PL
PerchLens

Privacy Policy

Last updated: May 2, 2026

1. Who we are

PerchLens is a privacy-friendly web analytics service. The Service is operated by nxyz("PerchLens", "we", "us", "our").

Two roles, one policy.When you use PerchLens to analyse traffic on your own website, you are the data controller for your visitors' data and we are your data processor. When you sign up for an account with PerchLens, we are the data controller for the personal data you give us directly. This policy covers both roles.

2. What our tracker collects from your visitors

Our tracking script is cookieless and runs entirely without persistent identifiers. For each pageview, it sends the following to our servers:

  • Page URL, path, and title
  • Referrer URL (where applicable)
  • UTM campaign parameters in the URL
  • Browser, operating system, and device class (parsed server-side from the User-Agent header)
  • Country and (in some cases) city — derived by Vercel from the request IP at the edge and passed to us as a header
  • Browser language
  • Screen width
  • A short-lived session ID (a hash of site ID + date + language + screen dimensions, stored in sessionStorage for up to 24 hours; never set as a cookie, never shared across sites)

We also process a small number of behavioural events when relevant: outbound clicks, file downloads, form submissions, JavaScript errors, scroll depth milestones, copy-to-clipboard length, and rage clicks. Heatmap clicks (where enabled) are sampled at 25% and stored as percentile coordinates only — not as exact pixel positions tied to a viewport.

What our tracker does NOT collect

  • IP addresses are not stored in our analytics database. The IP is used only at the edge to derive country/city and to enforce rate limits, then discarded.
  • No cookies are set by the tracker. No localStorage. No IndexedDB.
  • No names, email addresses, phone numbers, or other directly identifying personal data.
  • No browser fingerprints. No canvas, audio, or font fingerprinting.
  • No cross-site tracking. The session ID is salted with the site ID so it cannot be used to follow a visitor between domains.
  • No content of forms, no keystrokes, no clipboard contents.

Our lawful basis under GDPR is the legitimate interest of website operators in measuring aggregated traffic on their own sites (Article 6(1)(f)). Because the tracker does not collect personal data or use cookies, it does not require visitor consent under GDPR or PECR. You do not need to add a cookie banner to use PerchLens.

3. What we collect from PerchLens account holders

When you sign up, we collect or receive:

  • Email address and (if provided) name, via Clerk
  • OAuth identifiers if you sign in with Google or GitHub via Clerk
  • Website URLs you add and their settings
  • Goals, conversions, team members, scheduled crawl preferences
  • Encrypted Google Search Console refresh tokens (if you connect GSC; read-only scope, AES-256-GCM at rest)
  • Google Analytics 4 Measurement ID (if you store one — display only, we do not call the GA4 API)
  • Subscription metadata from Paddle (plan, status, renewal date) — we never see or store full payment-card details

Our lawful basis for processing this data is performance of our contract with you (Article 6(1)(b)) and our legitimate interest in operating and securing the Service (Article 6(1)(f)).

4. AI processing

When you ask for AI-generated GEO recommendations or AI insights, we send a compact summary of yoursite's aggregate analytics — site name, URL, top pages, traffic source breakdown, AI-engine traffic share — to a large-language-model provider. The summary contains no visitor personal data; it is exclusively numbers and the path strings of pages on your own website. We never send raw events, IPs, or anything tied to an individual visitor.

Our model provider chain is: OpenRouter (preferred), DeepSeek, then Anthropic (fallback). Each provider has its own data-handling and training-opt-out policies, which you can review on their websites. We do not opt your data into model training; if you have specific training-exclusion requirements (for example, regulated data), email privacy@perchlens.com and we will configure your account to skip AI features.

5. Cookies

Tracker: zero cookies. Period.

PerchLens dashboard: we set a single first-party session cookie via Clerk to keep you logged in. It is strictly necessary to operate the Service and is exempt from consent under PECR Regulation 6(4)(b) and the equivalent ePrivacy carve-outs. Paddle.js sets its own checkout cookies only when you start a paid upgrade, and only on the upgrade page.

We do not use marketing cookies, tracking pixels, Google Analytics, Meta Pixel, or any cross-site advertising network on the dashboard or marketing pages.

