Privacy Policy
1. Introduction
JTracking (“we,” “our,” “the Service”) provides AI-powered tracking automation tools, including web crawling, tracking plan generation, GTM configuration, and data relay hosting services. This Privacy Policy explains how we collect, use, store, and protect your information, and what rights you have under applicable privacy laws such as GDPR and CCPA.
2. Information We Collect
2.1 Account Information
- We collect your name, email, and profile picture through Google OAuth 2.0 for authentication and account management.
2.2 Site Information
- When you submit a website, we collect URL, title, page structure (HTML), screenshots, navigation paths, and identifiers generated during your use.
- This data is primarily used to generate tracking plans and site maps.
2.3 Conversation and Operation Records
- Includes system conversation history, action logs, error logs, IP addresses, browser versions, and timestamps for technical support and product optimization.
2.4 GTM Configuration Data
- When you authorize GTM, we read triggers, variables, tags, and related workspace information to support synchronization and auto-generated tracking configuration comparison.
3. How We Use Information
- Authentication & Account Management – to verify your identity and provide personalized login experience.
- Tracking Plan Generation – using AI models (e.g., OpenAI GPT, Google Gemini) to generate and improve tracking plans based on site and operation data.
- GTM Configuration & Synchronization – assisting in creating or updating GTM triggers, variables, and tags for automated event tracking.
- Product Optimization & Security Monitoring – analyzing usage data, error logs, and system behavior to improve service stability and security.
4. Legal Basis for Processing (GDPR)
| Legal Basis | Description |
|---|---|
| Contractual necessity | To provide core services such as crawling, GTM synchronization, and tracking plan generation |
| Legitimate interest | Product optimization, security monitoring, and fraud prevention |
| Consent | Optional AI features, marketing communications, and certain analytics |
| Legal obligation | Compliance with applicable laws and regulatory requirements |
5. Information Sharing
We do not sell or rent your personal information. Information may be shared in the following cases:
- With your consent – for optional features or integrations.
- With essential service providers – hosting, cloud AI models, analytics, and technical support.
- Legal requirements – as required by law or government authorities.
- Product optimization – for analyzing anonymized data to improve services.
6. International Data Transfers
Your data may be processed and stored outside your country of residence, including the United States and European Union.
We implement appropriate safeguards (e.g., Standard Contractual Clauses, SCCs) to ensure your data is protected.
7. Data Security
We implement technical and organizational measures including:
- HTTPS and encryption for data in transit
- Access control and logging
- Security monitoring and intrusion detection
- Regular audits
8. Data Retention
- Account data is retained while your account is active.
- Log and operational data is retained for up to 12 months.
- AI processing data is ephemeral and deleted immediately after processing.
9. Your Rights
You may exercise the following rights:
- Access your information
- Correct inaccurate or outdated data
- Request deletion (“Right to be Forgotten”)
- Restrict or object to processing
- Data portability
Contact: [email protected]
10. Handling of Children's Personal Information
Our products and services are not intended for children under 14.
We do not knowingly collect personal information of children. If data from a child under 14 is inadvertently collected, we will promptly delete it.
11. AI Data Processing and PII Compliance
11.1 Scope of AI Data Processing
- Your site information and operation records may be processed by large language models (e.g., OpenAI GPT, Google Gemini) to generate tracking plans.
- Conversation history with the system may be analyzed to improve recommendation accuracy.
- GTM configurations are compared with AI-generated solutions through automated processes.
11.2 Third-Party AI Service Restrictions
- Third-party AI providers are bound by strict data protection agreements (DPAs).
- Google Workspace API data is only used for account verification and feature implementation, not for general AI model training.
- Original user data is immediately decoupled from AI model environments after processing.
11.3 Personally Identifiable Information (PII) Exclusion
- The following data is strictly prohibited from AI processing:
- Email addresses, phone numbers, physical addresses, or full names
- Government IDs, banking information, or passwords
- IP addresses, device IDs, or any unique personal identifiers
- Any data referencing the above in event descriptions or enumerations
11.4 Post-Generation PII Review
- All AI-generated outputs undergo automated validation to:
- Detect and redact any residual PII-like patterns
- Reject solutions that propose PII-dependent logic (e.g., “track user emails”)
11.5 Compliance Safeguards
- No PII is persisted; input data is ephemeral.
- Third-party AI providers are prohibited from retaining or training on our data.
- Users may report violations via [email protected] for immediate investigation.
12. Cookies and Tracking
- We use cookies for authentication, security, and analytics.
- You may disable cookies, but some product features may not function correctly.
13. Policy Updates
- We may update this Privacy Policy periodically.
- Material changes will be communicated via in-app notifications or email.
14. Data Controller Information
- Company: JTracking Technologies Inc.
- Email: [email protected]
- Jurisdiction: Singapore
- Data Protection Officer (DPO): [email protected]
