This Privacy Policy explains how [Legal Company Name], doing business as Thunder Analytic ("Thunder Analytic," "Company," "we," "us," or "our"), collects, uses, discloses, and otherwise processes personal data in connection with https://www.thunderanalytic.com/, our web analytics software platform, dashboards, APIs, websites, applications, and related services (collectively, the "Services").
This Privacy Policy is intended as a general privacy notice for a software-as-a-service platform that provides web analytics and related reporting functionality. It should be reviewed and tailored to reflect your actual technical setup, legal obligations, hosting model, data flows, tracking practices, and customer base before publication.
By accessing or using the Services, you acknowledge that your personal data may be processed as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services.
This Privacy Policy applies to personal data we process when:
This Privacy Policy does not apply to third-party websites, services, or platforms that may link to or integrate with the Services. It also does not replace any separate data processing agreement, order form, or contractual privacy terms between us and our customers.
Depending on the context, Thunder Analytic may act as either:
If you are an end user whose information is collected or processed by one of our customers through their use of the Services, that customer is typically the party responsible for providing notices, obtaining consent where required, and responding to your privacy requests regarding that data.
We may collect personal data you provide to us directly, including:
When you use the website or Services, we may automatically collect certain technical and usage information, such as:
Customers may submit or make available information to us through the Services, including data collected from websites, applications, events, cookies, tags, APIs, or connected third-party tools. Depending on implementation, this data may include online identifiers, IP addresses, device information, browser information, user activity data, conversion events, and similar analytics-related information.
We may also receive information from third-party integrations, payment providers, authentication providers, marketing tools, resellers, or other service providers.
Unless expressly agreed in writing, the Services are not intended for the collection, storage, or processing of special category or sensitive personal data, protected health information, payment card data subject to PCI DSS, children’s data, government-issued identification numbers, or other information subject to heightened legal or regulatory protection.
We may use cookies, pixels, SDKs, local storage, and similar technologies to operate the website and Services, remember preferences, authenticate users, analyze traffic, improve performance, measure usage, and support security functions.
These technologies may include:
You may be able to control certain cookies through your browser settings, device settings, or any cookie management tools we make available. Because some technologies are necessary for operation of the Services, disabling them may affect functionality.
We may use personal data for the following purposes:
If and to the extent applicable under data protection laws such as the GDPR, we may rely on one or more of the following legal bases:
We may disclose personal data to the following categories of recipients, as necessary for the purposes described in this Privacy Policy:
Where we act as a processor on behalf of customers, we disclose customer-submitted personal data only in accordance with the customer’s instructions, applicable law, and our agreements with that customer.
Your personal data may be transferred to, stored in, or processed in countries other than the country in which it was collected. Those countries may have data protection laws that are different from those in your jurisdiction.
Where required by applicable law, we will take appropriate steps to protect personal data transferred across borders, such as entering into standard contractual clauses, relying on adequacy decisions, implementing contractual safeguards, or using other lawful transfer mechanisms.
We retain personal data for as long as necessary for the purposes described in this Privacy Policy, including to provide the Services, maintain accounts, comply with legal obligations, resolve disputes, enforce agreements, and protect our business and users.
Retention periods may vary depending on the type of data, the context in which it was collected, customer instructions, technical requirements, backup schedules, legal obligations, and the need to establish or defend legal claims.
When personal data is no longer required, we will delete it, anonymize it, or securely retain it only as required by law or for legitimate business purposes.
We implement reasonable administrative, technical, and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption where appropriate, network protections, logging, monitoring, and security policies.
However, no method of transmission over the internet or method of electronic storage is completely secure. As a result, we cannot guarantee absolute security.
Customers are responsible for ensuring that their use of the Services complies with applicable privacy, data protection, ePrivacy, marketing, surveillance, and consumer protection laws. This includes, where applicable:
Depending on your location and applicable law, you may have certain rights regarding your personal data, including the right to:
These rights are not absolute and may be subject to legal exceptions or limitations. We may need to verify your identity before responding to a request.
If we process personal data solely on behalf of one of our customers, we may direct your request to the relevant customer, since that customer may be the controller responsible for the data.
We may send you marketing communications where permitted by law. You can opt out of marketing emails at any time by using the unsubscribe link in the message or by contacting us using the details below. Even if you opt out of marketing communications, we may still send you transactional or service-related messages such as billing notices, security alerts, or important updates about the Services.
The Services are not directed to children, and we do not knowingly collect personal data directly from children under the age at which parental consent is required under applicable law. If you believe a child has provided us with personal data in violation of applicable law, please contact us so we can take appropriate action.
The Services may contain links to third-party websites, applications, integrations, or services. We do not control those third parties and are not responsible for their privacy practices, content, or security. We encourage you to review the privacy policies of those third parties before interacting with them.
If you are located in the European Economic Area, United Kingdom, or another jurisdiction with similar data protection laws, you may have rights described in Section 12, subject to applicable limitations. You may also have the right to lodge a complaint with your local supervisory authority.
Where required, we will identify the controller, legal bases for processing, transfer mechanisms, and other mandatory disclosures in supplementary notices, a data processing addendum, or customer agreements.
If you are a resident of California or another U.S. state with applicable privacy rights, you may have rights to know, access, delete, correct, or opt out of certain processing activities, subject to legal exceptions. We do not sell personal data for money in the ordinary sense unless explicitly disclosed otherwise. If applicable law treats certain sharing for advertising or analytics as "selling" or "sharing," additional disclosures and opt-out mechanisms may be required and should be added to this Privacy Policy based on your actual practices.
We may update this Privacy Policy from time to time to reflect changes in our Services, legal obligations, or data practices. When we make material changes, we will provide notice as appropriate, such as by updating the date at the top of this Privacy Policy, posting a notice on our website, sending an email, or displaying an in-product message.
Your continued use of the Services after the effective date of an updated Privacy Policy constitutes your acknowledgment of the revised Privacy Policy, to the extent permitted by law.
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact:
Thunder Analytic
[Insert Legal Company Name]
[Insert Business Address]
[Insert Support Email]
[Insert Privacy Email]
[Insert Phone Number, if applicable]
Depending on your use of the Services, you may also be subject to our Terms and Conditions, Data Processing Addendum, Cookie Policy, or other legal documents that govern specific aspects of the Services. In the event of a conflict between this Privacy Policy and a separate written agreement with a customer, the written agreement may control to the extent of the conflict.