SiteSense

SiteSense

Home

Privacy Policy

Last updated: 5 April 2026

SiteSense (“we”, “us”, “our”) operates the website sitesense.app. This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

Account information

When you create an account we collect your email address and optional display name. Passwords are hashed and stored securely by our authentication provider (Supabase).

Google Analytics data

When you connect a Google Analytics property, we request read-only access to your GA4 reporting data via the Google Analytics Data API. We access the following Google OAuth scopes:

  • openid, email, profile — to identify your Google account
  • analytics.readonly — to read your GA4 property data. We never modify your Google Analytics configuration.

OAuth access and refresh tokens are stored encrypted in our database and are used solely to fetch analytics reports on your behalf. You can revoke access at any time from your Google account permissions.

Usage and analytics

We use Google Analytics (measurement ID G-NLNJKM6ZQ4) on our own website to understand how visitors use SiteSense. This collects standard web analytics data such as page views, referral sources, and device information. No personally identifiable information is sent to Google Analytics beyond what is standard for the service.

2. How We Use Your Data

  • To display your Google Analytics data in a simplified, plain-English dashboard
  • To generate optional AI-powered summaries of your analytics (when enabled)
  • To send optional weekly check-in emails with analytics highlights
  • To process payments and manage your subscription
  • To improve and maintain the SiteSense service

3. Third-Party Services

We use the following third-party services to operate SiteSense:

  • Supabase — authentication, database hosting, and row-level security
  • Google OAuth & Google Analytics Data API — account linking and analytics data retrieval
  • Stripe — payment processing for paid plans. We do not store credit card numbers; Stripe handles all payment data directly.
  • OpenAI — generates AI summaries of your analytics data when the feature is enabled. Analytics data sent to OpenAI is used solely for generating your summary and is subject to OpenAI’s API data usage policies.

4. Cookies

SiteSense uses a minimal number of cookies:

  • Authentication cookies — session cookies set by Supabase to keep you signed in
  • Theme preference — a local storage value to remember your light/dark mode choice
  • OAuth state — a short-lived, httpOnly cookie used during the Google sign-in flow to prevent cross-site request forgery. It is deleted after use.

We do not use advertising or tracking cookies beyond the Google Analytics tag on our own site.

5. Data Retention & Deletion

We retain your account data and stored OAuth tokens for as long as your account is active. Analytics data is fetched in real time from Google and is not permanently stored on our servers beyond short-lived caches.

You can delete your account and all associated data at any time by contacting us. Upon deletion, we remove your account information, OAuth tokens, workspace data, and any AI usage logs.

6. Data Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS), row-level security policies in our database, and secure token storage. Access to production systems is restricted to authorised personnel.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Revoke Google OAuth access at any time
  • Export your data upon request

8. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a notice on the site. The “last updated” date at the top reflects the most recent revision.

9. Contact

If you have questions about this privacy policy or your data, contact us at hello@sitesense.app.