1. What Data We Collect

Himetrica's tracking script collects the following data from your website visitors: a randomly generated visitor ID, session ID, page path, screen size, and user agent string. IP addresses are processed temporarily for geolocation purposes only (country, city, region) and are never stored. We do not collect personal information such as names or email addresses unless explicitly provided through our identify API.

2. Cookie-Free by Default

By default, Himetrica does not use cookies for tracking. Visitor identification relies on a randomly generated ID stored in the browser's localStorage. This approach means your website does not need to display cookie consent banners for Himetrica's tracking. Visitors can clear their localStorage at any time to reset their visitor ID.

If you enable cross-subdomain tracking by configuring a Cookie Domain in your project settings, Himetrica will use first-party cookies (visitor ID, session ID, session timestamp, and referrer) scoped to your root domain. These cookies are used solely for analytics continuity across your subdomains and are not shared with third parties. If you use this feature, you may need to disclose the use of first-party analytics cookies in your own privacy policy.

3. How Data Is Used

We use the collected data to provide analytics insights to our customers, including page view statistics, visitor counts, session information, geographic distribution, browser and device breakdowns, and referrer analysis. We do not sell, rent, or share visitor data with third parties for advertising or marketing purposes.

4. Data Retention

Detailed analytics data (individual page views, events, sessions, web vitals, and frontend errors) is retained based on your subscription plan. Data older than your plan's retention period may be permanently deleted. However, aggregate daily summaries (traffic totals, top pages, sources, countries, and event counts) are preserved beyond the retention period so your historical charts and trend data remain available. Individual session details, visitor timelines, and event properties beyond the retention window will no longer be accessible. When an account is deleted, all associated analytics data is permanently removed within 30 days. You may request early deletion of your data at any time by contacting us.

5. Third-Party Services

We use the following third-party services to operate Himetrica:

Stripe — for payment processing. Stripe processes your payment information in accordance with their own privacy policy.
Resend — for transactional emails such as account verification and password resets.
Supabase — for file storage (avatars, logos).
IP Geolocation — we use a geolocation service to derive approximate location (country, city) from IP addresses. IP addresses are not stored after geolocation is resolved.

6. User Rights

You have the right to:

Access — request a copy of the data we hold about you.
Deletion — request deletion of your account and all associated data.
Export — export your analytics data in a machine-readable format.

To exercise any of these rights, contact us at privacy@himetrica.com.

7. Children's Privacy

The Service is not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the version number and effective date at the top of this page. We will notify you of material changes via email or through the Service. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

9. Contact

If you have any questions about this Privacy Policy, please contact us at privacy@himetrica.com.