data Processing Addendum explains how SiteHeros may process personal information, client website data, account data, project data, hosting data, domain data, support data, and related information when providing services.

Last updated: May 13, 2026

1. Company Information

SiteHeros is a brand operated by Good Ground Serves LLC.

Legal business name:
Good Ground Serves LLC

Brand name:
SiteHeros

Business location:
Raleigh, North Carolina, United States

Website:
siteheros.com

Parent/company website:
ggserves.com

General contact:
contact@siteheros.com

Legal contact:
legal@siteheros.com

Hosting support:
diy-support@siteheros.com

Elite Management contact:
elite-management@siteheros.com

2. Purpose of This Addendum

The purpose of this Data Processing Addendum is to describe how SiteHeros may process information while providing services to clients.

SiteHeros provides managed WordPress hosting, domain services, website management, website design, website maintenance, support, add-on services, and Elite Management services.

Because these services may involve access to websites, accounts, databases, files, forms, logs, client portal data, billing records, support records, and project materials, this addendum explains how data may be handled.

This addendum is intended to support transparency, service delivery, privacy compliance, and responsible data processing practices.

3. Scope of Data Processing

This addendum applies when SiteHeros processes information in connection with:

  • Managed WordPress hosting
  • Website migration
  • Website setup
  • Domain services
  • DNS support
  • Client portal access
  • Billing and subscription management
  • Website maintenance
  • Website design
  • Website development
  • Website troubleshooting
  • Website security
  • Website backups
  • Performance optimization
  • Support requests
  • Elite Management services
  • Analytics setup
  • SEO setup
  • Add-on services
  • Development-on-demand services
  • Project-based services
  • Any other SiteHeros service involving client data or website data

This addendum applies to personal information and other data that SiteHeros processes while providing services.

4. Roles of the Parties

Depending on the context, SiteHeros may act as a business, controller, processor, service provider, contractor, or similar role under applicable privacy laws.

In many client website service contexts:

  • The client determines what information is collected through the client’s website.
  • The client determines why that information is collected.
  • The client determines what tools, forms, plugins, integrations, and workflows are used.
  • SiteHeros processes data as needed to provide hosting, support, maintenance, design, management, or technical services.

For SiteHeros account, billing, analytics, marketing, legal, security, and business operations data, SiteHeros may act as the party determining the purpose and means of processing.

The exact role may depend on the service, applicable law, contractual terms, and the type of information involved.

5. Client Responsibilities

Clients are responsible for their own legal, privacy, data protection, accessibility, consumer protection, advertising, regulated-industry, and business compliance obligations.

Clients are responsible for:

  • Determining what personal information their website collects
  • Providing their own privacy policy
  • Providing their own cookie policy where required
  • Providing cookie consent tools where required
  • Providing legally required notices and disclosures
  • Obtaining required consents
  • Responding to visitor, customer, student, patient, donor, member, or user privacy requests
  • Ensuring website forms are lawful and appropriate
  • Ensuring analytics and tracking tools are properly disclosed
  • Ensuring email marketing tools comply with applicable law
  • Ensuring payment, booking, membership, donation, learning, or ecommerce tools comply with applicable law
  • Ensuring regulated data is handled properly
  • Ensuring user permissions are appropriate
  • Providing accurate instructions to SiteHeros
  • Providing only data they are legally permitted to provide
  • Keeping third-party accounts in good standing
  • Reviewing SiteHeros work for business and legal accuracy

Clients should consult qualified legal counsel for privacy, data protection, accessibility, regulated-industry, or compliance questions.

6. SiteHeros Responsibilities

SiteHeros will process information as reasonably necessary to provide services, operate the business, support clients, maintain security, comply with law, and enforce applicable terms.

SiteHeros will use reasonable administrative, technical, and organizational measures designed to protect information processed in connection with services.

SiteHeros will aim to:

  • Limit data access to authorized personnel or providers
  • Use data for service-related purposes
  • Protect login credentials and account access using reasonable practices
  • Use reputable service providers where appropriate
  • Maintain reasonable security practices
  • Respond to client support and data-related questions
  • Assist with reasonable data-related requests where applicable and within scope
  • Maintain business records as needed
  • Comply with applicable legal obligations

SiteHeros is not responsible for a client’s independent privacy practices, website disclosures, business compliance, third-party tool selection, content decisions, or regulated-industry obligations.

