Last updated on December 18, 2025.
This Privacy Policy explains, in clear and straightforward terms, how we handle information when you visit our website or use our services. It describes what information we collect, why we collect it, how we use it to operate and improve our services, how long we keep it, and the steps we take to protect it. Our goal is to be transparent about our data practices so you understand exactly what happens to your information and can make informed decisions about using our website.
We are the company that owns and operates this website and provides the analytics services described here. We are responsible for how information is collected and used when you visit our website or use our services. If you have any questions about this Privacy Policy or how we handle data, you can contact us at privacy@usage.io.
For purposes of applicable data protection and privacy laws, including the GDPR and relevant United States privacy laws, the data controller is usage.io, with a principal place of business in Vermont, United States. The company determines how and why personal data is processed in connection with this website and its services. Questions or requests regarding this Privacy Policy may be directed to privacy@usage.io.
This Privacy Policy applies to anyone who visits our website, creates an account, or otherwise uses our services. It covers both casual visitors who browse the site and registered users who interact with our analytics platform. This policy applies regardless of where you are located, as long as you access or use our website or services.
This Privacy Policy applies to all users, visitors, and customers who access or use the website or services, whether as a registered account holder or as an unregistered visitor. It applies to individuals located in the United States as well as individuals located outside the United States, to the extent that applicable data protection and privacy laws apply to such use.
When you create an account or otherwise interact with our services, we collect only the information that is necessary to provide and operate the service.
Specifically, the information we collect directly from you may include:
We intentionally limit the information we collect to what is required for account access, basic communication, and customer support. We do not request sensitive personal details such as government-issued identification numbers, precise location data, or demographic information.
We collect personal information that users voluntarily provide directly to us when creating an account, communicating with us, or otherwise using the services. This information may include name, email address, and authentication credentials, which are stored exclusively in a cryptographically hashed form and are not retained in plain text.
Such information is processed solely for the purposes of account registration, user authentication, service operation, customer support, and related administrative and security functions. We collect and process personal information in a manner consistent with the principles of data minimization and purpose limitation under applicable data protection and privacy laws.
If you choose to subscribe to a paid plan, all payment processing is handled by our third-party payment provider, Stripe. Your full credit card number and payment details are never stored on our systems and are provided directly to Stripe through their secure, PCI-compliant infrastructure.
We retain limited billing information related to your account, such as:
This information allows us to manage your subscription, respond to billing questions, and maintain accurate financial records. We do not use billing information for analytics, marketing, or any purpose unrelated to providing and supporting the service.
Payment processing services for paid subscriptions are provided by Stripe, Inc., a third-party payment processor. Payment card information is collected and processed directly by Stripe in accordance with its security standards and applicable PCI-DSS requirements. The platform does not store full payment card numbers or sensitive authentication data.
The company may retain limited billing and transaction information associated with a user account, including the last four digits of a payment card, payment method type, subscription status, and invoice or transaction identifiers. Such information is retained solely for purposes of subscription management, billing support, financial recordkeeping, fraud prevention, and compliance with applicable accounting, tax, and legal obligations.
We collect basic analytics information to understand how our website and services are used and to help us improve performance, reliability, and usability. This includes high-level information such as which pages are accessed, general usage patterns, and how the service is performing over time.
Examples of analytics information we may collect include:
The analytics data we collect is aggregated and used only to evaluate trends and improve the service as a whole. It is not used to identify, profile, or track individual people, and we do not attempt to link analytics data back to specific users. Our goal is to learn about website usage and performance—not who you are.
The platform collects and processes aggregated analytics and usage data related to interactions with the website and services. Such data is processed for legitimate operational purposes, including monitoring system performance, ensuring reliability, diagnosing technical issues, and improving functionality and user experience.
Analytics data is collected and processed in a privacy-preserving manner and is not intended to identify individual users or be used for behavioral profiling. Where technically feasible, data is aggregated or de-identified prior to analysis, and it is used solely for internal service improvement and operational analysis purposes.
We temporarily process IP addresses to understand general traffic patterns, maintain the security of our services, and help prevent abuse such as automated attacks or misuse. We do not store raw IP addresses. Instead, IP addresses are immediately pseudonymized using a cryptographic salt that changes daily. Because the salt is rotated every day, the same IP address cannot be linked or tracked across different days.
The pseudonymized identifiers created from IP addresses are used only for short-term operational purposes, such as:
These identifiers are automatically deleted after a limited retention period.
We also derive a timezone from system data to support reporting and ensure the service functions correctly. This information is coarse and does not reveal precise location, street-level data, or GPS coordinates. We do not attempt to determine an individual's exact physical location.
