Privacy Policy

Last updated: January 2025

Our Commitment

DataSag is built with privacy at its core. We practice what we preach - our analytics platform is designed to respect user privacy while providing valuable insights.

Information We Collect

Account Information

When you create a DataSag account, we collect:

  • Email address (for authentication and communication)
  • Password (encrypted and never stored in plain text)

Analytics Data

For websites using DataSag tracking, we collect:

  • Page URLs visited
  • Referrer information (where visitors came from)
  • Browser and device type (user agent)
  • Screen resolution
  • Approximate location (country-level only, via IP address)
  • Interaction data (clicks, scroll depth, time on page)

Important: We use cookie-less fingerprinting to identify unique visitors without storing personal identifiers. IP addresses are used only for geolocation and are never stored.

How We Use Your Information

  • Account Management: To provide access to your dashboard and analytics
  • Analytics Service: To display meaningful insights about website traffic
  • Product Improvements: To enhance our platform and fix issues
  • Communication: To send important updates about your account (we don't spam)

Data Retention

Analytics Data: We store analytics data indefinitely unless you delete it. You have full control to delete projects and their associated data at any time.

Account Data: Your account information is retained while your account is active. If you delete your account, all associated data is permanently deleted.

Data Sharing

We do not sell your data. Period.

We only share data in these limited circumstances:

  • Service Providers: Supabase (database hosting) - with strong security and privacy agreements
  • Legal Requirements: If required by law or to protect rights and safety

Your Rights

You have the right to:

  • Access: View all data we have about you
  • Delete: Remove your account and all associated data
  • Export: Download your analytics data (feature in development)
  • Object: Opt out of certain data processing

GDPR & CCPA Compliance

DataSag is designed to be GDPR and CCPA compliant by default:

  • No cookies or persistent identifiers
  • No personal data collection without consent
  • IP addresses not stored
  • Full data deletion capabilities
  • Transparent data practices

Security

We take security seriously:

  • All data encrypted in transit (HTTPS)
  • Passwords hashed with industry-standard algorithms
  • Database access restricted with row-level security
  • Regular security audits and updates

Changes to This Policy

We may update this privacy policy from time to time. We will notify users of significant changes via email or dashboard notification.

Contact Us

Questions about privacy? We're here to help.

Email: privacy@datasag.com