Legal
Privacy Policy
Last updated: July 15, 2026
1. Who we are
Betterfound provides privacy-friendly website analytics. This Policy explains how we process personal data for (a) visitors to betterfound.com, (b) customers who create Betterfound accounts, and (c) end-users of websites that install our script (as processed on behalf of those website owners).
Contact: hello@betterfound.com
2. Our approach
- No advertising cookies and no cross-site tracking
- Lightweight script designed to avoid storing personal identifiers in the browser
- Customer analytics data is not sold or used for our own advertising
- GDPR/CCPA-minded product defaults; customers remain controllers for their sites
3. Data we process
3.1 Marketing site & accounts
When you browse betterfound.com or sign in, we may process:
- Account identity from Google OAuth (name, email, profile image)
- Billing details processed by Stripe (we do not store full card numbers)
- Support and lead emails you send us
- Security logs (IP, user agent, timestamps) to protect the Service
- Optional analytics if you consent to our own Betterfound tracking on our marketing site
3.2 Customer websites (analytics script)
When a website installs Betterfound, we process event data on behalf of the website owner (controller), typically including: page path, referrer, UTM parameters, approximate device/browser/OS, country/region (from infrastructure geolocation headers), session and visitor IDs generated for analytics aggregation, and custom events the site emits. We design the script to avoid cookies. IP addresses may be handled transiently by our hosting edge for geo and abuse prevention and are not the product focus of our dashboards.
4. Purposes & legal bases (GDPR)
- Contract — provide accounts, dashboards, billing, API/MCP access
- Legitimate interests — secure the Service, prevent abuse, improve reliability
- Consent — where required for certain marketing emails or optional cookies (we aim not to need cookie banners for core analytics)
- Legal obligation — tax, accounting, and lawful requests
For customer-site analytics, website owners determine their lawful basis for collecting usage metrics under applicable privacy laws.
5. Sharing
We share data only with processors needed to run Betterfound, such as:
- Hosting / database providers (e.g. Vercel, Neon)
- Stripe for payments
- Google for OAuth sign-in
- Email delivery (e.g. Resend) for transactional messages
We do not sell personal information. We may disclose information if required by law or to protect rights and safety.
6. International transfers
Infrastructure may process data in the United States or other regions where our providers operate. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) with processors.
7. Retention
Analytics retention follows the customer's plan limits. Account and billing records are kept as needed for the Service and legal obligations. After account closure we delete or anonymize personal data within a reasonable period unless law requires longer retention.
8. Security
We use industry-standard controls including HTTPS, access controls, hashed API keys, and principle of least privilege. No method of transmission or storage is 100% secure; please protect your account and API keys.
9. Your rights
Depending on your location (e.g. EEA/UK/California), you may have rights to access, correct, delete, export, or restrict processing of personal data, and to object or withdraw consent. Customer-site end-users should contact the website owner first; we assist controllers with reasonable requests. Contact hello@betterfound.com. You may also lodge a complaint with a supervisory authority.
10. Children
The Service is not directed to children under 16. We do not knowingly collect personal data from children.
11. Changes
We may update this Policy. Material changes will be posted here with a new "Last updated" date. Continued use after changes means you acknowledge the updated Policy.
12. Related
See also our Terms of Service.