The platform processes IP addresses in a pseudonymized form using a cryptographic hashing mechanism combined with a rotating salt value that changes on a daily basis. Raw IP addresses are not stored. The resulting pseudonymized identifiers cannot reasonably be used to identify an individual or to track activity across multiple days.
Pseudonymized IP-derived identifiers are retained for a maximum period of fourteen (14) days and are used solely for security, abuse prevention, system integrity, and limited operational analytics purposes. After this retention period, such identifiers are permanently deleted.
Timezone information may be derived from technical or system-level data for operational, diagnostic, and reporting purposes. The platform does not collect or store precise geolocation data, including GPS coordinates, street addresses, or similarly granular location information.
We do not use cookies, browser storage, fingerprinting, tracking pixels, or any similar tracking technologies. Our website and services do not place files on your device, store identifiers in your browser, or attempt to recognize you across visits or across different websites.
Because we do not rely on these technologies, we do not track your activity over time, build behavioral profiles, or follow you as you browse the internet. You can use our website and services without accepting cookies, managing consent banners, or adjusting browser privacy settings specifically for our platform.
The platform does not use cookies, local storage, session storage, tracking pixels, fingerprinting techniques, or other client-side tracking or storage technologies. No identifiers are written to or read from a user's device in connection with the operation of the services.
As a result, the services do not rely on technologies that require user consent under applicable cookie, ePrivacy, or similar regulations, including the EU ePrivacy Directive and comparable laws. Where applicable, the platform operates without the need for cookie consent mechanisms or tracking disclosures.
We use the information we collect only for purposes that are necessary to operate and support the service. This includes:
We may also use limited, aggregated information to understand how the service is used and to make improvements over time. We do not use personal information for advertising, marketing, cross-site tracking, or profiling, and we do not sell or share data for commercial targeting purposes. Our use of information is focused on making the service work well—not on monetizing user data.
Personal information is processed solely for legitimate business and operational purposes, including account creation and management, service delivery, customer support, billing and payment processing, system security, fraud detection and prevention, compliance with legal obligations, and the maintenance and improvement of the services.
Processing is conducted in accordance with applicable data protection and privacy laws and is limited to what is necessary to achieve the specified purposes. Personal information is not processed for targeted advertising, behavioral profiling, or other purposes incompatible with the original reasons for collection.
We use aggregated and de-identified data to understand broad trends about how our website and services are performing. This includes information such as overall usage volumes, system performance metrics, and general patterns over time. This data is aggregated and anonymized so that it reflects activity at a summary level rather than anything tied to a specific person or account.
Because this information is aggregated and de-identified, it does not identify you and cannot reasonably be used to do so.
Aggregated and de-identified data may be generated from the processing of analytics and operational information. Such data is processed in a manner that does not reasonably permit identification of an individual, either directly or indirectly, and is not linked to personal data.
Aggregated and de-identified data may be used for internal statistical analysis, service monitoring, capacity planning, and operational improvement purposes. To the extent permitted by applicable law, such data may be retained without limitation, as it does not constitute personal data.
We do not sell, rent, or share your personal information with third parties. We do not disclose data for advertising, marketing, analytics resale, or any other commercial purpose. Your information is used only to operate and support the service, and it stays within our systems.
The only circumstances under which we would disclose information are when we are legally required to do so, such as in response to a valid court order, subpoena, or other lawful government request. If permitted by law, we will take reasonable steps to limit the scope of any disclosure and to notify affected users when appropriate.
Personal information is not sold, shared, rented, licensed, or otherwise disclosed to third parties for monetary or other valuable consideration. The company does not engage in data brokering, targeted advertising, or similar data-sharing practices.
Disclosure of personal information may occur only where required to comply with applicable law, regulation, legal process, court order, or lawful governmental request. Where legally permissible, the company will make reasonable efforts to limit disclosures to the minimum amount of information necessary and to provide notice to affected users.
We rely on a small number of trusted third-party service providers to operate and support our infrastructure. This includes cloud hosting providers used to run the website and services, as well as payment processors used to handle billing. These providers help us deliver a reliable, secure service, but they do not get free access to your data.
Service providers are permitted to process information only as necessary to perform services on our behalf and in accordance with our instructions. They are not allowed to use the data for their own purposes, such as advertising, profiling, or resale. We choose providers that implement appropriate security and privacy safeguards and that are widely recognized for operating secure, compliant infrastructure.
The platform engages third-party service providers to support the operation of the website and services, including cloud infrastructure providers (such as Amazon Web Services (AWS)) and payment processing providers. Such third parties act as processors or service providers under applicable data protection and privacy laws.
Service providers process personal information solely on documented instructions from the company and are contractually obligated to implement appropriate technical and organizational measures to protect such information. They are prohibited from using personal information for their own independent purposes and may not disclose such information except as permitted by contract or required by law.
