Privacy Policy

Last Updated: January 24, 2026

At CrossMetrics, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our Unified Analytics Platform.

1. Information We Collect

We distinguish between data we store and data we process in real-time without permanent storage.

A. Account & Business Information (Stored)

  • Personal Identifiers: Name, email address, password (encrypted).
  • Business Details: Company name, website URL, and business settings.
  • Integration Credentials: API tokens, access keys, and refresh tokens for connected services (encrypted).

B. Standard Integrations (Real-time Fetch)

For supported platforms (Shopify, PrestaShop, Google Services), CrossMetrics operates as a data visualization layer. We do not permanently store your business data or your customers’ personal data.

When you access the dashboard, we fetch data in real-time:

  • E-commerce Platforms: Orders, transaction amounts, product catalogs.
  • Google Services: Traffic reports (GA4), Campaign performance (Ads), Search queries (Search Console).

This data is processed transiently in memory and discarded when the session ends.

C. Custom Integrations (Stored Exception)

If you use our API/Webhooks for a custom website (not on a supported platform):

  • We DO Store: Order details (IDs, values, dates) and purchased product information to generate analytics history.
  • We DO NOT Store: Customer Personal Identifiable Information (PII). We do not store names, emails, addresses, or phone numbers of your end-customers. All customer data for custom integrations is anonymized or excluded at the source.

2. How We Use Your Data

We use your data strictly to:

  1. Provide Analytics: Fetch and display data from your third-party services.
  2. AI Analysis: Our AI Assistant processes data to suggest improvements.
  3. Connection Maintenance: Use stored tokens to authenticate with third-party APIs.

We do not sell your personal data or your customers’ data to third parties.

3. Google API Limited Use Disclosure

CrossMetrics’ use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

  • We store only the authentication tokens required to connect to Google APIs.
  • We do not store the data retrieved from Google APIs in our persistent databases.
  • We do not use Google User Data for advertising purposes.
  • Humans do not read your Google User Data unless you explicitly agree for support purposes.

4. Data Retention

  • Account Data: Retained as long as your account is active.
  • Standard Integration Data: Not retained (Real-time).
  • Custom Integration Data: Order/Product metrics are retained while the account is active.
  • Tokens: Deleted immediately upon account deletion.

5. Data Security

We employ industry-standard encryption (TLS/SSL) for data in transit. API tokens and stored custom integration data are protected using military-grade encryption (AES-256).

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request deletion of your account and associated data.
  • Revoke access to third-party integrations at any time via the dashboard.

7. Contact Us

For privacy-related inquiries, please contact: Data Protection Officer Email: privacy@crossmetrics.com