Privacy Notice
This Privacy Notice explains what data Vantmetry collects, why we collect it, and how we handle it. We keep this straightforward because we believe privacy policies should be readable. For information about how you use Vantmetry, see our Terms of Service.
1. Account Data
When you create an account (via the CLI or dashboard), we store your email address, a hashed session token, and timestamps for when your account was created and last accessed. If you sign up through the CLI without providing an email, we create an anonymous account with no personally identifiable information until you choose to register.
2. Error and Log Data
Vantmetry's tracker script, installed on your website, captures the following data from your end users' browsers:
- Error messages and stack traces
- Page URL where the error occurred
- Browser name, operating system, and device type (parsed from the user agent string)
- A randomly generated session identifier (not tied to any user account)
- Severity level and event type (e.g. console error, unhandled exception, unhandled promise rejection)
- Optional custom details your code attaches to log calls
The tracker applies automatic PII masking before data leaves the browser. Email addresses, credit card numbers, social security numbers, JWTs, bearer tokens, API keys, and values associated with sensitive keys (password, secret, token, authorization, credentials) are redacted or masked in messages, stack traces, and custom details. Learn more about the tracker's privacy features.
3. Data We Do Not Collect
We do not collect IP addresses of your end users. We do not use cookies or tracking pixels on your users' browsers. We do not fingerprint devices. The tracker does not access geolocation, camera, microphone, or any other sensitive browser APIs.
4. Cookies and Local Storage
The Vantmetry dashboard uses a single HTTP-only secure session cookie (vantmetry_session) to keep
you logged in. This is the only cookie we set. We do not use advertising cookies, tracking cookies, or analytics
cookies.
The dashboard uses localStorage for functional preferences: your selected theme (light/dark/system) and
your last-selected project. These are stored only in your browser and are never transmitted to our servers.
The dashboard uses PostHog solely to power the in-app feedback survey. PostHog is configured with all analytics,
session recording, and page view tracking disabled. It does not store any data in cookies or localStorage. When you submit feedback, your internal user ID (not your email) is attached to the survey response so we can
follow up if needed.
5. Third-Party Services
We use the following third-party services to operate Vantmetry:
- Resend for sending transactional emails (magic link login). Resend receives your email address solely for delivery purposes.
- Freemius for payment processing and subscription management. Freemius handles all payment information directly. We never see or store your credit card details. Freemius's privacy policy governs the data they collect during checkout.
- PostHog for the in-app feedback survey (dashboard only). No analytics data is collected. See section 4 for details.
6. Data Storage and Security
Your error and log data is stored in project-specific database files on our servers. Account data is stored in a relational database. All connections to Vantmetry (tracker, dashboard, CLI, API) are encrypted with TLS. Session tokens are hashed before storage. API secret keys are hashed with SHA-256 and the plaintext is never stored.
7. Data Retention
For paid subscriptions, error and log data is retained for the duration of the subscription. There is no time-based deletion; when a project reaches its storage cap, the oldest events are rotated out first. When a project is deleted, its associated log data is permanently removed. Trial project data is deleted 60 days after the trial ends.
8. Your Rights
You can request deletion of your projects and their associated data, or your entire account, at any time by contacting us. If you are located in the EU, you have additional rights under the GDPR, including the right to access, rectify, and erase your personal data, and the right to data portability. If you are a California resident, you have rights under the CCPA to request access to your personal data and delete it.
9. Changes to This Notice
If we make material changes to this Privacy Notice, we will update the "Last Updated" date at the top of this page. For significant changes, we may also notify you by email.
10. Contact
If you have questions about this Privacy Notice or how we handle your data, email us.