Privacy Policy

Ingestia ("Ingestia," "we," "our," or "us") operates a behavioral event analytics platform that helps businesses and developers collect, analyze, and act on user event data. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our website, dashboard, APIs, and SDKs (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

Account Information. When you register, we collect your name, email address, password (hashed), company name (optional), and plan selection.

Event Data. Event data is data you send to Ingestia via our client SDKs or API on behalf of your end users — such as event names, user identifiers, timestamps, and custom properties. You control what properties are included in this data. You are the data controller for your end users' data; Ingestia acts as a data processor.

Usage Data. We automatically collect information about how you interact with our dashboard, including pages visited, features used, session duration, and browser or device type.

Payment Information. If you subscribe to a paid plan, payment is processed by our third-party payment provider. We do not store your full credit card number. We receive limited billing information such as the last four digits of your card, billing address, and transaction status.

Technical Data. We collect IP addresses, HTTP request metadata, and error logs to maintain and improve the Service.

We use the information we collect to:

• Provide, operate, and improve the Service
• Authenticate users and secure accounts
• Process payments and manage subscriptions
• Respond to support requests and communicate service updates
• Generate aggregated, anonymized analytics about platform usage
• Comply with legal obligations
• Detect and prevent fraud, abuse, or security incidents

We do not sell your personal data or your end users' event data to third parties. We do not use your end users' event data to train machine learning models without your explicit consent.

We retain event data for a period determined by your subscription plan:

Account information is retained for the duration of your account and for up to 90 days after deletion, after which it is permanently erased. You may request earlier deletion by contacting us at [email protected].

We share information only in the following circumstances:

Payment Processors. We use a third-party payment processor to handle billing. Your payment data is governed by their privacy policy.

Infrastructure Providers. We host the Service on cloud infrastructure located in the European Union and the United States. These providers act as sub-processors under appropriate data processing agreements.

Observability Tooling. We use application performance monitoring tools to maintain service reliability. Only technical metadata (error rates, latency) is shared — not event data.

Legal Requirements. We may disclose information where required by law, court order, or governmental authority, or to protect the rights, property, or safety of Ingestia, our users, or the public.

Business Transfers. In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

Our servers are located in the European Union and the United States. If you access the Service from outside these regions, your data may be transferred to and processed in these countries.

For transfers of personal data from the European Economic Area (EEA) to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of data protection.

GDPR (EEA and UK Residents). You have the right to: access your personal data; correct inaccurate data; request erasure; restrict processing; receive your data in a portable format; object to processing based on legitimate interests; and lodge a complaint with your local supervisory authority.

CCPA (California Residents). You have the right to know what personal information we collect, to request deletion of your personal information, and to opt out of the sale of personal information (we do not sell personal information).

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

We use strictly necessary cookies for authentication (session tokens) and user preferences (active project). We do not use advertising or tracking cookies. You may disable cookies in your browser settings, but this will prevent you from logging in to the Service.

We implement industry-standard technical and organizational measures to protect your data, including encryption in transit (TLS), hashed passwords, JWT-based authentication with short-lived tokens, and role-based access control. No method of transmission over the internet is completely secure; we cannot guarantee absolute security.

The Service is not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice in the dashboard at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us: