C

Join the waitlist

Privacy Policy

Effective Date: [Date]

Last Updated: [Date]

1. Introduction

[Your Company Name] ("we", "us", "our") provides a product analytics and customer insights platform ("the Service") that allows our customers to collect and analyze data about their users' interactions with their websites and applications.

This Privacy Policy explains how we collect, use, and protect personal data in connection with our Service and our website.

2. Roles and Responsibilities

  • Customers: Our customers install our tracking script on their websites or applications. Our customers act as data controllers, deciding what data to collect and how it is used.
  • We: We act as a data processor (under GDPR) or service provider (under CPRA), processing data only on behalf of and under the instructions of our customers.

3. Data We Collect

a. Data Collected Directly

When you (a visitor to our website or a prospective customer) interact with our website, we may collect:

  • Contact details (name, email, phone)
  • Company details (name, industry, size)
  • Communication data (support tickets, emails)

b. Data Collected Through Customer Sites

When users interact with websites or applications that use our tracking script, we collect:

  • Device information (IP address, device type, operating system, browser type)
  • Usage data (page views, clicks, scroll events, form submissions, survey responses)
  • Location data (based on IP address, where allowed)
  • User IDs or pseudonymous identifiers (if configured by our customers)

This data is collected on behalf of our customers and is subject to their privacy policies.

4. Legal Bases for Processing

We process personal data under the following legal bases:

GDPR (EU/UK)

Processing on behalf of customers (controllers) under Article 28 (Processor Obligations)

CPRA (California)

Processing on behalf of customers (businesses) as a service provider

PIPEDA (Canada)

Processing on behalf of customers with implied or express consent

Australia Privacy Act

Processing on behalf of customers under APP 8

5. Data Processing Agreements (DPAs)

We enter into Data Processing Agreements (DPAs) with all customers. These agreements:

  • Define our role as a processor.
  • Specify how we handle data, including security measures and transfer safeguards.
  • Ensure compliance with GDPR Article 28, CPRA service provider obligations, and other applicable laws.

6. International Data Transfers

We store and process data in:

  • πŸ‡ͺπŸ‡Ί European Union (for EU/EEA users) β€” typically in data centers located in [e.g., Frankfurt, Paris].
  • πŸ‡¬πŸ‡§ United Kingdom (for UK users).
  • πŸ‡ΊπŸ‡Έ United States (for US users).
  • πŸ‡¨πŸ‡¦ Canada (for Canadian users).
  • πŸ‡¦πŸ‡Ί Australia (for Australian users).

Transfers Outside the EU/UK

Where data is transferred outside the EU/UK (including to the United States), we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy Decisions where applicable (e.g., Canada for private sector data).

7. Security

We implement appropriate technical and organizational measures to protect data, including:

  • Encryption at rest and in transit
  • Role-based access controls
  • Regular security audits and penetration testing

8. End-User Rights

For data collected on behalf of customers, users should contact the website owner (our customer) to exercise their rights. This may include:

  • Accessing, correcting, or deleting data
  • Opting out of data collection
  • Porting data to another service

Where legally required, we assist our customers in fulfilling these requests.

9. Your Rights (Direct Users)

If you interact directly with our website (not through a customer site), you have rights under:

  • GDPR (EU/UK): Access, Rectification, Erasure, Restriction, Objection, Data Portability.
    • CPRA (California): Access, Correction, Deletion, Opt-Out of Sale/Sharing.
  • PIPEDA (Canada): Access, Correction.
  • Australia Privacy Act: Access, Correction.

To exercise these rights, contact us at [privacy@yourcompany.com].

10. Cookies and Tracking Technologies

We and our customers may use cookies and similar technologies to:

  • Collect behavioral data
  • Measure product usage
  • Improve customer experiences

For customer sites, our customers are responsible for obtaining user consent (where required).

11. Data Retention

  • We retain data only as long as necessary to provide our Service and fulfill legal obligations.
  • Customers control their own data retention policies within our platform.

12. Contact Us

For questions or to exercise your rights, contact us at:

[Your Company Name]

[Your Company Address]

[Privacy Contact Email]

[Privacy Contact Phone Number (if needed)]

13. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted at [your website privacy page link].