Trust

Last updated: April 23, 2026

Your website is yours. Your data is yours. Your domain is yours. We are a thin layer between your files and your visitors, and every decision below is made to keep it that way, even if we disappeared tomorrow.

Every claim on this page is measurable on our live durability page: total sites backed up, latest restore-test outcome, and your own account's backup state if you are signed in.

Where your data lives

Your files

Kept with Cloudflare, the same company a large share of the world's biggest websites rely on. Files uploaded from the EU are stored in the EU, and served to your visitors from whichever Cloudflare location is closest to them, for speed.

A second copy in your own Google Drive

Every time you publish a new version, we also save the files to a WhatImade folder inside your own Google Drive. You can open it, download it, or revoke our access any time from your Google account. We request the narrowest possible permission (drive.file), which only lets us read files we created ourselves. We cannot see, list, or touch anything else in your Drive.

A compressed archive copy, ours to hold

We also keep a single compressed copy of your current site at Cloudflare, refreshed on every publish. You can download it as a zip (a folder bundled into one downloadable file) from the dashboard at any time. On the 1st of every month we pick one site at random, unpack its copy, and check the result still opens as a real webpage. The outcome is published on the durability page.

Your account and basic information about each site

Kept in a small database at Cloudflare: one entry per site, one entry each time you publish a new version, one entry each time a visitor loads one of your pages.

What keeps you signed in

A small, temporary record at Cloudflare that remembers your session. It clears itself after 7 days of you not using it, and we delete it immediately the moment you sign out.

Payment details (for domain purchases)

Handled entirely by Stripe, the payment processor most online shops use. Your card number is never seen by us. We only keep a reference number for the transaction and the amount paid.

Who can see it

You, through the dashboard. Your site's visitors, when they open your site's address in their browser (unless you have password-protected it). Us, only when investigating a specific operational issue you have reported, or a specific abuse report. Every internal access is logged and auditable.

We do not train AI models on your content. We do not sell, rent, or share your data with advertisers or data brokers. We do not allow outside companies to scoop up your pages to train their own AI: the usual signal the big AI crawlers respect is set to "no" across every site we host, and our Terms of Service now prohibit bulk scraping outright.

On your Google Drive: we only ever write into the WhatImade folder we create. The permission we request (drive.file) does not let us read, list, or open anything else. If you revoke access, we lose the ability to write new backups, and your existing folder stays in your Drive untouched.

Domain names

Registered in your own name, not ours

Any domain you buy through us is registered with Cloudflare under your name, address, and email, from the billing details you provide at checkout. We do not register domains to ourselves and hand you a pointer; you are the registrant of record from the first day. If we ever disappeared, your domain stays with you, you can transfer it to any other registrar, and no step in that transfer depends on us.

How to delete your data

Delete one site

In your dashboard, open the site, then Settings, then Delete. We send a confirmation email to the address on your account. Clicking the link schedules deletion for 7 days later; during that week, you can undo with one click from the site page. After the 7 days, the files, deploy history, and archive copy we hold are removed.

The copy in your own Google Drive is not touched. The permission we hold does not let us delete from your Drive, and intentionally so. If you want that copy gone too, you delete the folder yourself from Drive.

Delete your entire account

Email support@whatimade.app from your registered address with "Delete my account" in the subject. We confirm within 24 hours and complete deletion within 30 days, per GDPR. All sites, all files, all records on our side. The Drive backups in your own Google account remain entirely yours.

Export your data before deleting

Three easy ways. One, download the current version of any site as a zip straight from the site's page in the dashboard. Two, open the folder in your own Google Drive; every published version is there. Three, Account → Download my data gives you a single JSON file with your profile and every site's metadata.

Third parties that see some of your data

We try to keep the list short. As of today:

Cloudflare is the company whose network and storage we run on. They see every visit to every site, as any hosting company would. They are also our domain registrar and our email-sending provider's upstream DNS.
Google Fonts provides the typefaces used on our own pages at whatimade.app. When those pages load, Google sees the visitor's approximate location, the same as any website using Google Fonts. Your own sites do not use Google Fonts unless you add them yourself.
Google confirms it is really you when you use "Sign in with Google". If you connect Drive backup, Google also stores the files we upload into your own Drive; we do not send them anywhere else.
Stripe handles any domain purchases. Card details never touch our systems.
Resend delivers transactional email such as delete-confirmation messages. They see your email address and the message body, which we keep short and factual.

What we do with law enforcement requests

We comply with valid legal orders issued by UK or EU courts. We do not voluntarily share data without a legal order. We publish a summary of requests we receive in an annual transparency report, starting in 2027.

We will challenge overbroad requests where we have standing. We will notify the affected user unless a gag order forbids it.

What happens if we are acquired or shut down

Your data does not transfer automatically. If we were ever sold or shut the service down, we commit to: (1) telling every user at least 60 days in advance, and (2) honouring deletion requests during the transition. Beyond those two commitments, two structural safeguards apply by design, without anything you need to do:

The Google Drive backup in your own account continues to work regardless of what happens to us. The files are in your drive; our going away does not remove them.
Any domain you bought through us was registered in your own name with Cloudflare from day one, so it stays with you. No consent from us is needed for you to transfer it elsewhere.

How we keep things safe

Every page of every site we host loads over an encrypted connection, the same kind your bank uses. The padlock in the address bar is always on, always free.
If you password-protect a site, the password is scrambled before being stored, using a technique that makes it extremely costly for anyone to guess, even with the database in hand.
The Google OAuth refresh token that lets us write to your Drive is encrypted at rest with AES-256-GCM before being stored. Rotating our master key invalidates every stored token and forces every user to reconnect.
If you ever create a special access key for your own tools to talk to us, we do not keep the key itself. We keep a one-way scrambled copy. The full key is shown to you exactly once, at creation. If you lose it, you delete it and make a new one.
Your sign-in is protected from the kinds of cross-site tricks attackers sometimes use against other websites. The browser is told to hand our sign-in token back to us and nobody else, only on our own address, only over the encrypted connection.
When Stripe tells us a payment went through, we check the message is genuinely from Stripe before acting on it, and we refuse the same message twice.
Every tool and form that acts on your account checks that the request really is from you. Customers cannot see or touch each other's data, and we test this regularly.
We cap how many requests any one visitor, signed-in user, or access key can make per minute. This stops runaway scripts and stops anyone from hammering the service.

A narrow check on anonymous uploads

When someone uploads a site without making an account, we run one small automated check for obvious bad things: known viruses and pages that copy a familiar login screen in order to trick people into handing over their password. This is only to stop the free, no-account side of the service from being turned into a scam-page factory. If you have an account, your uploads are not scanned. More detail is in our Privacy Policy.

Who we are

WhatIMade is a trading name of G2G Advisory Ltd, registered in England & Wales. Our registered address and company number are available on request at support@whatimade.app.

Questions?

If anything on this page is unclear or you have specific concerns about how we handle your data, email support@whatimade.app. A human responds. We answer most emails within one business day. For live numbers on backup coverage and the latest restore-test outcome, see the durability page.