Privacy Policy

We practice what we preach. This policy explains how we protect
your privacy and respect your users' privacy.

Last updated: September 5, 2025

No Personal
Data Collection

We don't collect, store, or process any personal information from your website visitors.

GDPR Compliant
by Default

No cookies, no consent banners needed. Our analytics respect privacy laws automatically.

Open Source Transparency

Our code is open source. You can verify exactly what data we collect and how we handle it.

What Information We Collect

Data Category What We Collect What We DON'T Collect
Website Analytics
From your visitors
  • Page URLs visited
  • Referrer sources
  • Browser type & version
  • Device type & screen size
  • Country-level location
  • × IP addresses
  • × Personal information
  • × Email addresses
  • × Names or usernames
  • × Exact location data
  • × Cross-site tracking
  • × Fingerprinting data
Account Data
From hosted service users
  • Email address
  • Website URL
  • Chosen username
  • Support communications
  • × Real names (unless provided)
  • × Phone numbers
  • × Physical addresses
  • × Social media profiles
Payment Data
Processed by Stripe
  • Payment method details
  • Billing history
  • Transaction records
  • × Full credit card numbers
  • × CVV codes
  • × Banking information

How We Use Information

Data Type How We Use It What We Never Do
Analytics Data
Visitor behavior data
  • Provide website statistics to you
  • Generate traffic reports and insights
  • Improve analytics accuracy
  • Develop new features
  • × Sell to third parties
  • × Use for advertising
  • × Share between customers
  • × Cross-site tracking
Account Data
Your business information
  • Provide and maintain service
  • Process payments & receipts
  • Send service updates
  • Provide customer support
  • × Sell to marketers
  • × Send promotional emails
  • × Share with partners
  • × Use for profiling
Payment Data
Billing & transactions
  • Process subscription payments
  • Generate invoices & receipts
  • Handle billing disputes
  • Comply with tax requirements
  • × Store full card details
  • × Share with advertisers
  • × Use for credit checks
  • × Sell to data brokers

Data Storage and Security

Hosting Option Data Storage & Control Security Measures
Self-Hosted
Free, on your servers
  • Data stays on your servers
  • Complete data control
  • You set retention periods
  • No external access
  • Your security responsibility
  • Choose your encryption
  • Custom backup strategy
  • Local compliance control
Hosted Service
bamboostats.com
  • EU/US secure data centers
  • Isolated customer data
  • Plan-based retention
  • Easy data export
  • Encrypted in transit & at rest
  • Regular security audits
  • Automatic backups
  • Limited access controls

Data Retention

Data Type Retention Period Deletion Process
Analytics Data
Visitor behavior & stats
  • Self-hosted: Your choice (default 90 days)
  • Hosted Pro: 6-12 months
  • Enterprise: Custom
  • Automatic deletion
  • Manual purge available
  • Export before deletion
  • No recovery after deletion
Account Data
Profile & settings
  • Active accounts: Indefinitely
  • Closed accounts: 30 days
  • Support requests: 2 years
  • Immediate on request
  • Auto-delete after closure
  • Secure data wiping
Billing Data
Payments & invoices
  • Transaction records: 7 years
  • Payment methods: Until removed
  • Invoices: 7 years (legal requirement)
  • Legal compliance deletion
  • Payment cards: Immediate
  • Archived after 7 years

Third-Party Services

Service What We Use What We Don't Use
Payment Processing
Hosted plans only
  • Stripe (secure payments)
  • PCI DSS compliant
  • Industry standard encryption
  • × PayPal data sharing
  • × Credit reporting services
  • × Financial data brokers
Communications
Essential emails only
  • Transactional emails
  • Account notifications
  • Support communications
  • × Marketing automation
  • × Email list brokers
  • × Newsletter platforms
Development & Support
Code & issue tracking
  • GitHub (code hosting)
  • Issue tracking
  • Open source transparency
  • × Google Analytics
  • × Social media pixels
  • × Advertising networks
  • × Tracking pixels

Your Rights

User Type Your Rights How to Exercise
Website Owners
Account holders
  • Access all your account data
  • Correct account information
  • Delete account & all data
  • Export analytics data (CSV)
  • Control retention settings
  • Dashboard settings page
  • Email support request
  • Account deletion button
  • Built-in export tools
  • Privacy settings panel
Website Visitors
Your site users
  • No personal data collected
  • No tracking consent needed
  • Opt out anytime
  • No data sold or shared
  • Disable JavaScript
  • Use ad blockers
  • Contact website owner
  • Nothing required (no cookies)
EU/GDPR Users
Additional protections
  • Right to be forgotten
  • Data portability
  • Object to processing
  • Lodge complaints
  • Email privacy@metricpanda.click
  • Data export tools
  • Account settings
  • Contact data protection authority

International Data Transfers

Hosting Option Data Location International Compliance
Self-Hosted
Your own servers
  • Data stays in your jurisdiction
  • No international transfers
  • You control all locations
  • Local compliance only
  • Your responsibility
  • Local law compliance
  • No cross-border issues
  • Full data sovereignty
Hosted Service
bamboostats.com
  • Primary servers: Canada
  • Backup servers: North America
  • No data in high-risk countries
  • Canadian privacy laws apply
  • GDPR compliant for EU users
  • PIPEDA compliant (Canada)
  • Adequate protection standards
  • No transfers to unsafe countries
Stripe Payments
Third-party processor
  • Stripe's secure infrastructure
  • Limited to payment processing
  • Not analytics data
  • PCI DSS Level 1 certified
  • Global compliance standards
  • Industry standard safeguards

Changes to This Policy

Change Type How We Notify You Your Options
Minor Updates
Clarifications, formatting
  • Update "Last updated" date
  • Document changes in GitHub
  • No active notification required
  • Review changes anytime
  • Compare versions on GitHub
  • Continue using service
Significant Changes
Data practices, rights
  • Email notification to account holders
  • 30-day advance notice
  • Clear explanation of changes
  • Update date & version history
  • Review and accept changes
  • Export your data first
  • Close account if you disagree
  • Contact us with concerns
Legal Requirements
Compliance updates
  • Immediate compliance update
  • Email notification within 48 hours
  • Explanation of legal requirement
  • Link to relevant law/regulation
  • Must comply with new laws
  • Export data if concerned
  • Self-host for more control
  • Contact us for clarification

Contact Us

Questions about this privacy policy or our data practices?

Email

privacy@metricpanda.click

General Support

support@metricpanda.click

GitHub

Open an issue

Ready for Privacy-First Analytics?

Join websites that respect their users' privacy

Self-Host Free View Pricing