Privacy Policy

1. Who we are and who this policy applies to

Plattenite is the data controller for the personal data described in this policy. This policy applies to: (a) customers who sign up for and use our analytics service (account data and usage of our product); and (b) visitors to websites that have integrated our analytics script (reader engagement data we collect on behalf of our customers).

2. Data we collect

Account and billing (customers)

When you register or use our service, we collect: name, email address, password (hashed), and optionally profile or team details. For billing we use Stripe; we do not store your full payment card details. Stripe's privacy policy applies to payment data.

Analytics data (readers on your site)

When our script runs on a site you control, we collect engagement and technical data to provide content analytics. We do not collect names, emails, or other directly identifying information about your readers. We collect:

• Session and device: A session identifier (stored in the browser), device type (e.g. mobile/desktop), viewport size, and similar technical data.
• Engagement: Reading time, scroll depth, completion percentage, time on page, and whether content was detected and whether behavior appears human (we use signals to reduce bot traffic).
• Content context: Article URL, headline, and metadata (e.g. publication date, meta description) so we can attach analytics to the right piece of content.
• Referrer: How the visitor arrived (e.g. search, social, direct) at an aggregate level where relevant.

Our SDK may store a session ID in the browser's local storage to recognize returning sessions. We do not use this to identify individuals across different customers' sites.

Cookies and similar technologies

We use cookies and local storage for authentication, preferences, and to operate our analytics (e.g. session ID). Our marketing or product sites may use analytics cookies; where required by law we obtain consent before non-essential cookies. You can manage cookie preferences in your browser.

3. How we use the data

• Provide the service: To deliver content analytics, insights, and email reports to you.
• AI-powered insights: We use AI (including third-party providers such as OpenAI) to generate plain-language summaries and actionable tips from aggregated engagement data. Inputs are derived from analytics data (e.g. metrics, headlines); we do not send your readers' raw behavioral logs to AI in a personally identifiable form.
• Billing and account: To manage your account, subscriptions, and support.
• Security and abuse: To protect our systems and detect abuse or fraud.
• Improvement: To improve our product, reliability, and documentation (using aggregated or anonymized data where possible).

4. Legal basis (EEA/UK)

Where GDPR or UK GDPR applies: we process account and billing data to perform our contract with you; we process analytics data as necessary for our legitimate interest in providing the service you requested, and—where your site is in the EEA/UK—we rely on your lawful basis for collecting analytics (e.g. legitimate interest or consent, which you are responsible for disclosing to your readers). We may process data where required by law or with your consent where we ask for it explicitly.

5. Sharing and third parties

We share data only as needed to run the service and as described here:

• Infrastructure and AI: Hosting and processing may use providers (e.g. cloud providers, OpenAI for insights) that process data on our instructions under data processing agreements.
• Stripe: Payment processing; Stripe's privacy policy applies to their handling of payment data.
• Legal: We may disclose data if required by law or to protect our rights and safety.

We do not sell your personal data or your readers' data.

6. Data retention

We retain account data for as long as your account is active and as needed for legal, tax, or support purposes after closure. Analytics data is retained according to our product design and your plan (e.g. for generating reports and historical insights). We may retain anonymized or aggregated data longer. You can request deletion of your account and associated data subject to applicable law.

7. Your rights (EEA/UK and similar)

Depending on where you live, you may have the right to:

• Access and receive a copy of your personal data
• Rectify inaccurate data
• Request erasure of your personal data
• Restrict or object to certain processing
• Data portability
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority

To exercise these rights, contact us at the email below. If you are in the EEA/UK and we process your data on behalf of your organization, we will assist that organization in responding to your request where applicable.

Residents of California and other US states with similar laws may have additional rights (e.g. to know, delete, correct, or opt out of "sale"/sharing where applicable). We do not sell personal information. To exercise such rights, contact us as below.

8. International transfers

Data may be processed in the United States or other countries where our service providers operate. Where we transfer personal data from the EEA/UK or other restricted regions, we use appropriate safeguards (e.g. standard contractual clauses or adequacy decisions) as required by law.

9. Security

We use technical and organizational measures to protect your data (e.g. encryption in transit, access controls, secure development practices). No system is completely secure; we encourage you to use a strong password and protect your account credentials.

10. Children

Our service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us so we can delete it.

11. Your responsibilities as a customer

If you integrate our analytics on your site, you are responsible for informing your visitors (e.g. in your own privacy notice) that you use analytics and what data is collected, and for having a lawful basis for that collection where required (e.g. consent or legitimate interest under GDPR). You must use our service in compliance with applicable law and your own privacy commitments.

12. Changes to this policy

We may update this policy from time to time. We will post the revised policy on this page and update the "Last updated" date. For material changes we may notify you by email or through the product. Continued use of the service after changes constitutes acceptance of the updated policy where permitted by law.

13. Contact

For privacy-related questions, to exercise your rights, or to report a concern, contact us at: privacy@plattenite.com. You can also reach us via the contact or support options on our website.