Privacy Policy for GA4 AI Insights Tool
1. Introduction
This Privacy Policy explains how the GA4 Insights Generator service (“we”, “us”, “our”), owned and operated by Dreamnotion Innovations LLP, collects, uses, and protects your data when you use our analytics reporting service. We are committed to ensuring your privacy and protecting your personal data in compliance with applicable laws, including the General Data Protection Regulation (GDPR) and the Digital Personal Data Protection Act, 2023 of India.
2. Data We Collect
When you use GA4 Insights Generator, we collect and process the following data:
-
2.1 Account Information
- Email address
- Name
- Business details (optional)
- Password (encrypted)
- Account preferences
-
2.2 Google Account Information
- Email address
- Google Analytics 4 property access permissions
- Authentication tokens
-
2.3 Analytics Data
- Website traffic metrics
- User engagement statistics
- Page performance data
- Conversion tracking data
- Event completion data
-
2.4 Report Preferences
- Selected GA4 properties
- Report generation frequency
- Email subscription settings
- Dashboard customizations
-
2.5 Payment Information
- Billing address
- Payment method details (processed securely by Razorpay)
- Subscription history
- Transaction records
3. Legal Basis for Processing
We process your data under the following legal bases:
- Consent: When you explicitly agree to connect your Google Analytics account or receive marketing communications
- Contract: To fulfill our service obligations in generating analytics reports and providing services you’ve subscribed to
- Legitimate Interests: To improve and maintain our service, prevent fraud, and ensure security
- Legal Obligation: To comply with applicable laws and regulations
4. How We Use Your Data
Your data is used for:
- Creating and maintaining your account
- Authenticating with Google Analytics
- Generating analytics insights and reports
- Sending automated performance reports via email
- Processing payments and managing subscriptions
- Maintaining your account preferences
- Improving our service functionality
- Ensuring service security
- Communicating important service updates
5. Data Storage and Security
We implement appropriate security measures including:
- Encryption of sensitive data using industry-standard methods
- Secure storage of authentication tokens
- Regular security updates and monitoring
- Limited access to personal data by authorized personnel only
- Compliance with regulatory security requirements
- Regular security assessments and penetration testing
6. Data Sharing and Third Parties
We interact with the following third-party services:
- Google Analytics: To access your analytics data (with your permission)
- OpenAI: For generating AI-powered insights (using anonymized data only)
- Brevo: For sending email reports (if enabled)
- Razorpay: For processing payments
- Cloud Service Providers: For hosting our infrastructure
We ensure all third-party providers comply with applicable data protection regulations and maintain appropriate security measures.
7. Data Retention
We retain your data as follows:
- Account information: Until you delete your account or revoke access
- Analytics reports: For 30 days after generation
- Authentication tokens: Until expired or revoked
- Email tracking data: For 90 days
- Payment information: As required by financial regulations (typically 7 years)
8. Your Data Rights
Under applicable data protection laws, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request data deletion
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge a complaint with a supervisory authority
9. Exercising Your Rights
To exercise your data rights:
- Use the plugin settings to manage your data preferences
- Contact us at [email protected] for specific requests
- Revoke Google Analytics access through your Google Account settings
- For Indian users: Contact our Grievance Officer at [email protected]
10. Cookie Usage
We use cookies to:
- Maintain your authentication status
- Store your report preferences
- Ensure secure access to your data
- Analyze usage patterns to improve our service
You can manage cookie preferences through your browser settings.
11. International Data Transfers
Your data may be processed in different countries where our service providers operate. We ensure appropriate safeguards are in place through:
- Standard contractual clauses
- Data processing agreements
- Compliance with cross-border data transfer regulations
- Additional technical and organizational measures
12. Children’s Privacy
Our service is not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13.
13. Changes to This Policy
We may update this Privacy Policy periodically. Significant changes will be notified through:
- Email notifications
- Plugin dashboard notices
- Website announcements
14. Contact Information
For privacy-related inquiries:
- Email: [email protected]
- Address: 4, Premier Rabbi Apartments, 6th Cross Inner Ring Road, Srinivagilu, Bangalore 560047, Karnataka, India
- Grievance Officer (for Indian users): Sandeep Kelvadi, [email protected]
15. Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you have concerns about how we process your data.
16. Compliance with Digital Personal Data Protection Act
As a data fiduciary under India’s Digital Personal Data Protection Act, 2023, we commit to:
- Processing your personal data only for the purposes disclosed in this Privacy Policy
- Retaining personal data only as long as necessary for the stated purposes
- Implementing reasonable security safeguards to prevent data breaches
- Notifying relevant authorities and affected users in case of significant data breaches
- Honoring your rights as a data principal, including access, correction, and erasure
- Obtaining explicit consent before processing sensitive personal data
- Ensuring compliance when transferring data across borders