MetricPoints logo
Features Pricing Docs Blog Security Checker FREE TOOL CSP Policy Builder FREE TOOL Login Get Started Features

Privacy Policy

Last updated: September 6, 2025

1. Overview

MetricPoints (https://metricpoints.com) values your privacy. This policy explains what data we collect, how we use it, and the rights you have over your data when using our CSP Collector and Error Tracking services.

2. Information We Collect

  • Account Information: When you register, we collect your name, email, and billing details.
  • CSP Data: We collect Content Security Policy (CSP) violation reports submitted through your websites.
  • Error Tracking Data: We collect error reports, performance metrics, session data, and user interaction data from your websites when using our Error Tracking service.
  • Session Replay Data: When enabled, we may record user sessions including mouse movements, clicks, form inputs, and page interactions for debugging purposes.
  • User Context Data: We may collect user IDs, email addresses, IP addresses, browser information, and device details when provided by your application.
  • Log Data: We may log IP addresses, user agents, and activity for diagnostics and security.
  • Trial Data: During trial periods, we collect additional data including IP addresses, device fingerprints, and usage patterns to prevent trial abuse.
  • Payment Information: We collect payment method details through our secure payment processor (Stripe).
  • Turnstile Data: We use Cloudflare Turnstile for bot protection, which may collect technical information to verify human users.

3. How We Use Your Data

  • To provide, maintain, and improve our CSP Collector and Error Tracking services
  • To analyze traffic and usage patterns for CSP violation reporting
  • To monitor and analyze error patterns, performance metrics, and user behavior for debugging purposes
  • To provide session replay functionality for error debugging and user experience analysis
  • To send notifications about errors, performance issues, or security violations via email, Slack, or webhooks
  • To bill for your subscription and calculate overages
  • To communicate with you about service updates or issues
  • To detect and prevent trial abuse and fraudulent activity
  • To provide customer support and respond to inquiries
  • To verify human users and prevent automated abuse through Turnstile

4. Data Retention

We retain your data as long as you maintain an active subscription. If your subscription lapses or is terminated, your data may be deleted in accordance with our retention policy.

Data Types and Retention:

  • CSP Reports: Retained according to your plan's storage limits
  • Error Tracking Data: Error reports, session replays, and performance data retained according to your plan's storage limits
  • Account Data: Retained as long as your account is active
  • Session Replay Data: Retained according to your plan's storage limits and may be automatically deleted after a certain period

Trial Data Retention: All trial data (CSP and Error Tracking) is retained for 30 days after trial expiration unless you convert to a paid subscription. Trial abuse detection data may be retained longer for security purposes.

5. Trial Abuse Prevention

We offer different trial periods for our services: 7 days for CSP Collector and 30 days for Error Tracking. To prevent trial abuse and ensure fair service usage, we may collect and analyze:

  • IP addresses and geographic location data
  • Device fingerprinting information (browser type, screen resolution, etc.)
  • Usage patterns and frequency of access
  • Email address patterns and domain analysis
  • Error tracking usage patterns and data volume

This data is used solely to detect and prevent trial abuse. We do not use this information for marketing or other purposes.

6. Sharing of Data

We do not sell your personal information. We may share data with trusted third-party service providers (e.g., payment processors) under confidentiality agreements. Data may also be shared as required by law.

7. Security

We implement industry-standard technical and organizational measures to protect your data. However, no system is completely secure, and we cannot guarantee absolute security.

8. Session Replay and User Tracking Privacy

Our Error Tracking service includes session replay functionality that may record user interactions on your website. This feature is designed to help you debug errors and improve user experience. Important privacy considerations:

  • Data Collection: Session replays may capture mouse movements, clicks, form inputs, page scrolls, and other user interactions
  • Sensitive Data: We automatically mask sensitive information such as passwords, credit card numbers, and personal identification numbers
  • User Consent: It is your responsibility to inform your website users about session recording and obtain necessary consents under applicable privacy laws
  • Data Control: You can disable session replay or configure what data is collected through your account settings
  • Retention: Session replay data is retained according to your plan's storage limits and may be automatically deleted
  • Access: Only authorized users in your account can access session replay data

Your Responsibility: You are responsible for ensuring compliance with applicable privacy laws (such as GDPR, CCPA) when using session replay and user tracking features. We recommend implementing appropriate privacy notices and consent mechanisms on your website.

9. Cookies and Tracking

We use cookies and analytics tools to understand how users interact with our site and to provide security features:

  • Analytics Tools: We use Google Analytics, Hotjar, and similar tools to understand user behavior on our website
  • Cloudflare Turnstile: We use Turnstile for bot protection and security verification, which may set cookies and collect technical information
  • Session Cookies: We use session cookies to maintain your login state and provide our services
  • Preference Cookies: We may store your preferences and settings in cookies

You can opt out of analytics tracking using your browser settings or ad-blocking tools. However, some cookies are necessary for the basic functionality of our services.

10. Your Rights

You have the right to access, update, or delete your personal data. To exercise these rights, contact us at [email protected].

11. Children's Privacy

MetricPoints is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy at any time. The latest version will always be available at https://metricpoints.com/privacy.

13. Contact Us

If you have questions about this Privacy Policy or your data, please reach out to us at [email protected].