Privacy Policy

Last updated: October 20, 2025

1. Introduction

Welcome to ScriptVitals ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web performance monitoring platform.

2. Information We Collect

2.1 Account Information

  • Name and email address
  • Company name and billing information
  • Password (encrypted)
  • Account preferences and settings

2.2 Performance Data

  • Core Web Vitals metrics (LCP, FCP, CLS, INP, TTFB)
  • 3rd-party script performance data
  • Page URLs and navigation timing
  • User agent and device information
  • Geographic location (country-level)
  • Session and pageview data

2.3 Usage Data

  • Dashboard interactions and feature usage
  • API requests and responses
  • Log data and error messages

3. How We Use Your Information

We use the collected information for:

  • Service Provision: To provide, maintain, and improve our performance monitoring services
  • Analytics: To generate performance insights and optimization recommendations
  • Communication: To send service updates, security alerts, and support messages
  • Billing: To process payments and manage subscriptions
  • Security: To detect and prevent fraud, abuse, and security incidents
  • Compliance: To comply with legal obligations

4. Data Retention

We retain your data for different periods depending on the type:

  • Account Data: Retained until account deletion
  • Performance Data: Retained according to your plan (30 days to unlimited)
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Support Tickets: Retained for 3 years

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service Providers: Cloud hosting (Neon, ClickHouse), payment processing (iyzico), and infrastructure providers
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/SSL)
  • Encryption at rest for sensitive data
  • Regular security audits and penetration testing
  • Access controls and authentication
  • Automated backup and disaster recovery

7. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a machine-readable format
  • Object: Object to certain processing activities
  • Restrict: Request restriction of processing

To exercise these rights, contact us at privacy@scriptvitals.com

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential: Authentication and security
  • Functional: Remember your preferences
  • Analytics: Understand how you use our service (using our own platform)

You can control cookies through your browser settings.

9. Third-Party Services

Our platform integrates with:

  • Cloud Infrastructure: Vercel (hosting), Neon (PostgreSQL), ClickHouse Cloud
  • Payment Processing: iyzico (payment gateway)
  • Communication: Email service providers

These services have their own privacy policies governing their use of your information.

10. International Data Transfers

Your data may be processed in countries outside your residence. We ensure adequate protection through:

  • Standard contractual clauses
  • Data processing agreements
  • Adequacy decisions by relevant authorities

11. Children's Privacy

Our service is not directed to children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or dashboard notification. Continued use of our service after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

GDPR & CCPA Compliance: ScriptVitals is committed to compliance with GDPR (EU) and CCPA (California). We respect your privacy rights and provide tools to manage your data. For data subject requests, contact us at privacy@scriptvitals.com