We retain your information only for as long as your account remains active and the data is needed to provide the service. While your account is open, information is kept solely to support account access, billing, security, and normal operation of the platform.
When you close your account, all personal information associated with your account is permanently deleted from our systems. We do not keep backups, archives, or historical copies of personal data after account closure, and we do not retain data for future use or analysis. Once deleted, the information cannot be recovered.
Personal information is retained only for the duration of an active account relationship and only to the extent necessary to fulfill the purposes for which it was collected. The company does not retain personal data beyond account termination for business or analytical purposes.
Upon termination or closure of an account, all associated personal information is permanently deleted from active systems without retention, except where limited retention is required to comply with applicable legal, regulatory, accounting, or tax obligations. Where such obligations apply, retained information is restricted in scope and access and deleted as soon as the obligation no longer applies.
We use reasonable and appropriate security practices to protect information from unauthorized access, misuse, or loss. These measures include access controls that limit who can view or manage data, encryption for sensitive information, and ongoing monitoring of our systems to detect and respond to potential security issues.
While we work hard to safeguard data and follow industry best practices, no system can be guaranteed to be completely secure. For that reason, we continuously review and improve our security practices to reduce risk and respond quickly if issues arise. Protecting the security of our platform and the information it processes is a core part of how we operate.
The platform implements reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized or unlawful access, disclosure, alteration, or destruction. Such measures are proportionate to the nature of the data processed and the risks associated with processing.
Security controls may include, without limitation, access restrictions, encryption, logging and monitoring, and incident response procedures. While no security measures can provide absolute protection, the company regularly reviews and updates its safeguards in accordance with evolving security standards and risk assessments.
Depending on where you live, privacy laws may give you certain rights over your personal information. These rights include:
If you would like to exercise any applicable privacy rights, you can contact us using the email address listed below. We take privacy requests seriously and will respond within the timeframes required by law. We do not discriminate against users for exercising their privacy rights, and we do not require you to create a new account or pay a fee to make a request.
Individuals may have rights under applicable data protection and privacy laws, which may include the right to access personal information, request correction of inaccurate data, request deletion of personal information, restrict or object to certain processing activities, and, where applicable, request data portability.
Requests to exercise such rights may be submitted by contacting privacy@usage.io. Requests will be verified and handled in accordance with applicable law and within required statutory timeframes. The company will not discriminate against individuals for exercising their rights under applicable privacy laws.
Our website and services are intended for a general audience and are not directed to children under the age of 14. We do not knowingly collect personal information from children.
If we become aware that we have collected personal information from a child under 14, we will promptly delete it. If you believe this has occurred, please contact us so we can address the issue.
The services are not directed to, and are not intended for use by, children under the age of fourteen (14). The platform does not knowingly collect, use, or process personal information from children under this age.
If the company becomes aware that personal information has been collected from a child under the applicable age threshold without appropriate authorization, such information will be promptly deleted in accordance with applicable laws, including the Children's Online Privacy Protection Act (COPPA), where applicable.
Our website and services are used by people around the world. As a result, information may be processed or stored in countries other than the one where you live, including in the United States. This can happen, for example, when we use cloud infrastructure or service providers that operate globally.
Regardless of where information is processed, we apply the same privacy and security standards described in this policy. We do not lower protections based on location, and we take reasonable steps to ensure that data is handled securely and in accordance with applicable privacy laws.
Personal information may be transferred to, processed in, or stored in jurisdictions outside of a user's country of residence, including jurisdictions that may not provide the same level of data protection as the user's home jurisdiction.
Where such transfers occur, the company applies appropriate safeguards in accordance with applicable data protection laws, including contractual protections and technical and organizational measures designed to protect personal information and ensure lawful processing.
We may update this Privacy Policy from time to time as our services evolve, our practices change, or legal requirements are updated. When we make changes, we will post the updated policy on this page so you can review the current version at any time.
If the changes are significant, we may also take reasonable steps to provide additional notice, such as updating the effective date or notifying account holders through the service. By continuing to use the website or services after an updated policy is posted, you acknowledge that the revised policy applies.
This Privacy Policy may be modified or updated at any time to reflect changes in legal requirements, business practices, or service functionality. The most current version of the Privacy Policy will be made available through the website and will supersede all prior versions.
Continued access to or use of the services following the publication of any changes constitutes acceptance of the revised Privacy Policy, to the extent permitted by applicable law. Where required by law, additional notice of material changes will be provided.
If you have any questions, concerns, or requests related to this Privacy Policy or how we handle data, you can contact us at privacy@usage.io. We're happy to help clarify our practices, address concerns, or respond to data protection requests in a timely and transparent manner.