Privatrak

Privacy Policy

Last updated: March 12, 2026

At Privatrak, we are committed to building a privacy-first product analytics service. This policy describes what data we collect, how we use it, and your rights regarding that data.

Privatrak is operated by Omexa LLC, a Wyoming limited liability company ("Privatrak", "we", "us", "our").

This policy covers three distinct groups:

  1. Visitors to websites that use Privatrak (your end users)
  2. Customers who have a Privatrak account (you)
  3. Waitlist subscribers (people who signed up for launch notifications)

1. Visitors to Websites Using Privatrak

What we do NOT collect

When a website owner installs the Privatrak tracking script on their site, we do not collect any personal information from visitors. Specifically:

  • No cookies. The Privatrak script does not set, read, or use any cookies, localStorage, or sessionStorage. We use credentials: 'omit' on all network requests.
  • No IP addresses stored. IP addresses are processed transiently in memory to derive anonymous session identifiers via HMAC, but are never stored, logged, or recoverable. The HMAC key rotates daily, making session IDs unlinkable across days.
  • No User-Agent strings stored. User-Agent strings are processed transiently in memory alongside IP addresses for session derivation, but are never stored, logged, or recoverable.
  • No fingerprinting. We do not use canvas fingerprinting, WebGL fingerprinting, font enumeration, or any other browser fingerprinting technique. Session derivation uses a privacy-preserving HMAC hash — not browser fingerprinting techniques.
  • No cross-site tracking. We do not track visitors across different websites.
  • No persistent identifiers. Session identifiers are derived server-side from a daily-rotating HMAC key. They are consistent within a UTC day for the same browser but cannot persist across days (the key rotates at UTC midnight) or be reversed to recover the original inputs.

What we do collect

We collect anonymous, aggregate usage data:

  • Page URLs — by default, sanitized to remove potentially identifying path segments (numeric IDs, UUIDs, and hex strings are replaced with :id) and query parameters (email, token, key, password, and secret values are replaced with :redacted). Website owners can customize these sanitization rules through project privacy settings.
  • Referrer URLs — the page that linked to the current page, sanitized in the same way
  • Event types — pageviews, clicks, form submissions, and custom events
  • Element information — for click and form events: the HTML tag name, two CSS selectors — one specific and one generalized (each limited to 200 characters), and visible text content (limited to 100 characters)
  • Timestamps — rounded to the nearest second by the server before storage to prevent event-level cross-referencing

Interaction tracking exclusions

The tracking script records click and form submission events with element metadata (tag name, CSS selector, visible text). The following element types are always excluded from interaction tracking:

  • Password fields (type="password")
  • Hidden fields (type="hidden")
  • Credit card fields (inputs with autocomplete="cc-*")

Custom tracking attributes

Website owners may add data-track attributes to HTML elements to assign custom event names, and data-track-* attributes to attach arbitrary key-value metadata. The content of these attributes is determined entirely by the website owner.

Custom events and attributes

Website owners may send custom events with arbitrary names and key-value attributes using the Privatrak API. The content of custom events is determined entirely by the website owner, not by Privatrak. If a website owner chooses to include personal information in custom event attributes, that is their responsibility. See Section 7 below.

No consent banner required

Because Privatrak does not use cookies, does not collect personal data, and does not track visitors across sites, websites using Privatrak are not required to display cookie consent banners or privacy consent dialogs under the GDPR, ePrivacy Directive, or similar regulations. No raw personal data is stored — session identifiers are derived from an irreversible daily-rotating HMAC hash, so no consent is required.

Data retention

Product analytics data is retained based on the website owner's subscription plan:

PlanRetention Period
Free30 days
Starter90 days
Pro365 days

After the retention period, data is automatically and permanently deleted through a scheduled cleanup process.

2. Waitlist Subscribers

If you sign up for the Privatrak waitlist before our public launch, we collect:

  • Email address — the email you enter in the waitlist form
  • Signup timestamp — the date and time you joined the waitlist

Purpose: We use this information solely to notify you when Privatrak launches and to send a one-time confirmation that you've been added to the waitlist.

Legal basis: Consent — you voluntarily submitted the waitlist form.

Retention: Your email is retained until the product launches or until you request removal, whichever comes first. After launch, waitlist data is deleted unless you create an account.

Communications: You will receive at most two emails: a confirmation upon signup and a launch notification. No marketing emails, no sharing with third parties.

Removal: To be removed from the waitlist at any time, email privacy@privatrak.com.

3. Privatrak Account Holders (Customers)

Data we collect

When you create a Privatrak account, we collect:

  • Email address — required for account creation, login, email verification, and service communications
  • Name — used for display within the dashboard
  • Password — stored as a bcrypt hash (cost factor 12); we never store or have access to your plaintext password

If you sign in with Google OAuth, we additionally receive and store:

  • Google provider user ID — used solely to link your Google account to your Privatrak account
  • Your name and email from your Google profile

We do not request or receive any other data from Google (no contacts, calendar, drive access, etc.).

Cookies

The Privatrak dashboard uses a single cookie:

  • session_token — an HTTP-only session cookie used to keep you logged in. This cookie is strictly functional and cannot be accessed by JavaScript. It expires after 30 days or when you log out. No consent banner is required for functional cookies under the ePrivacy Directive.

