Privacy Policy
Effective date: July 3, 2026 · Governing law: State of Delaware, USA
1. Introduction
MarginTrace ("we", "us", or "our") operates the website and services at margintrace.io. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
By using the Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Information you provide directly: When you sign up for early access or create an account, we collect your email address. We do not require a credit card, full name, or company name to get started.
API keys (session-only): To connect your third-party accounts (e.g., Stripe, OpenAI, Anthropic), you may provide API keys. These keys are used only within the scope of your current session to retrieve analytics data and are never stored, logged, or transmitted beyond the immediate request.
Usage data: We automatically collect information about how you interact with the Service, including pages visited, features used, and session timing. This is collected through our analytics provider (PostHog) and is used solely to improve the Service.
Log data: Our servers may automatically record standard HTTP log data including your IP address, browser type, referring URL, and request timestamps. This data is retained for a limited period for security and debugging purposes.
3. Read-Only Third-Party Integrations
MarginTrace connects to third-party platforms (such as Stripe and OpenAI) using API keys you provide. All such connections are strictly read-only. We retrieve data (such as revenue figures, LLM usage statistics, and customer records) solely to compute and display analytics.
We do not store your Stripe or OpenAI data beyond the duration of your session. We never write to, modify, or delete records in any connected third-party account. MarginTrace never holds, moves, or has custody of your funds.
4. How We Use Your Information
We use the information we collect to:
- Operate, maintain, and improve the Service.
- Send you product updates, onboarding emails, and important notices.
- Respond to your inquiries and provide customer support.
- Monitor and analyze usage patterns to improve user experience.
- Detect and prevent fraud, abuse, or security incidents.
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.
5. Data Sharing
We may share your information with third parties only in the following circumstances:
- Service providers: Vendors who help us operate the Service (e.g., hosting, email delivery, analytics). They process data on our behalf and are contractually bound to protect it.
- Legal requirements: When required by law, court order, or governmental authority.
- Business transfers: In connection with a merger, acquisition, or sale of assets, where user data may be transferred to the successor entity.
6. Data Retention
We retain your email address and account data for as long as your account is active or as needed to provide the Service. Usage and analytics data is retained for up to 24 months and then aggregated or deleted.
API keys and third-party data retrieved during a session are not persisted beyond the session and are never retained in our databases.
7. Your Rights and Data Deletion
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate personal data.
- Request deletion of your personal data.
- Withdraw consent where we rely on consent to process your data.
- Object to or restrict certain processing activities.
To request deletion of your account and personal data, email us at legal@margintrace.io with the subject line "Data Deletion Request" and include the email address associated with your account. We will confirm receipt within 5 business days and complete deletion within 30 days, except where retention is required by law.
8. Cookies and Tracking
We use cookies and similar technologies to maintain session state and collect analytics data. You may configure your browser to refuse cookies; however, some features of the Service may not function correctly without them.
Our analytics provider (PostHog) collects anonymized behavioral data. PostHog is configured to honor browser do-not-track signals where technically feasible.
9. Security
We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. All data in transit is encrypted using TLS.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
10. Children's Privacy
The Service is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us at legal@margintrace.io and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects when the policy was last revised. We will notify registered users of material changes by email. Continued use of the Service after the effective date constitutes acceptance of the revised policy.
12. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of the State of Delaware, USA, without regard to conflict of law provisions.
13. Contact
For privacy inquiries, data access requests, or data deletion requests, contact us at:
MarginTrace · margintrace.io