1. Scope and roles
Zachary Beville operates Flintglade Analytics under the Flintglade name. In this notice, “Flintglade” means that service operator. For account administration, service reliability, billing coordination, and support, Flintglade determines why the necessary account data is used. For analytics events collected from a customer's website, the customer chooses the sites, tracker deployment, event names, and optional event properties. Customers are responsible for giving their visitors appropriate information and instructions.
2. Account, campaign, and service data
The service stores the owner's email address, a password hash, email-verification and password-reset token hashes, secure session records, workspace configuration, sites, collector keys, goals, usage totals, and service or lifecycle audit events. The dashboard uses one Secure, HttpOnly, SameSite=Strict authentication cookie. That account cookie is separate from the public analytics tracker.
Public acquisition pages record the canonical page or signup-funnel event and only the explicitly allowlisted utm_source, utm_medium, utm_campaign, and utm_content campaign labels. Those records do not add an account-email field, a raw IP address, or a persistent browser identifier. Campaign labels are operator-controlled URL text and must not be used to carry personal data. If a visitor creates an account, the same campaign labels are attached to the signup lifecycle record; form values are not placed in campaign labels.
Stripe identifiers and subscription state are stored so paid access can be projected from signed billing events. Flintglade does not receive or store full card details.
3. Cookieless analytics data
The public tracker uses no cookies and no local browser storage. It can send a normalized page path; event name; approved custom-event properties; viewport width; the referrer's origin; and only the utm_source, utm_medium, utm_campaign, and utm_content query values. It does not send arbitrary query parameters, URL fragments by default, full referrer paths, or full outbound URLs.
At ingest, the service uses the request IP address and user agent to derive a site-specific visitor identifier with a secret salt that rotates each UTC day. It also derives coarse country, browser, operating system, and device categories. Raw IP addresses and full user-agent strings are not written to analytics event rows. More detail is in the methodology.
4. Retention and deletion
Raw analytics events and sessions are retained for 180 days. Daily site-level aggregates are retained until the workspace is deleted; wider dimension aggregates and anonymous acquisition records can expire after 730 days. Account, entitlement, usage, and audit data remain while the workspace exists and as needed to operate it.
Workspace deletion is scheduled for permanent purge after a 30-day deletion window. Active subscriptions must first be canceled through the billing portal and confirmed by Stripe. Final purge removes workspace analytics and configuration and scrubs personal and campaign fields from the retained operational audit skeleton. Backup copies follow a separate operational retention cycle and may age out after the live workspace is purged.
5. Service providers
The service uses Stripe for checkout, subscription billing, invoices, and the customer billing portal; Resend for verification and password-reset email delivery; and Cloudflare for public network, tunnel, TLS, and edge-security services. Those providers process data under their own terms and privacy notices. Infrastructure may necessarily process request metadata to deliver and protect the service.
6. Choices and requests
Workspace owners can export workspace data, manage billing in the Stripe-hosted portal, invalidate account sessions, and request workspace deletion from the dashboard. Website visitors should first contact the customer whose site collected the event because Flintglade cannot reliably map a person to a daily rotating analytics identifier.
For account privacy, support, or deletion questions, email support@flintglade.com. Requests may require reasonable verification.
7. No automatic compliance guarantee
This design reduces data collection, but using a cookieless analytics tool does not automatically satisfy privacy, cookie, sector, employment, or consumer-protection law. Requirements vary by jurisdiction and use. Customers must assess their own deployment and obtain advice where appropriate.
8. Changes
This notice may change as the service or its providers change. Material revisions will be published here with an updated effective date.