7. Categories of Data Processed

SiteHeros may process categories of data including:

  • Client contact information
  • Business information
  • Account information
  • Client portal information
  • Billing and transaction information
  • Hosting account information
  • Domain information
  • DNS records
  • Website files
  • Website databases
  • Website content
  • Website backups
  • Website configuration data
  • WordPress administrator data
  • WordPress user data where applicable
  • Plugin and theme data
  • Form submission data where accessible
  • Support request information
  • Project materials
  • Design assets
  • Brand materials
  • Login credentials or access details provided by clients
  • Security logs
  • Access logs
  • Error logs
  • Performance data
  • Analytics setup information
  • Email communications
  • Technical troubleshooting information
  • Other information reasonably needed to provide services

Not every service involves every type of data.

8. Categories of Data Subjects

Data processed by SiteHeros may relate to:

  • SiteHeros clients
  • Client employees
  • Client contractors
  • Client representatives
  • Client website administrators
  • Client website users
  • Client website visitors
  • Client customers
  • Client members
  • Client donors
  • Client students
  • Client families
  • Client patients where applicable
  • Client leads or prospects
  • SiteHeros account users
  • SiteHeros support contacts
  • Billing contacts
  • Domain registrants
  • Other individuals whose information appears in client-provided materials or client websites

Clients are responsible for determining whether their website collects sensitive or regulated information and whether additional legal safeguards are required.

9. Processing Activities

SiteHeros may process data to:

  • Provide hosting
  • Provision accounts
  • Configure WordPress
  • Manage client portal access
  • Process billing
  • Support domain services
  • Configure DNS
  • Migrate websites
  • Back up websites
  • Restore websites
  • Secure websites
  • Scan for malware or vulnerabilities
  • Monitor uptime or performance
  • Troubleshoot errors
  • Provide support
  • Build or edit pages
  • Upload content
  • Configure plugins and themes
  • Configure analytics
  • Configure forms
  • Configure integrations
  • Perform maintenance
  • Provide Elite Management services
  • Communicate with clients
  • Maintain business records
  • Enforce policies
  • Comply with legal obligations
  • Protect SiteHeros, clients, providers, and users

11. Subprocessors and Third-Party Providers

SiteHeros may use third-party providers and subprocessors to deliver services.

These may include:

  • WPMU DEV / Incsub
  • Stripe
  • Google Analytics
  • Google Tag Manager
  • Google Search Console
  • Google reCAPTCHA where applicable
  • Elementor
  • Envato Elements
  • Astra / Brainstorm Force
  • Ultimate Multisite
  • WordPress.org
  • Automattic-related WordPress ecosystem services where applicable
  • bbPress where applicable
  • Domain registrars and registry providers
  • DNS providers
  • Email providers
  • Hosting, backup, security, analytics, performance, support, and communication tools
  • Contractors, specialists, consultants, and professional advisors where appropriate

Third-party providers may process information as needed to provide their services.

Additional details may be provided in the SiteHeros Third-Party Services Disclosure.

12. Security Measures

SiteHeros uses reasonable security measures designed to protect information.

Security measures may include:

  • Account access controls
  • Password-protected systems
  • Role-based access where appropriate
  • Limited personnel access
  • Secure third-party payment processing
  • Hosting security tools
  • Website security scanning
  • Backup tools
  • Monitoring tools
  • Spam prevention tools
  • Malware detection tools
  • Client portal access controls
  • Internal confidentiality practices
  • Use of reputable third-party providers

No online service, hosting system, website, portal, backup system, or transmission method can be guaranteed to be completely secure.

Clients are responsible for their own account security, website administrator access, passwords, user roles, third-party accounts, and business security practices.

13. Confidentiality

SiteHeros will use reasonable efforts to protect confidential client information.

Confidential information may include login credentials, non-public business information, non-public website information, project materials, technical configurations, private documents, customer data, website files, databases, support communications, security details, and unpublished content.

SiteHeros may disclose confidential information to authorized personnel, service providers, contractors, professional advisors, or legal authorities as reasonably necessary to provide services, operate the business, comply with law, or protect rights and security.

14. Assistance With Privacy Requests

Clients are generally responsible for responding to privacy requests from their own website visitors, customers, users, members, students, donors, patients, or other data subjects.

Where required and within the scope of services, SiteHeros may provide reasonable assistance with privacy requests related to data stored or processed through SiteHeros services.

This may include reasonable assistance with access requests, correction requests, deletion requests, export requests, backup questions, account data questions, website data location questions, and technical implementation questions.

Assistance may be limited by technical feasibility, security requirements, legal requirements, backup limitations, service scope, available tools, verification requirements, and third-party provider limitations.

Additional work outside the included service scope may require separate billing.

15. Data Breach and Security Incident Handling

If SiteHeros becomes aware of a security incident affecting client data, SiteHeros will take reasonable steps to investigate, contain, mitigate, and respond as appropriate.

