Privacy Policy

WhereTheyLeave ("we", "our", "the Service") is a website analysis tool operated by Dominik Supiński (sole proprietor, Poland). This Privacy Policy explains what data we collect, how we use it, and what rights you have.

Our core privacy principle: when you upload a file, all analysis runs in your browser — your data never reaches our servers. For API connections (GA4, Shopify), our backend reads your data to generate the report but never stores raw analytics data. We have no access to your customers' personal information.

WhereTheyLeave uses the Google Analytics Data API with the following scope:

analytics.readonly — read-only access to your Google Analytics 4 properties.

email — used to identify your Google account and display your email address in the app.

How access is used:

• Your OAuth access token and refresh token are stored encrypted in our database (Supabase) for automatic retrieval on subsequent visits.
• Requests to the Google Analytics Data API are made from our backend server on your behalf, using your stored token.
• GA4 data retrieved from the API is used exclusively to generate your funnel analysis report. It is delivered to your browser and is never stored, cached, or logged on our servers.
• GA4 data and tokens are not shared with any third party.
• GA4 data is not used to train AI models or for advertising purposes.

You can revoke access at any time at myaccount.google.com/permissions. This immediately invalidates your stored tokens and disconnects your GA4 integration. You can also disconnect from within the app at any time.

We request offline access so the app can refresh your GA4 connection automatically without requiring you to re-authorize on every visit. Your refresh token is stored encrypted alongside your access token.

WhereTheyLeave connects to your Shopify store using the following API scope:

read_orders — read-only access to your store's order history and abandoned checkouts.

How access is used:

• Your OAuth access token and refresh token are stored encrypted in our database (Supabase) for automatic retrieval on subsequent visits.
• Requests to the Shopify API are made from our backend server on your behalf, using your stored token.
• Shopify data retrieved from the API is used exclusively to generate your funnel analysis report. Raw order records, customer names, emails, and payment details are never stored, cached, or logged on our servers.
• Our backend fetches Shopify data on a recurring schedule (scheduled reports and automated alerts) without requiring you to log in for each retrieval.
• Shopify data and tokens are not shared with any third party.
• Shopify data is not used to train AI models or for advertising purposes.

You can disconnect your store from the app settings at any time — your stored tokens are deleted immediately and our access is revoked. You can also uninstall the WhereTheyLeave app from your Shopify admin, which immediately revokes our API access. Upon disconnection or uninstall, all associated shop data (including stored API tokens) is permanently deleted from our systems within 30 days.

Access method: REST API keys (Consumer Key and Consumer Secret) with read-only permission, generated by the merchant in WooCommerce → Settings → Advanced → REST API.

How access is used:

• You provide your WooCommerce store URL and authorize WhereTheyLeave via the WooCommerce authorization flow.
• Your API credentials (Consumer Key and Consumer Secret) are stored encrypted in our database and used exclusively to query your store's order data.
• Order data is fetched from your store's WooCommerce REST API and used to generate a funnel analysis report. Raw order records, customer names, emails, and payment details are never stored on our servers.
• WooCommerce data is not shared with any third party.
• WooCommerce data is not used to train AI models or for advertising purposes.

Revocation: You can disconnect your WooCommerce store from your account settings at any time. This deletes your stored API credentials. You can also revoke access by deleting the API key from WooCommerce → Settings → Advanced → REST API.

If you are located in the European Economic Area, you have the following rights:

• Access — request a copy of personal data we hold about you.
• Rectification — correct inaccurate personal data.
• Erasure — request deletion of your account and all associated data.
• Restriction — request that we restrict processing of your data.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email us at hello@wheretheyleave.com. We will respond within 30 days.

Legal basis for processing: contract performance (account and subscription management) and legitimate interests (service improvement and security). We do not rely on consent for core service functionality.

WhereTheyLeave offers optional AI-powered features (AI Analyst and AI Summary/Diagnosis cards) that help you interpret your report data. These features are available on Starter and Pro plans.

How AI features work:

• When you use an AI feature, your generated report data (aggregated metrics such as funnel steps, conversion rates, and drop-off percentages) is sent to the Anthropic API (Claude) for processing.
• Only processed report output is sent — never raw analytics data, file contents, or personally identifiable information about your website visitors.
• Anthropic does not use data sent via their API for model training. Their data retention policy applies (see anthropic.com/privacy).
• AI-generated conversations are stored in your account for continuity (up to 10 messages per report). You can choose not to use AI features at any time.
• We log AI requests (prompt, response, model, token count) for debugging and service improvement. These logs are associated with your user ID and retained for 90 days.

AI-generated insights are informational only and should be verified before making business decisions.

We use the following third-party processors:

• Supabase (authentication and account database) — hosted in EU region.
• Stripe (payment processing) — PCI-DSS compliant.
• Vercel (hosting) — servers in EU region (Frankfurt).
• Resend (transactional email).
• Anthropic (AI-powered analysis features) — data processed via API, not stored by provider.
• Formspree (feedback form processing).

We do not sell personal data. We do not share data with advertisers. We do not use your data to train AI models.

• Account data — retained while your account is active. Deleted within 30 days of account deletion request.
• Server logs (IP, browser) — retained for 30 days.
• Billing records — retained for 5 years as required by Polish tax law.
• Analytics data (GA4 / Shopify / file uploads) — never retained on our servers.

We apply the following security measures:

• All data in transit encrypted via TLS 1.2 or higher.
• Database access restricted to authenticated server processes only.
• OAuth tokens are encrypted and stored in our database. Browser sessions use short-lived tokens cleared on tab close.
• Regular dependency audits and security updates.

We will notify affected users of any data breach within 72 hours of discovery, as required by GDPR Article 33.

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. If changes are material, we will notify registered users by email at least 14 days before the change takes effect. Continued use of the Service after that date constitutes acceptance of the updated policy.

Data Controller: Dominik Supiński, operating as WhereTheyLeave

Email: hello@wheretheyleave.com

Website: https://wheretheyleave.com/privacy

Country of establishment: Poland (EU)