Tinylytics Logo
Sign in
Sign up

Privacy Policy

This document outlines the information gathering and data handling practices for Tinylytics and its associated services.

Information Collection

For service monitoring and debugging purposes, we utilize Sentry.io. In the event of an application error, only your customer ID is logged and stored within Sentry.io, strictly for debugging purposes.

Our server logs are automatically filtered to remove sensitive data and are permanently deleted after 7 days. These logs do not contain client IP addresses unless there is an attempt to circumvent our Cloudflare security layer. Access to logs is strictly limited to debugging and security purposes. We maintain no means of connecting this data to individual identities, which applies to both our customers and third-party visitors.

We employ Cloudflare’s services for platform security and content delivery network (CDN) functionality.

Payment Processing

For payment processing, Tinylytics utilizes Lemon Squeezy. For legacy payments, we use Paddle. Please refer to their respective privacy policies for detailed information.

We do not store or maintain any credit card information on our servers.

Security Measures

We implement comprehensive security measures to protect against unauthorized access, alteration, or misuse of your information. All data transmission is secured using SSL encryption.

Platform security is enhanced through Cloudflare, providing protection against malicious activities.

Third-Party Data Handling

We maintain strict data privacy standards. Your data is never sold or shared with third parties, with the sole exceptions of essential debugging services, image delivery, and optional AI insights as specified above. When you opt-in to AI insights, only aggregated analytics data is shared with x.ai for the purpose of generating insights, and this data is not used for model training or stored beyond processing. We are committed to treating your data with the utmost respect and confidentiality.

Analytics

We use our own analytics solution exclusively on our homepage, demonstrating our commitment to privacy-first analytics.

AI Insights

We offer an optional AI Insights feature powered by x.ai that analyzes your analytics data to provide meaningful insights and recommendations.

This feature is completely opt-in - it is disabled by default and requires your explicit consent to activate. When enabled, we send your site’s analytics data to x.ai for analysis, including traffic counts, daily patterns, top-performing page paths, top referrer sources, and general traffic statistics. No personally identifiable information about your individual visitors (such as IP addresses, user agents, or tracking data) is ever shared.

x.ai does not use customer API requests for training their models. API requests and responses are temporarily stored for audit purposes only and are automatically deleted after 30 days. The data is used solely to provide you with personalized analytics insights and is not used for any other purpose.

You can enable or disable this feature at any time from your account settings. When disabled, no data is sent to x.ai.

For more information about x.ai’s data handling practices, please review their privacy policy and security documentation.

Cookie Usage

We employ a single session cookie solely for maintaining your login state, which is automatically removed upon logout. This cookie serves no other purpose beyond providing essential service functionality.

Uptime monitoring

Uptime monitoring is powered by updown.io. No personal data is sent to Updown.io. We only send the site URL and unique site id to allow for monitoring of your site.