Privacy Policy

Analygo ("we", "us", or "our") operates a software-as-a-service platform, including analygo.co and app.analygo.co (the "Platform"). This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, create an account, or use the Analygo Auditor application.

We are committed to processing personal data lawfully, fairly, and transparently, in line with applicable data protection laws including the UK GDPR and EU GDPR where relevant.

We may collect and process the following categories of information:

• Account Information:Name, email address, company name, and authentication details provided when registering or logging into the Platform.
• Google Account Data (via OAuth):If you choose to connect your Google account, we access specific Google Tag Manager data in accordance with the permissions you grant.
• Technical & Usage Data:IP address, browser type, device information, timestamps, and interaction data relating to use of our website and application.

Analygo Auditor uses the Google Tag Manager API with read-only access to accounts and containers for the sole purpose of performing configuration audits.

We only request the minimum scope required to read account and container configuration data. We do not modify, publish, or manage your Google Tag Manager containers.

We do not access or process end-user behavioral analytics data. Our access is limited strictly to configuration metadata necessary to generate audit reports.

Google user data obtained through Google APIs is not sold, rented, transferred, or disclosed to third parties except as required to provide the core functionality of the Platform or as required by law.

Our staff do not read your Google Tag Manager configuration data. Human access to this data occurs only with your explicit consent for troubleshooting or support, for security or fraud prevention, or where required by law.

The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We use collected data to:

• Provide and operate the Analygo Auditor platform
• Authenticate users and manage accounts
• Generate audit reports and configuration insights
• Improve system performance and reliability
• Comply with legal and regulatory obligations
• Maintain the security and integrity of our infrastructure

We implement appropriate technical and organizational measures to safeguard personal data and Google user data.

Data is transmitted over encrypted HTTPS connections and stored in secure databases with access controls.

Access to production systems is restricted to authorized personnel and governed by role-based permissions.

Where applicable, OAuth access tokens and refresh tokens are stored securely and encrypted.

Tokens are used solely to enable authorized access to Google Tag Manager data on behalf of the authenticated user.

You may revoke Google access at any time. To revoke access, go to your Google account permissions at https://myaccount.google.com/permissions and remove access for this application.

We retain audit-related data only for as long as necessary to provide the service or until the user deletes their account.

OAuth tokens and related authentication data are deleted upon account deletion or upon explicit revocation of access.

We do not sell or trade personal data or Google user data.

Data may be processed by infrastructure providers acting as data processors under contractual obligations to maintain confidentiality and security.

We may disclose information if required by law, regulation, or valid legal process.

Under applicable data protection laws, you may have rights including:

• Access to your personal data
• Correction of inaccurate data
• Deletion of your account and associated data
• Restriction or objection to processing
• Data portability
• Withdrawal of consent where processing is based on consent

Requests may be submitted using the contact details below. We may require identity verification before processing requests.

To request deletion of your account and associated data: (1) Email us at [email protected] with the subject line "Data deletion request"; (2) We will verify your identity, then permanently delete stored audit data and OAuth tokens, subject to any legal retention obligations.

Where data is processed outside the UK or European Economic Area, we implement appropriate safeguards such as standard contractual clauses or equivalent protections.

We may update this Privacy Policy periodically. The revised version will be posted on this page with an updated effective date.

If you have questions regarding this Privacy Policy or our data practices, you may contact us: