← Back

Privacy

Last updated: May 5, 2026

What Google data we access

When you sign in, we request read-only access to your Google Analytics data through the analytics.readonly scope. That means we can view your traffic reports but we cannot modify your analytics setup, create goals, change filters, or do anything other than read.

Specifically, we pull: session counts, traffic source names, landing page paths, and daily session totals — just enough to build your AI traffic report.

How we use your data

Your Google Analytics data is used for one thing: generating your AI traffic report. We look at traffic sources to identify sessions from AI tools (ChatGPT, Perplexity, Claude, etc.) and show you the results. That's it. We do not use your data for advertising, analytics, market research, or anything else.

What we store

Your Google access tokens are stored in an encrypted session cookie on your device. You can clear it at any time by clearing your browser cookies.

We also save a summary of each scan to our database. This includes your Google account email, the Google Analytics property ID and name, and aggregate numbers from your report, for example total AI sessions, top source, and top page. We do not store your raw analytics data or individual visitor records.

If you subscribe to the weekly digest, we additionally store your digest email address and an AES-256 encrypted copy of your Google refresh token in our database. The refresh token is used solely to fetch your GA4 data each week to generate your digest. It is never logged or shared.

Weekly digest emails

If you opt in to the weekly digest, we will send you a weekly email summarising your AI traffic. You can unsubscribe at any time using the unsubscribe link in every digest email, or by clicking "Edit" in the digest card on your results page.

Digest emails are sent via Resend. Your email address is shared with Resend solely for the purpose of delivering your digest. Resend acts as a data processor and does not use your address for any other purpose.

Sharing and third parties

We do not sell, rent, trade, or share your Google user data with any third party. We do not transfer your data to anyone else for any reason — not for advertising, not for analytics, not at all. Your data stays between you and this app.

Data protection

  • All traffic between your browser and our servers is encrypted over HTTPS
  • Access tokens are stored in encrypted, HTTP-only session cookies
  • Google refresh tokens (for digest subscribers) are encrypted with AES-256 before storage
  • We use Supabase (with row-level security) for database storage
  • Our servers run on Cloudflare Workers with no persistent disk access

Data retention and deletion

Session cookies expire when you close your browser or clear cookies. Scan summaries are retained in our database indefinitely so you can compare reports over time.

You can delete your data at any time:

  • Clear your browser cookies to remove your session
  • Click "Disconnect" in the app to end your session
  • Use the unsubscribe link in any digest email to cancel your digest subscription
  • Click "Edit" in the digest card on your results page to remove properties or cancel
  • Revoke access in your Google Account permissions
  • Email us at info@lovedby.ai to request deletion of your stored scan summaries or digest subscription data

Google API Services Limited Use Disclosure

This app's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Changes to this policy

If we update this policy, we'll post the changes here with a new "last updated" date. If the changes are significant, we'll also show a notice within the app.

Contact

Questions? Reach out at info@lovedby.ai.