Privacy Policy

Effective Date: May 7, 2025

This Privacy Policy describes how Mouseprints ("we", "us", "our", or the "Service") collects, uses, shares, stores, and protects your information. By using our services, you agree to the practices outlined in this Privacy Policy. This policy applies to all users, regardless of location.

1. Information We Collect

• Account Information: Email address, password (hashed), IP address, account creation time, and subscription plan.
• Session Recording Data: Mouse movements, clicks, scrolling behavior, text input (unless excluded), screen resolution, browser and device type, referrer URL, page titles, user navigation paths, and other data captured via rrweb or similar tools.
• AI Analysis Data: Behavioral summaries, click heatmaps, funnel analysis, and derived insights generated via third-party models such as OpenAI.
• Payment and Billing Data: Collected and processed securely by Stripe. We do not store raw payment credentials.
• Technical Metadata: Log files, request headers, IP geolocation, and timestamps for performance and security purposes.
• Communication History: When you contact us via our contact form, we may store messages, timestamps, and resolution details.

2. How We Use Your Information

• To provide, maintain, and improve the Service.
• To generate analytics and AI insights from session data.
• To manage your account, process payments, and enforce usage limits.
• To notify you of changes, updates, or critical alerts.
• To monitor abuse, detect fraud, and enforce our Terms of Service.
• To comply with legal and regulatory obligations.

3. Data Sharing and Disclosure

• Subprocessors: OpenAI (for analysis), Stripe (for billing), Redis (for session management), and hosting providers like Railway.
• Legal Compliance: If required by law or subpoena, we may disclose data to authorities.
• Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred in accordance with this Privacy Policy.

4. Local Storage and Session Identification

Mouseprints does not use browser cookies on visitor-facing websites by default. Instead, the tracking script stores a randomly generated session identifier using localStorage. This helps associate user interactions across page views during a single session. No personally identifying information is collected from site visitors, and no cross-site tracking occurs.

Users who log into the Mouseprints dashboard may have cookies set for authentication and session management, but these are restricted to our app domain and are never shared with third parties.

5. Data Retention

• Session recordings are retained according to your subscription tier and automatically purged when exceeding limits.
• Deleted accounts are fully purged from active storage within 30 days unless retention is required for legal or billing records.
• Backups may persist briefly to ensure disaster recovery integrity, but are also subject to periodic pruning.

6. International Users

Mouseprints is operated from the United States but may be accessed globally. By using the Service, you acknowledge that your data may be processed in and transferred to the U.S. or other countries with different data protection laws.

7. Your Rights

• Access or request a copy of your personal data
• Request correction or deletion of inaccurate or outdated data
• Object to or restrict certain types of processing
• Request data portability
• Withdraw consent for processing (where applicable)

You may exercise these rights at any time via our contact form. We may require verification of identity before fulfilling certain requests.

8. Data Security

• Encrypted HTTPS connections
• Secure password hashing
• Redis-based session control
• Firewalled backend services
• AI processing in background jobs, not client-side
• Rate limiting, bot filtering, and activity monitoring

9. Children's Privacy

Mouseprints is not intended for or directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe that a child under 13 has used our service or submitted information, please report it using the contact form.

10. Changes to This Policy

We reserve the right to update this Privacy Policy at any time without prior notice. Substantial changes will be announced via banner notice, account dashboard, or email. Your continued use of the Service after any modification constitutes acceptance of the revised terms.

11. Contact

If you have questions, concerns, or wish to exercise your data rights, please use the contact form. We aim to respond within 7 business days but make no guarantee of response time.