Betterlytics Privacy Policy

At Betterlytics, we are committed to complying with GDPR, CCPA, PECR and other privacy regulations. The privacy of your data — and it is your data, not ours! — is a big deal to us. We are based in the European Union and all data processing occurs within EU boundaries.

In this policy, we lay out what data we collect and why, how your data is handled and your rights to your data. We promise we never sell your data: never have, never will.

As a visitor to websites using Betterlytics

The privacy of website visitors is important to us. We have designed our analytics system to be completely cookieless and privacy-focused. As a visitor to websites using Betterlytics:

• By default, Betterlytics does not collect personal information or use cookies.
• No cookies or browser storage are ever used or stored.
• No information is shared with, sent to or sold to third-parties.
• No information is shared with advertising companies.
• No information is mined and harvested for personal and behavioral trends.
• No information is monetized.

All analytics data is aggregated and anonymized to prevent identification of individual visitors. Certain optional features (such as session replay, custom identifiers, or user event tracking) may enable website owners to collect additional data, which could include personal or pseudo-anonymous information depending on configuration. In such cases, the website owner — not Betterlytics — is the data controller and is responsible for obtaining consent and ensuring compliance with applicable privacy laws (such as GDPR or CCPA).

While Betterlytics is designed to collect only anonymized data by default, it is possible that personal data may be accidentally transmitted by website owners — for example, via URL paths, query parameters, or custom event data. In such cases, Betterlytics acts as a data processor of the received data and processes it solely according to our standard procedures. Website owners remain the data controllers and are responsible for masking or removing personal data and ensuring compliance with applicable privacy laws (such as GDPR or CCPA). We encourage website owners to follow best practices to prevent personal data from being sent accidentally. For more information about responsibilities related to the use of Betterlytics and optional features, please refer to our Terms of Service.

When processing website visitor data that includes personal or pseudo-anonymous information on behalf of our customers, Betterlytics acts as a data processor under GDPR, and the website owner acts as the data controller responsible for determining the lawful basis for processing and ensuring compliance.

What anonymous data we collect and why

This section describes Betterlytics' default, anonymized data collection. Customers who enable optional features that collect additional data are responsible for ensuring their own compliance with data protection laws.

How we process and store data

• EU-based hosting: All data is processed and stored on servers located within the European Union, ensuring GDPR compliance.
• Immediate anonymization: IP addresses are anonymized immediately upon receipt, before any processing or storage occurs.
• No cross-site tracking: Each website's data is isolated and tracked separately with unique site identifiers.
• Aggregated reporting: All analytics reports show aggregated data only, with no ability to identify individual visitors.
• Daily fingerprint rotation: Visitor fingerprints change daily, preventing long-term tracking of individuals.

As a customer and subscriber of Betterlytics

Our guiding principle is to collect only what we need and process this information solely to provide you with the service you signed up for.

Betterlytics uses cookies strictly for necessary service functionality. These cookies are not used for analytics or marketing purposes.

Website owners are responsible for ensuring their use of Betterlytics complies with applicable privacy laws. For more details, please see our Terms of Service and Data Processing Agreement.

Data retention

• Account deletion: When you delete your account, ALL data is permanently deleted immediately - this includes your personal data (email, payment information, account settings) AND all website analytics data. No exceptions, no retention period.
• Subscription cancellation (without account deletion): If you cancel your subscription but keep your account, we retain your analytics data for up to 1 month in case you decide to reactivate, after which it is permanently deleted.
• Session data: Visitor sessions are stored only in server memory and automatically expire after 30 minutes of inactivity.

You always have the right to immediate deletion of all data.

Your rights under GDPR

As a data subject under GDPR, you have the following rights:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate personal data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a portable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for data processing

To exercise any of these rights, please contact us at privacy@betterlytics.io

Data security

• All data transmission is encrypted using TLS 1.3
• Data at rest is encrypted using industry-standard encryption
• Access to data is strictly limited to authorized personnel
• All servers are located in secure EU data centers

Changes to this privacy policy

We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make significant changes to our policies, we will notify our customers via email and announce them on our website.