6. How we use data

  • Provide analytics dashboards, reports, and exports to you
  • Send transactional emails you have opted in to (daily digest, weekly report, monthly report, anomaly alerts, uptime alerts, usage alerts)
  • Detect and block abuse, fraud, and over-quota traffic
  • Process payments through Paddle
  • Improve the Service (aggregate trends, never per-visitor)

We do not sell, rent, or share your data or your visitors' data with third parties for marketing purposes. Ever.

7. Sub-processors

We rely on the following sub-processors. Each is bound by a written data-processing agreement and is required to apply industry-standard security measures.

  • Vercel — hosting + edge network (United States)
  • Clerk — authentication and user management (United States)
  • Neon — relational database for accounts and settings (United States)
  • Supabase — analytics event store (United States)
  • Upstash — Redis cache and rate-limit store (global)
  • Paddle — merchant of record, billing, and tax (United Kingdom + global)
  • Resend — transactional email delivery (United States)
  • OpenRouter, DeepSeek, Anthropic — large-language-model providers used only when AI features are invoked
  • Google — only if you connect Google Search Console; we use a read-only scope (webmasters.readonly)
  • TinyTalk — support chat widget; loads only when you open the bubble (European Union)
  • DuckDuckGo — favicon image proxy for displaying site icons in the dashboard

We will give 30 days' notice via the in-product changelog before adding or replacing a sub-processor. If you are an Enterprise customer with a written DPA, we follow the notice mechanism stated there.

8. International data transfers

The majority of our processing happens on infrastructure located in the United States. If you are based in the European Economic Area, the United Kingdom, or Switzerland, your data may be transferred to and processed in the United States or other countries where our sub-processors operate. Where required, transfers are protected by Standard Contractual Clauses (Module 3 controller-to-processor) and the UK International Data Transfer Addendum.

9. Data retention

Analytics events are retained per your subscription tier:

  • Free — 7 days
  • Pro — 1 year
  • Business — 5 years

Account data (your email, sites, settings) is retained for as long as your account is active. When you delete a site, its analytics events are removed within 30 days. When you delete your account, all your account data is deleted within 30 days, except where we are required to retain billing records to comply with tax law (typically 7 years).

10. Your rights

Under GDPR, UK GDPR, CCPA/CPRA, and other comparable laws, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Receive a copy of your data in a portable format (analytics export is available via API)
  • Object to or restrict our processing
  • Withdraw consent where consent is the legal basis (e.g. opt-in email reports)
  • Lodge a complaint with your local data-protection authority

To exercise any of these rights, email privacy@perchlens.com. We respond within 30 days. We do not charge a fee for reasonable requests.

If you are a website visitorand want your data removed from a customer's PerchLens account, please contact the website operator directly — they are the data controller for that data. We will assist them in honouring the request.

11. Data Processing Agreement (DPA)

A Data Processing Agreement is available to all paying customers on request, at no charge. Email privacy@perchlens.com with your account email and we will send a countersigned copy.

12. Do Not Track and Global Privacy Control

Our tracker does not currently change behaviour based on the DNT header or the Global Privacy Control signal, because the tracker does not collect personal data, set cookies, or share data with advertising networks — there is nothing to opt out of. We will revisit this position if regulations or industry consensus shift.

13. Security

We use TLS 1.2+ for all data in transit. Credentials such as Google OAuth refresh tokens are encrypted at rest with AES-256-GCM. Our analytics functions run with row-level security and are not directly callable by unauthenticated clients. We notify affected customers without undue delay (and within 72 hours where applicable under GDPR Article 33) in the event of a personal-data breach.

14. Children

The Service is not intended for users under 16 years of age. We do not knowingly collect data from children. If you become aware that a child has provided personal data to us, please contact privacy@perchlens.com and we will delete it.

15. Changes

We may update this policy from time to time. Material changes will be announced via email and via the in-product changelog at least 14 days before they take effect. The latest version is always at this URL.

16. Contact

Privacy questions, data subject requests, and DPA requests: privacy@perchlens.com.
General support: support@perchlens.com.