Privacy policy

TL;DR: For StoreKPI visitors, we do not use cookies and we do not collect any personal data. When you decide to create an account, we ask for the bare minimum and only share it with services that are absolutely necessary for the app to function. At  StoreKPI, we are committed to complying with GDPR, CCPA, PECR and other privacy regulations on our website and on our web analytics product too. The privacy of your data — and it is your data, not ours! — is a big deal to us. In this policy, we lay out what data we collect and why, how your data is handled and your rights to your data. We promise we never sell your data: never have, never will. If you have placed the StoreKPI script on your website, take a look at our data policy for details on the information we do collect about your website visitors on your behalf.

As a visitor to the StoreKPI website and any of its subdomains

The privacy of our website visitors is important to us so we do not track any individual people. As a visitor to the StoreKPI website:

• No personal information is collected
• No information such as cookies is stored in the browser
• No information is shared with, sent to or sold to third-parties
• No information is shared with advertising companies
• No information is mined and harvested for personal and behavioral trends
• No information is monetized
• We run the StoreKPI analytics script to collect some anonymous usage data for statistical purposes. The goal is to track overall trends in our website traffic, it is not to track individual visitors. All the data is in aggregate only. No personal data is collected.

Data collected includes referral sources, top pages, visit duration, information from the devices (device type, operating system, country and browser) used during the visit and more. You can see full details in our data policy.

As a customer and subscriber of StoreKPI

Our guiding principle is to collect only what we need and that we will solely process this information to provide you with the service you signed up for. We use a select number of trusted external service providers for certain service offerings. These service providers are carefully selected and meet high data protection, data privacy and security standards. We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process personal data only according to our instructions. Here’s what that means in practice:

What we collect, what we use it for and services we use

An email address is required to create an account. You need to provide us with your email address if you want to create a StoreKPI account. That’s just so you can sign in and personalize your new account and we can send you invoices, updates or other essential information.

A persistent first-partybrowser"s local-storageis used to remember you’re signed in. If you sign in to your StoreKPI account, you give us permission to use your browser"s local-storage so you don’t have to sign in on each returning session. This makes it simpler for you to use our product. We clean the local-storage whenever you click sign out button. The information stored in your local-storage includes basic account information, subscription plan and list ofStoreKPIregistered organizations that your signed in account associtated with.

You can export all the website tracker data by clicking on Export button in the Website Settings Page. In the process, we generate a CSV file from your website tracker"s database records and upload it Cloudflare R2 Storage on the datacenter region that you selected for your website. The data stored in theCloudflare R2 Storage is encrypted at rest.

Our main website (home/landing page and sub pages) is hosted on CloudFlare web/page workers. SeeCloudFlare Privacy.

Our servers and the application site are hosted hosted at Hetzner Cloud (A EU company). SeeHetzner Cloud Privacy.

All emails are sent using a third-party email provider. Transactional emails and email reports (should you choose to subscribe to them) are sent using a GDPR compliant email service provider calledZoho (Zeptomail by Zoho). We only send clear-text emails which can not include any trackers as an option.

We use DuckDuckGo to get your site favicon. We use a proxy for this request to ensure no information is exposed to third parties. This method prevents the IP address, user agent and referrer header from being sent. See theDuckDuckGo Privacy Policyfor more details.

We use Bunny (another European-owned provider from Slovenia) for a global CDN, DNS and DDoS protection. This ensures that all visitor data we collect is exclusively processed with servers owned and operated by European companies. SeeBunny privacy and data policyfor full details.

Retention of data

We will retain your information as long as your account is active, as necessary to provide you with the services or as otherwise set forth in this policy. The event data collected has its own retention policy based on the subscription plan you choose.

We will also retain and use this information as necessary for the purposes set out in this policy and to the extent necessary to comply with our legal obligations, resolve disputes, enforce our agreements and protect StoreKPI’s legal rights.

You can choose uinstall StoreKPI app at any time. All your data will be permanently deleted asynchronously when your store uninstall the app except the tax related records. As a US company to comply with IRS tax regulations, we have to keep tax related records six years.

Changes and questions

We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will also announce them on our company blog or social media profiles.

Contact us at privacy@storekpi.com if you have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information.