Security incidents may include unauthorized access, malware, credential compromise, data exposure, website compromise, hosting compromise, unauthorized account activity, security provider alerts, backup or database exposure, or other events that may affect confidentiality, integrity, or availability.

SiteHeros may notify affected clients where required by law, provider obligations, or reasonable business practice.

Clients are responsible for determining whether they have their own legal notification obligations to website visitors, customers, users, regulators, partners, or other third parties.

16. Data Retention and Deletion

SiteHeros retains data as long as reasonably necessary to provide services, operate the business, maintain records, comply with law, resolve disputes, enforce agreements, prevent fraud, maintain security, and satisfy legitimate operational needs.

Retention periods may vary based on service type, account status, billing records, tax requirements, legal obligations, support history, project history, backup retention, security logs, domain records, hosting records, provider rules, and dispute or enforcement needs.

Data may remain in backups, archives, logs, invoices, or business records for a period after account closure or deletion, subject to technical, legal, accounting, security, and operational requirements.

17. International Data Transfers

SiteHeros is operated from the United States.

Data may be transferred to, stored in, or processed in the United States or other countries where SiteHeros, its providers, subprocessors, payment processors, hosting providers, analytics providers, domain providers, or contractors operate.

Clients using SiteHeros from outside the United States are responsible for determining whether their use of SiteHeros services complies with applicable international privacy and data transfer laws.

Where appropriate, third-party provider terms, privacy commitments, data processing terms, or contractual safeguards may apply.

18. Client Website Data

Client websites may collect data through contact forms, quote forms, ecommerce systems, booking systems, membership systems, learning systems, donation systems, analytics tools, comment systems, forums, newsletter signup forms, payment tools, chat tools, embedded third-party tools, plugins, and integrations.

Clients are responsible for determining what data their websites collect and how that data is disclosed, managed, secured, retained, deleted, and used.

SiteHeros may process client website data as needed to provide hosting, backup, maintenance, troubleshooting, design, development, migration, security, performance, and Elite Management services.

19. Sensitive Data and Regulated Data

Clients should not submit, store, or process sensitive or regulated data through SiteHeros services unless the client has confirmed that the service, configuration, legal requirements, and safeguards are appropriate.

Sensitive or regulated data may include health information, financial account information, government identification numbers, student records, child or minor data, biometric data, precise geolocation data, criminal record information, sensitive demographic data, protected legal information, payment card data outside approved payment processor flows, or other data subject to special legal requirements.

SiteHeros does not guarantee that standard hosting, website management, or Elite Management services are appropriate for all regulated data use cases.

Clients with regulated data needs should consult legal counsel and request written review before using SiteHeros for such data.

20. Audits, Reviews, and Documentation

SiteHeros may provide reasonable information about its data processing practices through published policies, support responses, documentation, or written answers where appropriate.

Formal audits, security questionnaires, vendor reviews, custom compliance documentation, or specialized contractual review may require separate agreement, additional fees, or higher service levels.

SiteHeros may decline requests that are unreasonable, overly broad, confidential, security-sensitive, outside scope, or inconsistent with provider obligations.

21. Return or Deletion of Data

Upon cancellation or termination of services, clients are responsible for exporting or requesting needed files, databases, content, records, and materials before service access ends.

SiteHeros may delete, archive, retain, or anonymize data according to service terms, backup retention periods, legal obligations, accounting requirements, security needs, provider rules, operational requirements, and dispute or enforcement needs.

Cancellation of hosting, domains, Elite Management, maintenance, or other services may affect access to website files, databases, backups, logs, client portal tools, managed licenses, support records, and project materials.

Clients should request exports or migration assistance before cancellation where applicable.

22. Changes to This Addendum

SiteHeros may update this Data Processing Addendum from time to time.

Changes may reflect new services, new providers, security updates, legal updates, hosting changes, client portal changes, billing changes, data processing changes, subprocessor changes, and operational updates.

The updated addendum will be posted on the SiteHeros website or otherwise made available.

The β€œLast Updated” date will indicate when the addendum was most recently revised.

23. Contact Information

For questions about this Data Processing Addendum, contact:

Good Ground Serves LLC
SiteHeros
Raleigh, North Carolina
Website: siteheros.com

General contact:
contact@siteheros.com

Legal and privacy contact:
legal@siteheros.com

Hosting support:
diy-support@siteheros.com

Elite Management services:
elite-management@siteheros.com

Important Notice

This Data Processing Addendum is intended to provide a strong data processing framework for SiteHeros services. It is not legal advice. Good Ground Serves LLC should have this addendum reviewed by qualified legal counsel before publishing it or relying on it as a final legal document.