Privacy Policy
Last updated: March 18, 2026
Neumetrics ("we," "our," or "us") operates the Neumetrics platform at neumetrics.ai and app.neumetrics.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.
1. Information We Collect
Account Information: When you connect your Shopify store, we receive your store domain and an access token to read your store data. We do not collect passwords.
Platform Data: With your authorization, we access data from connected platforms including Shopify, Meta Ads, Google Ads, TikTok Ads, Google Analytics 4, and Klaviyo. This includes order data, advertising metrics, campaign performance, and analytics data.
Contact Information: If you contact us through our website, we collect your name, email address, and message content.
Usage Data: We collect standard log data including IP address, browser type, pages visited, product analytics, and diagnostic information to improve our service, monitor reliability, and troubleshoot issues.
2. How We Use Your Information
- To provide and maintain our analytics dashboard and AI-powered insights
- To display your marketing and sales data in a unified view
- To generate AI briefings and respond to your questions via Ask Aren
- To improve and optimize our service
- To respond to your inquiries and provide support
3. Data Storage and Security
Your data is stored securely using Supabase (hosted on AWS) with encryption at rest and in transit. API credentials and access tokens are stored encrypted and are never exposed to the client side. We use HTTPS for all data transmission.
We implement industry-standard security measures including:
- Encrypted data storage and transmission (TLS 1.2+)
- Secure token management for third-party platform access
- Rate limiting on API endpoints
- Regular security reviews
4. Data Sharing
We do not sell, trade, or rent your personal information to third parties. We may share data with:
- Service Providers: We use service providers including Supabase (database), Vercel (hosting), Railway (backend hosting), Cloudflare (DNS/CDN), Anthropic and Google (AI processing), Pinecone (vector search), PostHog (product analytics), and Sentry (error monitoring) to operate our service. These providers only access data necessary to perform their functions.
- AI Processing: When you use Ask Aren, AI briefings, or creative analysis features, relevant store data, prompts, and uploaded media may be sent to AI and retrieval providers such as Anthropic, Google, and Pinecone to generate insights and search results. We configure third-party providers to process only the data needed for the requested feature.
- Legal Requirements: We may disclose information if required by law or to protect our rights.
5. Data Retention
We retain store data, analytics history, AI conversation history, briefings, saved preferences, integration data, and derived aggregates for as long as your account or store connection is active so the dashboard, Ask Aren, and reporting features can work across historical periods. Some provider reads use freshness windows, such as approximately 4 hours for Klaviyo cache reads and approximately 1 hour for Meta and Google Ads cache reads. These freshness windows control when we refresh data; they are not automatic deletion periods.
When Shopify sends an app uninstall webhook, we immediately clear the stored Shopify Admin access token and queue deletion of shop-scoped cached data, analytics rows, conversations, AI memory, briefings, integration connections, rate-limit counters, chat media, and related operational data. We may retain a credential-free shop shell and scrubbed operational audit records to support reinstall safety, fraud prevention, debugging, and compliance. If Shopify sends a shop redaction webhook or you request deletion, we delete the shop row and scrub retained audit metadata so it no longer contains store identifiers or raw webhook payloads. Customer redaction requests remove customer cache records and clear customer-identifying fields from stored orders.
If a deletion request cannot be completed immediately because of technical constraints, we will complete it within 30 days unless a longer period is required by law or needed for legitimate security, fraud-prevention, or compliance reasons.
6. Your Rights
You have the right to:
- Access the data we hold about your store
- Request deletion of your data
- Disconnect any platform integration at any time
- Opt out of AI-powered features
7. Cookies
Our app uses localStorage and similar browser storage to save preferences, preserve session context, and support product functionality. We may also use first-party analytics and diagnostic technologies to understand product usage and reliability. We do not sell your data or use advertising cookies to profile you across unrelated sites.
8. Third-Party Platforms
When you connect third-party platforms (Shopify, Meta, Google, TikTok, Klaviyo, etc.), we access data according to the permissions you grant. We only request the minimum scopes necessary to provide our service. You can revoke access at any time through the respective platform's settings.
9. Children's Privacy
Our service is not directed to individuals under 18. We do not knowingly collect information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
11. Contact Us
If you have questions about this Privacy Policy or your data, contact us at: