Privacy Policy

Last Updated: November 10, 2025

Introduction

tracekit.dev (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Information We Collect

Information You Provide

When you register for TraceKit, we collect:

• Account Information: Name, email address, company name
• Billing Information: Credit card details (processed securely through Stripe)
• Profile Information: Optional profile photo, job title, timezone preferences
• Support Communications: When you contact support, we retain correspondence

Information We Automatically Collect

• Usage Data: Application traces, metrics, and logs you send to TraceKit
• Device Information: Browser type, IP address, operating system
• Cookies: We use cookies for authentication and analytics (see Cookies section)
• Analytics: We track page views, feature usage, and performance metrics

Information from Integrations

If you connect third-party services (GitHub, Slack, etc.), we may access:

• Repository information
• Webhook data
• Basic profile information from connected services

How We Use Your Information

We use your information to:

1. Provide Services:

• Process and display your application traces
• Generate performance metrics and dashboards
• Send alert notifications
• Provide customer support

2. Improve Services:

• Analyze usage patterns to improve features
• Identify and fix bugs
• Develop new functionality

3. Communications:

• Send service-related emails (account confirmations, billing notifications)
• Share product updates and feature announcements (you can opt-out)
• Respond to inquiries and support requests

4. Security:

• Detect and prevent fraud
• Monitor for security threats
• Enforce our Terms of Service

5. Legal Compliance:

• Comply with applicable laws and regulations
• Respond to legal requests

Data Retention

We retain your data as follows:

• Account Data: Until you delete your account, plus 30 days
• Trace Data: According to your plan’s retention period (7-90 days)
• Billing Records: 7 years for tax/legal compliance
• Deleted Data: Permanently removed within 30 days of deletion

Data Sharing and Disclosure

We do not sell your personal information. We share data only in these circumstances:

Service Providers

We use trusted third-party services:

• Stripe: Payment processing (PCI-compliant)
• Hetzner: Cloud hosting and storage
• Resend: Transactional emails

All providers are contractually bound to protect your data.

Legal Requirements

We may disclose information if required by:

• Court orders or legal processes
• Government requests
• Preventing fraud or security threats
• Protecting our legal rights

Business Transfers

If TraceKit is acquired or merged, your data may transfer to the new entity. We’ll notify you of any such change.

With Your Consent

We may share information for other purposes with your explicit consent.

Your Rights and Choices

Access and Portability

You can:

• View all your data in your account dashboard
• Export your trace data via API or UI
• Request a complete data export (contact: [email protected])

Correction and Deletion

You can:

• Update your profile information anytime
• Delete your account (Settings → Account → Delete Account)
• Request data deletion (contact: [email protected])

Marketing Communications

You can:

• Opt-out of marketing emails via unsubscribe links
• Adjust notification preferences in Settings
• You’ll still receive essential service emails

Do Not Track

We honor Do Not Track (DNT) browser signals for analytics tracking.

Cookies

What Cookies We Use

• Essential Cookies: Required for authentication and security
• Analytics Cookies: Google Analytics for usage statistics
• Preference Cookies: Remember your settings and preferences

Managing Cookies

You can control cookies through:

• Browser settings (delete or block cookies)
• Opt-out of Google Analytics: tools.google.com/dlpage/gaoptout

Data Security

We implement security measures including:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based access
• Infrastructure: SOC 2 Type II certified hosting (Hetzner)
• Monitoring: 24/7 security monitoring and threat detection
• Regular Audits: Quarterly security assessments

Despite our efforts, no system is 100% secure. We’ll notify you of breaches as required by law.

International Data Transfers

TraceKit is based in Germany. If you’re outside the EU:

• We use Hetzner data centers in Germany. Enterprise customers can request specific locations.
• We comply with GDPR for European users

Children’s Privacy

TraceKit is not intended for users under 16. We don’t knowingly collect data from children. If you believe a child has provided data, contact us at [email protected].

GDPR Rights (European Users)

If you’re in the EU/EEA, you have additional rights:

• Right to Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion (“right to be forgotten”)
• Right to Restriction: Limit how we use your data
• Right to Portability: Receive data in a structured format
• Right to Object: Object to processing for marketing purposes
• Right to Withdraw Consent: At any time

To exercise these rights, email: [email protected]

To make a request: [email protected]

Changes to This Policy

We may update this Privacy Policy occasionally. We’ll notify you of material changes via:

• Email notification
• Notice on our website

Continued use after changes constitutes acceptance.

Contact Us

For privacy questions or concerns:

Email: [email protected]
Mail: tracekit.dev Privacy Team

Data Protection Officer: [email protected]

Compliance

TraceKit complies with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• SOC 2 Type II standards
• PCI DSS (via Stripe)

Last Reviewed: November 8, 2025
Effective Date: November 8, 2025