Privacy Policy

Last updated: 15 November 2025

This Privacy Policy explains how AIPIMetrics (“we”, “us”, “our”) collects, uses, and protects information when you visit our website, sign in to the AIPIMetrics app, or send events to our /collect endpoint.

By using AIPIMetrics, you agree to this Privacy Policy. If you do not agree, please do not use the service.

1. Scope

This policy covers:

  • Visitors of aipimetrics.com and app.aipimetrics.com
  • Registered users signing in via Google
  • Telemetry and business signals sent to our /collect endpoint

This is a Private Beta product. Functionality, data flows, and this policy may evolve as the product matures. We will keep changes reasonable and documented.

2. Data roles: controller vs. processor

For most personal data about your end-users (contained in events you send to AIPIMetrics), you act as the data controller. AIPIMetrics acts as a data processor that stores and computes metrics on your behalf.

For account-level data about you as a user of AIPIMetrics (your login, billing contact in the future, etc.), we act as the data controller.

3. Data we collect

3.1 Account & authentication data

When you sign in to AIPIMetrics, we receive:

  • Google account identifier (UID generated by Firebase Auth)
  • Your email address
  • Your display name and avatar (if provided by Google)
  • Time and method of sign-in

We use this information to authenticate you, secure access to your project, and (later) to communicate about your account and product updates.

3.2 Product telemetry & business signals

When you or your applications send events to the AIPIMetrics /collect endpoint, we store:

  • Technical metrics such as latency, error flag, cost per request
  • Quality proxy such as accuracy estimates (0–1)
  • Optional token counts and model identifiers
  • Optional business signals such as time saved, units processed, capacity, conversion uplift, and similar metrics you choose to send
  • Optional context such as feature name, use case, tags, and free-form notes
  • Metadata such as timestamp, user ID (of the account using AIPIMetrics)

You should only send telemetry‑level metrics to AIPIMetrics. The Service is not intended for raw prompts, user messages, documents, or any end‑user content. Do not send full messages, emails, personal data, or any information that directly identifies natural persons. If you need to represent such content for business metrics (e.g., time saved), you must send it only in aggregated or redacted form.

3.3 Service logs & diagnostics

Our infrastructure providers (e.g. Google Cloud) and our own systems may log:

  • IP address, user agent, and basic request metadata
  • Errors and performance logs for Cloud Functions and Hosting
  • Authentication events (success, failure, blocked sign-in)

We use these logs to operate, secure, and debug the service.

3.4 Cookies and local storage

AIPIMetrics uses cookies and browser storage primarily for:

  • Session management and authentication
  • Basic UX preferences (e.g. UI state)

We do not run invasive tracking or third-party advertising cookies in Private Beta. If that changes in the future, this policy will be updated.

4. How we use your data

We use collected data to:

  • Authenticate users and secure access to their projects
  • Compute AIPI Scores and related aggregates (7d/30d windows)
  • Show you dashboards, trends, and business metrics in the app
  • Operate, monitor, and improve the reliability and performance of AIPIMetrics
  • Communicate essential product and security updates

We do not sell your data, and we do not use your AI telemetry to build unrelated advertising profiles.

If you are located in the European Economic Area or the UK, we process your personal data based on:

  • Contract performance – to provide AIPIMetrics in line with our Terms of Service.
  • Legitimate interests – to secure and improve the platform, prevent abuse, and understand aggregate product usage.
  • Consent – where required by law (for example, for certain cookies or marketing communication).

6. Data retention

We generally follow these retention principles:

  • Account data – kept for as long as your account is active and for a reasonable period afterwards for security, audit, and legal purposes.
  • Events and aggregates – kept for the duration of your usage of the service; in the future, you may be able to configure retention windows per project.
  • Logs – kept for a limited period needed for security and operational debugging, then deleted or anonymized.

You can request deletion of your account and associated data by contacting us (see the Contact section below). Some anonymized or aggregated data may be retained, as it no longer identifies you.

7. Security

We run AIPIMetrics on reputable cloud infrastructure with built-in security features (such as encrypted storage and transport, access control, and logging).

We implement measures such as:

  • Encryption in transit (HTTPS) and at rest for stored data
  • Access control based on least privilege for production systems
  • Audit logs and monitoring for suspicious activity

No system is perfectly secure. You are responsible for the data you send to AIPIMetrics and for securing your own credentials, API keys, and client systems.

8. Service providers (sub-processors)

To provide AIPIMetrics, we rely on a small set of infrastructure and service providers, for example:

  • Cloud hosting, functions, and database services
  • Authentication (OAuth) and identity management
  • Error tracking and basic operational analytics (if enabled)

These providers act as sub-processors and may process data on our behalf under appropriate data protection terms. A more detailed list of sub-processors will be made available as the product moves beyond Private Beta.

9. International data transfers

AIPIMetrics may process data in a compliant cloud region and, where necessary, transfer data to other countries where our infrastructure providers operate.

When data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms offered by our cloud providers.

10. Your rights

Depending on your location and applicable law, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data, within legal limits
  • Restrict or object to certain types of processing
  • Request data portability where technically feasible
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority, especially in the EU/EEA or UK

To exercise your rights, contact us using the email below. We may need to verify your identity before responding.

Our website and documentation may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Please review their privacy policies separately.

12. Children

AIPIMetrics is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected such data, contact us and we will take appropriate steps to delete it.

13. Changes to this Policy

We may update this Privacy Policy from time to time, especially while AIPIMetrics is in Private Beta. When we do, we will adjust the “Last updated” date at the top of this page and, where appropriate, notify you in the app or by email.

14. Contact

If you have questions about this Privacy Policy or how we handle data, you can contact us at:

Email: aipimetrics@gmail.com