TrafficTap GA4 logoTrafficTap GA4

Privacy Policy

Effective date: October 26, 2025

Last updated: 12/17/2025

Introduction

TrafficTap is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our Chrome extension that provides Google Analytics 4 (GA4) insights directly on web pages.

We believe in transparency and your right to control your data. TrafficTap operates with read-only access to your analytics data and never sells or shares your personal information with third parties.

Information We Collect

1. Personal & Authentication Information

When you authenticate with TrafficTap using Google OAuth, we collect:

  • Your email address
  • Your Google account profile information (name, profile picture)
  • Google OAuth access and refresh tokens for GA4 API access
  • JWT authentication tokens for session management

Purpose: Required for secure authentication and accessing your Google Analytics 4 data.

2. Analytics Data (Read-Only Access)

We access your Google Analytics 4 data in read-only mode only. This includes:

  • Page views and traffic metrics
  • User sessions and engagement data
  • Traffic sources and referral information
  • Device and browser information
  • Geographic and demographic data
  • Conversion and event data

Purpose: To display GA4 insights and analytics overlays on webpages. We NEVER modify, delete, or export your GA4 data.

3. Payment Information (Paid Plans Only)

For users subscribing to PLUS ($10/month) or PRO ($20/month) plans:

  • Payment method information (processed through Stripe)
  • Billing address and contact information
  • Subscription status and plan tier
  • Transaction history and payment receipts

Purpose: Process recurring payments and manage your subscription. Credit card data is encrypted and handled by Stripe; we do not store it on our servers.

4. Usage Information

We collect non-personal usage information:

  • Which features you access
  • Reports you generate
  • Extension usage patterns
  • Browser and operating system information
  • Error and performance logs

Purpose: To improve our extension's performance and features.

How We Use Your Information

  • Display GA4 insights: Show analytics data as overlays on web pages you visit
  • Authentication: Authenticate your access to Google Analytics accounts securely
  • Payment Processing: Process subscription payments through Stripe for paid plans
  • Customer Support: Respond to your inquiries and provide technical support
  • Service Improvements: Optimize performance and develop new features
  • Communications: Send service updates, security notifications, and billing notices

Important: We NEVER sell, rent, lease, or share your personal data with third parties for marketing purposes. We do not use your data for advertising.

Third-Party Services

TrafficTap uses the following third-party services:

Google Analytics 4 API

Provides analytics data. Google processes your data according to their Privacy Policy. We only request read-only access.

Stripe

Processes payments for PLUS and PRO subscriptions. Stripe handles payment data securely. See Stripe's Privacy Policy for details.

Supabase

Stores your account data, authentication tokens, and subscription information. Supabase provides enterprise-grade security and compliance.

Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations:

Account data: Retained while your account is active. You can request deletion anytime.

Authentication tokens: Refreshed regularly and expired automatically. Deleted upon logout or account deletion.

Usage data: Aggregated and anonymized after 12 months, then deleted.

Payment records: Retained for 7 years for accounting and tax compliance (handled by Stripe and our accountants).

Google Analytics access: Revoked immediately upon account deletion or when you remove the extension.

Security

We implement industry-standard security measures to protect your information:

  • Encrypted data transmission using HTTPS/TLS 1.2 or higher
  • Secure authentication through Google OAuth 2.0 and JWT tokens
  • Regular security audits and penetration testing
  • Limited access to personal data on a need-to-know basis
  • Secure storage with encryption at rest
  • No remote code execution (all code bundled locally in the extension)

Your Rights

You have complete control over your data and can exercise the following rights:

Access & Portability

Request a copy of your personal data in a portable format (JSON/CSV)

Correction

Update or correct any inaccurate personal information in your account

Deletion

Request permanent deletion of your account and associated data

Revoke Access

Revoke TrafficTap's access to your Google Analytics data anytime

To exercise any of these rights, contact us at support@ocwebfirm.com. We will respond within 30 days.

GDPR & Privacy Laws Compliance

TrafficTap complies with global privacy regulations including GDPR, CCPA, and other data protection laws. If you have rights under these laws, please contact us to exercise them.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or by posting a notice on our website. Your continued use of TrafficTap constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

Email: support@ocwebfirm.com

Support:Contact Form

Response Time: We respond to privacy requests within 30 days