Privacy Policy

Last Updated: May 22, 2026

Crossmetrics respects your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you use Crossmetrics and connect third-party services.

Crossmetrics is an e-commerce analytics platform that connects store data with Google services such as Google Analytics 4, Google Ads, Google Merchant Center, and Google Search Console.


1. Information We Collect

A. Account and Authentication Information

A. Account & Business Information (Stored)

  • Personal Identifiers: Name, email address, password (encrypted).
  • Business Details: Company name, website URL, and business settings (such as currency, timezone, and descriptive names).
  • Integration Credentials: API tokens, access keys, and refresh tokens for connected services (stored securely and encrypted).
  • Integration Metadata: Account identifiers, linked services (e.g., relationships between Google Ads, Analytics, and Merchant Center accounts), and configuration data required to maintain connections.

B. Standard Integrations (Real-time Processing)

For supported platforms (PrestaShop, WooCommerce, Google Services), Crossmetrics operates as a data visualization layer.

We do not permanently store your business data or your customers’ personal data.

When you access the dashboard, we fetch data in real-time:

  • E-commerce Platforms: Orders, transaction amounts, product catalogs.
  • Google Services: Google Analytics 4 traffic, event, conversion, and performance metrics; Google Ads campaigns, spend, clicks, and advertising metrics; Google Merchant Center product information and feed status; Google Search Console search queries, impressions, clicks, and organic performance metrics.

This data is processed transiently in memory and discarded after use.


C. Custom Integrations (Stored Exception)

If you use our API/Webhooks for a custom website (not on a supported platform):

  • We DO store: Transactional data (order IDs, values, timestamps) and product-related data required to build historical analytics.
  • We DO NOT store: Customer Personal Identifiable Information (PII) such as names, emails, addresses, or phone numbers.

Users are responsible for ensuring that no PII is sent to our systems via API or webhooks.


2. How We Use Information

We use information to:

  • Authenticate users and maintain secure sessions
  • Provide dashboards, reports, data reconciliation, alerts, and insights
  • Retrieve and display data from connected services
  • Maintain integrations and refresh authorized API access
  • Detect anomalies and explain performance changes
  • Provide support and troubleshoot issues
  • Secure, monitor, and improve Crossmetrics

We do not sell personal data, Google user data, or customer data.


3. Google API Services and Limited Use

Crossmetrics’ use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

When you connect Google services, Crossmetrics may access only the data authorized by you through the permissions you grant, including:

  • Google Analytics 4: Aggregated traffic, event, conversion, and performance metrics.
  • Google Ads: Campaigns, spend, clicks, and advertising metrics.
  • Google Merchant Center: Product information and feed status.
  • Google Search Console: Search queries, impressions, clicks, and organic performance.

Crossmetrics does not access email content, contacts, personal files, or other Google data that is not required to provide the service.

We:

  • Request only the minimum necessary permissions (scopes)
  • Use Google data solely to provide dashboards, analytics, and reporting features
  • Do not use Google user data for training artificial intelligence models
  • Do not use Google user data for personalized advertising, commercial profiling, resale, or transfer to data brokers
  • Do not use Google user data for any purpose other than providing and improving user-visible Crossmetrics features
  • Do not share Google user data with third parties except as necessary to provide the service

Additionally:

  • We store only the authentication tokens required to access Google APIs (encrypted)
  • We do not store data retrieved from Google APIs in persistent databases
  • Human access to Google data only occurs with explicit user consent for support purposes

We may share data only with infrastructure and processing providers required to operate Crossmetrics, such as hosting, storage, monitoring, authentication, and security providers. These providers are subject to confidentiality and security obligations and may process data only on our behalf.


5. Data Retention

We retain information while your account is active or as needed to provide Crossmetrics.

  • Account and business settings: Retained while the account is active
  • Integration credentials: Retained while the integration remains connected
  • Custom webhook data: Retained to provide historical analytics while the account or integration is active
  • Authentication sessions: Retained until logout, expiration, revocation, or account deletion

Users may request deletion of their data at any time. After an account deletion request, we will delete or anonymize the associated data within a reasonable period, except where retention is required by law or needed to resolve security, fraud, or billing issues.


6. Security

We use security measures including HTTPS, encrypted storage for sensitive credentials, server-side session handling, access controls, and operational monitoring. No online service can guarantee absolute security, but we work to protect the information entrusted to Crossmetrics.


7. Your Choices and Rights

You may:

  • Revoke Google access from your Google Account permissions
  • Disconnect integrations in Crossmetrics where supported
  • Request access, correction, or deletion of your account data
  • Manage optional website analytics cookies through the cookie banner or browser settings

7. Changes to This Privacy Policy

If we make material changes to this Privacy Policy, we will update the “Last Updated” date and may notify you inside the application or by email.


8. Contact Us

For privacy questions, contact:

Email: privacy@crossmetrics.app