Tinylytics Logo
Sign in
Sign up

Privacy Policy

Last updated: February 2026

This document outlines the information gathering and data handling practices for Tinylytics and its associated services.

Information Collection

We use Sentry.io for error monitoring (only your customer ID is logged on application errors) and Cloudflare for platform security and CDN. Server logs are filtered of sensitive data, deleted after 7 days, and do not contain client IPs unless someone attempts to circumvent Cloudflare. Log access is limited to debugging and security; we do not link this data to individual identities.

Payment Processing

For payment processing, Tinylytics uses Paddle and Lemon Squeezy (a Stripe company). Please refer to their respective privacy policies for detailed information.

We do not store or maintain any credit card information on our servers.

Security Measures

We implement comprehensive security measures to protect against unauthorized access, alteration, or misuse of your information. All data transmission is secured using SSL encryption.

Platform security is enhanced through Cloudflare, providing protection against malicious activities.

Third-Party Data Handling

We maintain strict data privacy standards. Your data is never sold or shared with third parties, with the sole exceptions of essential debugging services, image delivery, and optional AI insights as specified below. When you opt-in to AI insights, only aggregated analytics data is shared with our AI providers for the purpose of generating insights, and this data is not used for model training or stored beyond processing. We are committed to treating your data with the utmost respect and confidentiality.

Analytics

We use our own analytics solution exclusively on our homepage, demonstrating our commitment to privacy-first analytics.

AI Insights

Optional AI Insights use third-party AI providers (including x.Ai and Google Gemini) to analyze your aggregated analytics data.

This feature is completely opt-in — it is disabled by default. When enabled, we send only aggregated data (traffic counts, daily patterns, top paths, referrers) to our AI providers. No personally identifiable information about your visitors is shared. We use paid API plans; your data is not used for model training. You can enable or disable this at any time from your account settings.

We employ a single session cookie solely for maintaining your login state, which is automatically removed upon logout. This cookie serves no other purpose beyond providing essential service functionality.

Uptime monitoring

Uptime monitoring is powered by updown.io. No personal data is sent to Updown.io. We only send the site URL and unique site id to allow for monitoring of your site.

Contact

If you have questions about this privacy policy, please contact us at [email protected].