Wellsite

Legal

Privacy Policy

Effective July 14, 2026

Wellsite (“we,” “our,” or “us”) operates the Wellsite platform at wellsite.com, the app at app.wellsite.com, and the MCP server at mcp.wellsite.com. This policy explains what information we collect, why we collect it, and how we protect it. We've written it in plain English on purpose — if something is unclear, email us at support@wellsite.com.

1. Information we collect

We collect the minimum information needed to run the service:

Account information

  • Name and email address — provided when you sign up.
  • Phone number — only if you opt in to SMS alerts.
  • Subscription status — whether you are on a Free or Premium plan.

Usage data

  • Queries and tool calls made through the Wellsite MCP server or the app.
  • Feature usage patterns — e.g. which tools you call most often.
  • Alert configurations you create.

Payment information

Payments are processed by Stripe. We never see or store your full card number, CVC, or banking details — Stripe handles that directly. We do store your Stripe customer ID and subscription status so we can manage your plan.

Technical information

  • IP address and approximate location.
  • Browser type and operating system.
  • Session cookies used to keep you logged in (see Section 6).
  • Server-side logs (requests, errors, latency).

2. How we use your information

We use your information to:

  • Provide and operate the Wellsite platform — answering queries, running MCP tool calls, delivering data.
  • Send transactional emails (signup confirmation, password reset, billing receipts).
  • Send SMS notifications for alerts you explicitly configure — only if you opt in.
  • Process payments and manage your subscription through Stripe.
  • Detect and prevent fraud, abuse, and security incidents.
  • Debug errors and improve the platform based on usage patterns.
  • Respond to support requests.

We do not use your data for advertising, and we do not build advertising profiles.

3. Data sharing

We do not sell your personal information. We share it only in these limited circumstances:

Infrastructure and service providers

  • Amazon Web Services (AWS) — hosts our servers, databases, and storage. Your data lives on AWS infrastructure in the United States.
  • Stripe — processes payments. Subject to Stripe's own privacy policy.
  • Twilio — delivers SMS alert notifications. Only your phone number and the alert message text are shared, and only if you have opted in to SMS.

Legal requirements

We may disclose information if required by law, court order, or to protect the rights, property, or safety of Wellsite, our users, or the public.

Business transfers

If Wellsite is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you by email before that happens.

4. Data retention

  • Account data (name, email, subscription) is kept for as long as your account is active.
  • If you delete your account, we remove your personal data within 30 days, except where we are legally required to retain it (e.g. billing records).
  • Server-side logs (IP, request metadata) are retained for 90 days and then deleted.
  • Usage data used for aggregate analytics is anonymized before retention.

5. Your rights

Regardless of where you live, you can:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to fix inaccurate or incomplete information.
  • Deletion — ask us to delete your account and associated personal data.
  • Opt out of SMS — reply STOP to any SMS we send, or remove your phone number in account settings.

To exercise any of these rights, email support@wellsite.com. We will respond within 30 days.

6. Cookies

We use a small number of essential cookies:

  • Session cookies — keep you authenticated while you use the app. These expire when you sign out or your session ends.
  • Security cookies — help us detect and prevent cross-site request forgery (CSRF).

On our public marketing site (wellsite.com) we use Google Analytics 4 to understand aggregate site traffic — pages visited, referral source, and approximate location. Google Analytics sets its own cookies and receives your IP address and page-view activity on this site, subject to Google’s privacy policy; we do not enable its advertising features, and we do not use it inside the app (app.wellsite.com) or on the MCP server. Beyond that, we use no third-party advertising or cross-site tracking cookies.

7. Security

We take security seriously and apply industry-standard protections:

  • All data is encrypted in transit using TLS.
  • Data at rest is encrypted on AWS infrastructure.
  • Access to production systems is restricted to authorized personnel and gated by multi-factor authentication.
  • We review and rotate credentials regularly.

No system is perfectly secure. If you discover a vulnerability, please report it to support@wellsite.com and we will respond promptly.

8. Children

Wellsite is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, contact us at support@wellsite.com and we will delete it promptly.

9. Changes to this policy

We may update this policy from time to time. If we make a material change — one that meaningfully affects your rights or how we use your data — we will email you at the address on file at least 14 days before the change takes effect. The updated policy will always be available at wellsite.com/privacy.

Continued use of the platform after the effective date means you accept the updated policy.

10. Contact

Questions, requests, or concerns about this policy? Reach us at:

Effective July 14, 2026. This policy applies to wellsite.com, app.wellsite.com, and mcp.wellsite.com.