Focalytics logoFocalytics

Privacy Policy

Last Updated: November 03, 2025

Focalytics ("we", "us") takes your privacy seriously. This policy explains how we collect, use, and protect personal and client data when you register for and use our platform and services (the "Service").

1. Information We Collect

a. Information You Provide

This includes your name, email address, company name, and any other details submitted when you create an account, fill out forms, or contact us.

b. Automatically Collected Data

We collect data such as IP addresses, browser types, and usage patterns via cookies and analytics tools to improve our platform's performance and user experience.

c. Connected Account Data

To use our Service, you must connect your third-party data sources via the OAuth authorization protocol. Our initial integration is with Google Analytics.

When you connect your Google Analytics account, we access and process data related to your website's performance. This includes, but is not limited to, data on traffic sources, user regions, landing pages, conversions, and tracking configurations. We only request read-only (analytics.readonly scope) permissions. We do not request permission to edit or manage your Google Analytics settings.

2. How We Use Your Information

To Provide and Operate the Service: To connect to your Google Analytics account, securely store your authorization tokens (refresh tokens), and automatically sync your data.

To Generate Reports and Insights: To analyze your connected data to identify gaps in tracking and attribution, generate reports on user regions and landing pages, and (in the future) integrate this data with other sources to provide ROI recommendations.

To Communicate: To send you service-related notifications, deliver reports, and provide customer support.

To Improve Our Platform: Understand usage patterns to optimize user experience and develop new features.

Legal Compliance: Use information as required by law.

3. Google Analytics Data & Limited Use

Our use and handling of data received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

a. Data Access and Storage

We access your Google Analytics data via the official Google Analytics APIs using OAuth authorization tokens. We securely encrypt and store your refresh token to maintain a persistent connection and sync data. We do not store all your raw Google Analytics data; we only fetch and process the data necessary to generate your reports and insights.

b. Data Handling and Sharing

Your Google Analytics data is used only to provide the Service to you.

  • We do not sell your data.

  • We do not use your data for advertising purposes.

  • We do not transfer or share your Google Analytics data with any third party, except as necessary to:

  1. Provide or improve the Service (e.g., storing it with our cloud hosting provider).

  2. Comply with applicable law or a valid legal order.

  3. Facilitate a merger, acquisition, or sale of assets (you will be notified).

c. Your Control and Revocation

You may revoke our access to your Google Analytics data at any time by:

  • Using the Disconnect feature within the Focalytics platform dashboard.

  • Revoking access directly from your Google Account settings (which you can find at myaccount.google.com/permissions).

Upon revocation from either method, we will immediately stop syncing new data.

4. Data Retention and Deletion

Upon your request to delete your account or your termination of the Service, all connected account data, including your encrypted refresh tokens and any cached data or reports, will be securely and permanently deleted from our systems within 30 days.

5. Data Sharing and Subprocessors

We do not sell personal or client data. Data may be shared with trusted subprocessors (e.g., cloud hosting providers like Firebase/Google Cloud) solely to operate the Service.

6. Your Rights

Depending on your jurisdiction (e.g., GDPR, CCPA), you have rights to:

  • Access and correct your personal data

  • Request deletion of your data

  • Object to certain uses

  • Receive your data in a machine-readable format

You can exercise these rights by contacting us.

7. Data Security

We implement administrative, technical, and physical safeguards to protect your data from unauthorized access, disclosure, or destruction. This includes encrypting all sensitive tokens and client data at rest and in transit.

8. International Transfers

Data may be transferred and stored on servers located outside your country. We ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to protect it.

9. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted with the revised date.

10. Contact

If you have questions regarding this Privacy Policy or your data, please contact us via the provided contact channels.