We collect information about users of our Service (our "Customers"), as well as our Customers' end users ("End Users") (collectively, "you", "your", or "yourself"). Note that Customers are also End Users, as we use our own Service to track itself. Some of the information collected may be Personal Data (defined as personal data of End Users that is processed by Droptrim on behalf of Customers). Your rights regarding Personal Data are described in this Policy.
By using the Service, you agree that your information will be handled as described by this Policy, and that your usage and any disputes over privacy are subject to this Policy and our Terms of Service ("Terms") which are incorporated by reference into this Policy.
Information we collect
We collect information about you through your use of our Service and/or from the web sites and services provided by our Customers.
When you create an account, you provide us with a username, password, real name, and email address, as well as one or more web sites that you own and want to monitor with the Service. If you make a purchase, you provide us with your billing information such as card number and address. This information is used for the purposes of having and maintaining your account. Your email is only used for important account notifications, such as a failed payment or expiring subscription.
We collect information from End Users under the instruction of our Customers, under which circumstance we have no direct relationship with the End Users. The following information is sent to our servers by default when an End User visits a Customer's web site.
·URL & Title of pages viewed
·URL & Title of any links that are clicked on pages viewed
·x/y coordinates of mouse events
·Unique ID tracking cookie ("UID")
The GDPR considers this to be Personal Data, even though it is randomly generated and does not identify who you are or reveal anything else about you. Its sole purpose is to more accurately track unique visitors.
·IP address ("IP")
This feature can be used by a site to attach additional data to a visitor, potentially including Personal Data such as a name or email address, but it is against our Terms to log Personal Data using this feature without disclosure or (depending on "legitimate interest") consent. This feature requires a small amount of configuration and coding by Customers, so only a small percentage of Customers use it.
Per Article 6 of the GDPR, processing of UID and IP Personal Data is lawful and does not require your direct consent because it is "necessary for the purposes of the legitimate interests" of web sites using the service. These legitimate interests include but are not limited to:
·Assembling statistics regarding the use of a web site. (Accurately counting unique visitors is a vital statistic for any web site).
·Preventing fraud and abuse, and maintaining information security. (Full IP addresses are necessary for this type of usage). Recital 47 of the GDPR states: "The processing of Personal Data strictly necessary for the purposes of preventing fraud also constitutes a legitimate interest".
As End Users of our service, the types of information listed above are also collected about our Customers when they are using our Service. The Personal Data that we log is as follows:
·Your UID and IP address, per the legitimate interests above.
·Your account username, per the legitimate interests above, as well as to help with customer service needs.
How we use your information
·To provide and maintain our Service to you.
·To help understand how Customers use our Service on an individual and aggregate basis in order to improve it.
·To help with customer service needs, such as troubleshooting issues that you report to us.
·To contact you with important account notifications, such as a failed payment or expiring subscription.
·Other research and analytical purposes such as Service performance, Customer behavior and retention, and common navigations through the Site.
·To provide reports for our Customers on web site traffic.
·To provide anonymized and aggregated reports such as our global web browser and OS marketshare.
How we share your information
We may share your information with service providers or contractors who perform actions or functions on our behalf, but only as necessary to provide and maintain the Service to you. For example, we must share your billing information with our merchant account provider in order to charge you for the Service.
We may also share your information for legal reasons, such as:
·Meeting applicable laws, regulations, legal processes, or enforceable governmental requests.
·In response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
·Detecting, preventing, or otherwise addressing fraud, security, or technical issues.
·Protecting against harm to the rights, property or safety of Droptrim, our Customers, or the public as required or permitted by law.
·Enforcing applicable Terms of Service.
cookies will be used with the Service. All cookies are first party unless otherwise noted. .
To the best of our ability, we protect all of our data from loss, misuse, and unauthorized access and destruction.
Secure (HTTPS) access is forced for our Site to help keep your information, including login credentials, secure in transit. You are responsible for using a strong and unique password for the Site to help keep your account secure. We are not responsible for any unauthorized activity on your account because of lost, weak, or compromised passwords.
Personal Data rights
EU and Swiss citizens have the legal right to access, correct, and delete their Personal Data, per the General Data Protection Regulation (GDPR), with some exceptions. California residents have similar rights and exceptions, per the California Consumer Privacy Act (CCPA).
Customers may contact us directly to access or delete their data. End Users, with whom we we have no direct relationship, should send their inquiries directly to the Customer in question, as we are considered simply a "Data Processor" per the GDPR and a "Service Provider" per the CCPA. End Users may opt out of tracking entirely if desired, also known as "Do not sell my personal information" in California.
If we receive a request from an End User in relation to Personal Data processed for a Customer, we will advise the End User to submit their request to Customer, and Customer will be responsible for responding to such request using the tools we have provided on our Site for handling Personal Data requests. Customer agrees to use all reasonable measures to verify the identity and location of an End User before sharing or modifying Personal Data.
Customers can export their data using the or the export function, or delete their account using the link at the top of the user page.
We retain Personal Data on behalf of our Customers for as long as needed to provide our Service to them, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
The CCPA requires us to disclose the information we have collected and "sold" over the last 12 months. This is covered in Information we collect.
Do Not Track
Yes, we do honor the Do Not Track (DNT) setting from browsers which support this.
Do not track is a setting from your browser which, after you enable it, it will tell the sites that you visit that you do not want to be tracked. Unfortunately, it is not very well supported by browsers as of yet but if we receive this header setting from your browser, we are honoring it!
What if you want to track everyone and skip the DNT setting? It is possible to do that as well if you are a website owner.
To ignore the DNT and to also track those visitors, simply add data-ignore-dnt="true" like in the following example:
We do take privacy and your privacy seriously and we provide you and your users the ability to opt-out of any website that uses our tracking system.
If you are a website owner that uses our tracking services then, we highly recommend you to provide the following option for your users to be able to opt-out of the tracking.
The opt-out process is straight forward and can be done by simply accessing any website that has our tracking code installed and adding the following query parameter in your browser: ?pixel_optout=true
So if your website is https://domain.com/ and you have our pixel tracking code installed, you and your users can opt-out of the tracking by accessing the following URL https://domain.com/?pixel_optout=true.
By doing this, we set a local storage variable in your browser that tells our pixel tracking code to stop and do not further execute. Clearing your local storage, changing the browser or running the site in incognito will enable tracking again as the Opt-Out variable is not set anymore.
Session recording & replay
As you might know, we do provide session recordings and replays. This does not mean that we collect or store sensitive information.
We do not record any information from any input that is either one of the following types: password, email, tel
We do not record any information from any input that has either one of the following input names: username, name, firstname, surname, lastname, familyname, fullname, email, phone, , cell, cellphone, telephone, tel, postcode, postalcode, zip, zipcode, mobile, address, ssn, security, securitynum, socialsec, socialsecuritynumber, socsec, ppsn, nationalinsurancenumber, nin, dob, dateofbirth, password, pass, adgangskode, authpw, contrasena, contrasenya, contrasinal, cyfrinair, contraseña, fjalëkalim, focalfaire, creditcard, cc, ccnum, ccname, ccnumber, ccexpiry, ccexp, ccexpmonth, ccexpyear, cccvc, cccvv, cctype, cvc, cvv
If you have any questions about this Policy or would like to make a complaint, please contact us by email.
Changes to this Policy
This Policy may be updated from time to time, as documented below. We will notify you via your registered email address and/or a notice on this website prior to any significant changes becoming effective regarding Personal Data. You should periodically review this page for the latest information.