We do not use any tracking cookies, advertising cookies, or third-party cookies on the dashboard.

Communications

We send the following emails:

  • Email verification — a one-time email when you register to verify your email address
  • Weekly summary reports — optional product analytics summary emails sent every Monday. You can opt out at any time in your account settings.
  • Event limit notifications — alerts when your monthly event usage reaches 80% and 100% of your plan limit
  • Project invitations — emails sent when a team member invites you to collaborate on a project

All emails are transactional or opt-in. We do not send unsolicited marketing emails. You can manage your email preferences at any time in your account settings.

Billing

Payment processing is handled by our billing partner, Paddle (Paddle.com Market Limited). When you subscribe to a paid plan:

  • Paddle collects and processes your payment information (credit card, billing address). We never see, store, or have access to your full payment details.
  • We store only: your Paddle customer ID, Paddle subscription ID, plan type, subscription status, and billing period dates.
  • Your IP address may be sent to Paddle temporarily for the sole purpose of displaying localized pricing. It is not stored by Privatrak.

Paddle's privacy policy governs how they handle your payment data: https://www.paddle.com/legal/privacy

Account deletion

You may delete your account at any time from your account settings. When you delete your account:

  • Your user record and all associated data are permanently deleted
  • All projects where you are the sole owner are permanently deleted, including all analytics data
  • Your project memberships, sessions, API keys, and email preferences are removed
  • This action is immediate and irreversible

If you are the sole owner of a project that has other members, you must first remove other members through the dashboard or contact support to transfer ownership before deleting your account.

4. Data Hosting and Security

Where your data is stored

All analytics data and account data is hosted on servers in the European Union. Data does not leave the EU for storage or processing, with the exception of email delivery (see Sub-processors below).

Security measures

  • All data transmitted between your browser and our servers is encrypted using HTTPS/TLS
  • Passwords are hashed using bcrypt with a cost factor of 12
  • Session tokens are hashed using SHA-256 before storage
  • API keys are hashed before storage; only a prefix is stored in plaintext for identification
  • All database queries use parameterized statements to prevent SQL injection
  • Database access is restricted to our application servers via private networking
  • Server logs, reverse proxy logs, and monitoring systems record only request method, URL path, HTTP status code, and response time. IP addresses, User-Agent strings, and request headers are never written to any log or monitoring system.

5. Sub-processors

We use the following third-party service providers to operate Privatrak:

Sub-processorPurposeData ProcessedLocation
HetznerDatabase and application hostingAll analytics and account dataEU
PaddlePayment processingBilling information, customer IDUK/EU
ResendEmail deliveryEmail addresses, email contentUS
GoogleOAuth authentication (optional)Google user ID, email, nameUS

Note on Resend (email): Resend is based in the United States. Email addresses are transmitted to Resend solely for the purpose of delivering transactional emails (verification, weekly summaries, notifications, invitations). Analytics data is never shared with Resend. Appropriate data transfer safeguards are in place.

We do not sell, share, trade, or monetize your data or your visitors' data with any third party for any reason.

6. Your Rights

Depending on your location, you may have the following rights:

For all users

  • Access — you can view all data associated with your account in the dashboard
  • Deletion — you can delete your account and all associated data at any time
  • Email preferences — you can opt out of non-essential emails at any time

For EU/EEA residents (GDPR)

Under the General Data Protection Regulation, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Lodge a complaint with your local data protection authority

Our lawful basis for processing customer account data is contract performance (we need your email and name to provide the service) and legitimate interest (for service communications and security). For optional features like weekly summary emails, the basis is legitimate interest (opt-out available in account settings).

For California residents (CCPA/CPRA)

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. You have the right to know what data we collect, request deletion, and opt out of any sale of personal information (though no sale occurs). To exercise these rights, contact us at the address below.

7. Customer Responsibility for Data Content

Privatrak provides a privacy-first product analytics tool that collects no personal information by default. However, our customers may choose to send additional data through custom events, custom event attributes, session traits, or data-track / data-track-* HTML attributes.

If you are a website owner using Privatrak:

  • You are solely responsible for the data you choose to send to Privatrak through custom events and attributes
  • You must ensure you have a lawful basis for collecting and transmitting any data you send
  • You are responsible for your own privacy policy towards your end users
  • You must not send data you are prohibited from sharing under applicable law

The following data types must never be sent to Privatrak:

  • Protected health information (HIPAA)
  • Data of children under 13 (COPPA)
  • Financial account numbers or credit card data
  • Government-issued identification numbers (SSN, passport numbers, etc.)
  • Data subject to sector-specific regulations you have not accounted for

Privatrak processes custom event data as instructed by the customer. We do not inspect, validate, or filter the content of custom event attributes or data-track-* values beyond the automatic exclusions described in Section 1 (password fields, credit card fields, hidden fields).

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify account holders of material changes via email. The "Last updated" date at the top of this page will always reflect the most recent revision.

9. Contact

If you have questions about this privacy policy or your data, contact us at:

Email: privacy@privatrak.com

Omexa LLC Wyoming, United States

Datenschutzrichtlinie — Privatrak