Futuristic Toast Example

Privacy Policy

Effective Date: May 28, 2025

This Privacy Policy explains how Mouseprints ("we", "us", "our", or "the Service") collects, uses, shares, stores, and protects your personal information. By accessing or using Mouseprints, you agree to the practices described below. This Policy applies globally, regardless of your location.

1. Information We Collect

  • Account Information: Email address, account creation details, hashed passwords, IP addresses, subscription plan, and usage metrics.
  • Session Data: Site visitor actions recorded by our script (mouse movements, clicks, scrolls, input focus, screen size, browser/device, referrer, URLs, page titles, navigation paths, and related metadata). Text input is never captured inside password fields or fields explicitly excluded from tracking.
  • AI & Analytics Data: Aggregated insights, session summaries, predictions, heatmaps, and similar outputs derived through AI tools (e.g., OpenAI).
  • Payment Data: Handled exclusively through Stripe. Payment card details are never stored or processed by Mouseprints servers.
  • Technical Metadata: Log files, headers, timestamps, IP-based geolocation (city/country), and error diagnostics.
  • Communication History: Any information you submit via our contact form or similar channels.

2. How We Use Your Information

  • To provide, maintain, improve, and personalize the Service and its features.
  • To deliver AI-generated insights and behavioral analysis based on session recordings.
  • To enforce account limits, process payments, and manage user subscriptions.
  • To communicate important account or system information, such as changes in terms or quota usage.
  • To detect misuse, investigate abuse, and enforce our Terms of Service.
  • To comply with legal obligations, including lawful government requests and applicable regulations.

3. Data Sharing and Disclosure

  • Service Providers: We work with trusted third parties to operate Mouseprints, including OpenAI (AI analysis), Stripe (billing), and Railway (hosting). These providers only receive the minimal data necessary for their roles and are contractually bound to confidentiality.
  • Legal Obligations: We may disclose information in response to valid legal processes (e.g., subpoenas, court orders, or regulatory requirements).
  • Business Events: In the event of a merger, acquisition, reorganization, or asset sale, data may be transferred subject to continued protection under this Policy.

Mouseprints does not sell, rent, or trade user or visitor data to advertisers, brokers, or unrelated third parties.

4. Session Identification & Storage

Our script stores a randomly generated session ID in localStorage to link user interactions during a single session. No cookies are used on visitor-facing pages unless you enable the optional consent banner.

Logged-in users may receive session cookies for authentication. These are limited to our dashboard domain, used solely to maintain session state, and never shared with third parties.

Note for EU/EEA Users: Consent is required for non-essential cookies or tracking. Our optional consent banner respects this legal requirement.

5. Data Retention and Deletion

  • Data is retained according to subscription quotas and tier-specific time limits. Once limits are exceeded or an account is deleted, associated data is removed accordingly.
  • Upon account deletion, session data and personal identifiers are deleted from active storage within 30 days, barring legal or compliance exceptions.
  • Temporary backups may persist for up to 60 days for disaster recovery and security integrity checks, then automatically purged.
  • Accounts reactivated within 7 days of deletion may restore associated data; otherwise, it is permanently destroyed.

6. International Users & Data Transfers

Mouseprints is based in the United States. By using the Service, you consent to your data being processed and stored in the U.S. or other countries with different data protection standards. If you reside in the European Economic Area (EEA) or UK, you acknowledge that Mouseprints is not certified under GDPR adequacy frameworks and your use is at your discretion.

7. Your Data Rights

  • Request access to or a copy of your stored data.
  • Request correction or deletion of inaccurate or outdated data.
  • Request restriction of data processing or object to certain processing activities (as allowed by law).
  • Request export of your data in standard machine-readable formats (CSV or JSON).
  • Withdraw consent at any time, where applicable to processing based on consent.

These rights can be exercised through our contact form. Identity verification may be required. We strive to respond within legal timelines but do not guarantee any specific response time.

8. Security Practices

  • All data transmissions are protected via HTTPS encryption.
  • Passwords are securely hashed using modern cryptographic standards.
  • Data is encrypted at rest and stored in secure infrastructure maintained by our hosting provider.
  • Administrative access is limited, audited, and protected by role-based controls and firewall rules.
  • Client-side AI does not occur; all AI processing happens in background server jobs.
  • Mouseprints uses rate limiting and anomaly detection to reduce abuse and bot activity.
  • Disclaimer: No system is impenetrable. While we apply strong security practices, we disclaim liability for breaches beyond our reasonable control, including those stemming from third-party infrastructure.

9. Children's Privacy

Mouseprints is not designed for individuals under 13 years of age. We do not knowingly collect data from children. If you believe a child has submitted information to Mouseprints, please contact us immediately so we can take appropriate action.

10. Changes to This Policy

This Privacy Policy may be updated from time to time. We will provide prominent notice for material changes (e.g., dashboard banner or email notification). Continued use of the Service after changes indicates acceptance of the revised terms.

11. Contact and Data Requests

For questions about this Privacy Policy or to exercise your data rights, contact us via the contact form. We aim to respond within 7 business days, though no specific turnaround is guaranteed.