Privacy Policy

Overview

This Privacy Policy explains how Glimmer ("we," "our," or "us") collects, uses, and protects information when you use our service. Our commitment to privacy isn't just a policy—it's fundamental to how our technology works.

Unlike traditional analytics tools, Glimmer is designed to help users in real-time without compromising their privacy. We analyze behavioral patterns to provide contextual assistance while maintaining complete anonymity.

Information We Collect

Glimmer collects minimal, anonymous behavioral data necessary to provide micro-interventions and improve user experience:

Behavioral Analytics Data

• Click patterns: Location and timing of clicks (without personal identifiers)
• Scroll behavior: Scrolling patterns and page engagement metrics
• Cursor movement: Mouse movement patterns indicating user intent or confusion
• Form interactions: Field focus events and form submission patterns (without form content)
• Page navigation: URL paths visited and time spent on pages
• Device information: Screen resolution, browser type, and device type for optimization
• Performance metrics: Page load times and intervention effectiveness

Session Data

• Anonymous session ID: Temporary identifier for the browsing session
• Timestamp information: When interactions occur
• Referrer information: Where users came from (if available)

Customer Account Data

For customers using our dashboard (website owners who implement Glimmer):

• Account information: Name, email address, company name
• Billing information: Payment details processed securely through Stripe
• Usage metrics: Dashboard usage and API usage statistics

What We Don't Collect

• Names, email addresses, or contact information
• Form content or text input data
• User passwords or authentication information
• Payment or financial information
• Social security numbers or government IDs
• Biometric data or personal characteristics
• Cross-site tracking identifiers
• Persistent user profiles across different websites
• Location data beyond general geographic region

How We Use Information

We use the collected information solely for the following purposes:

Primary Service Functions

• Real-time assistance: Detect friction patterns and provide contextual micro-interventions
• Behavioral analysis: Identify when users need help without identifying who they are
• Intervention optimization: Improve the timing and effectiveness of assistance
• Performance monitoring: Ensure our service works efficiently without impacting website performance

Service Improvement

• Algorithm enhancement: Improve our AI models' ability to detect friction
• Feature development: Develop new types of helpful interventions
• Quality assurance: Monitor and improve service reliability

Customer Support

• Dashboard analytics: Provide usage insights to website owners
• Technical support: Help customers implement and optimize Glimmer
• Account management: Manage customer accounts and billing

Data Processing & Storage

Real-Time Processing

Most behavioral data is processed in real-time and not stored:

• Behavioral patterns are analyzed instantly to determine if intervention is needed
• Sensitive interaction data is processed and discarded immediately
• Only aggregated, anonymous metrics are retained for service improvement

Data Storage

• Aggregated analytics: Stored for up to 13 months for trend analysis
• Session data: Temporary storage during active sessions only
• Customer account data: Stored securely as long as account is active
• Billing records: Retained as required by law for tax and audit purposes

Data Location

Data is processed and stored in secure cloud infrastructure:

• Primary data centers in the United States and European Union
• Data residency options available for Enterprise customers
• All data transfer encrypted in transit and at rest

Cookies & Local Storage

Glimmer uses minimal cookies and local storage:

Essential Cookies

• Session management: Temporary session identifier (expires when browser closes)
• Intervention tracking: Prevent duplicate interventions during the same session
• Configuration cache: Store intervention preferences to improve performance

What We Don't Use

• Third-party advertising cookies
• Cross-site tracking cookies
• Long-term identification cookies
• Social media tracking pixels

Third-Party Services

Glimmer uses select third-party services with strong privacy commitments:

Payment Processing

• Stripe: Secure payment processing for customer billing
• We don't store payment information on our servers

Infrastructure

• Cloudflare: Content delivery and security services
• Cloud hosting providers: Secure server infrastructure
• All providers are contractually bound to protect data privacy

What We Don't Use

• Google Analytics or similar tracking platforms
• Social media tracking integrations
• Third-party advertising networks
• Marketing automation platforms that track individual users

Your Rights

Website Visitors

Since we don't collect PII from website visitors, there's no personal data to access, modify, or delete. However, you can:

• Disable JavaScript to prevent Glimmer from functioning
• Use browser privacy modes to limit data collection
• Contact us if you have concerns about your privacy

Customer Rights (GDPR & CCPA)

If you're a Glimmer customer (website owner), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Delete your account and associated data
• Portability: Export your data in a machine-readable format
• Objection: Object to certain types of data processing
• Restriction: Limit how we process your data

To exercise these rights, contact us at [email protected].

Data Security

We implement industry-standard security measures:

Technical Safeguards

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access controls: Strict employee access controls and authentication
• Network security: Firewalls and intrusion detection systems
• Regular audits: Security assessments and vulnerability testing

Operational Safeguards

• Employee training on privacy and security practices
• Incident response procedures for security breaches
• Regular backup and disaster recovery testing
• Vendor security assessments for third-party services

Compliance

Glimmer is designed to comply with major privacy regulations:

GDPR Compliance

• Lawful basis for processing (legitimate interest for service provision)
• Data minimization principles built into our architecture
• Privacy by design and by default
• Data Protection Impact Assessments conducted

CCPA Compliance

• Transparent disclosure of data collection practices
• No sale of personal information to third parties
• Consumer rights respected and facilitated

Other Regulations

• PIPEDA (Canada) compliance measures
• LGPD (Brazil) compliance considerations
• Regular review of emerging privacy legislation

Policy Updates

We may update this Privacy Policy occasionally to reflect changes in our practices or legal requirements:

• Material changes will be announced via email to customers
• Updated policy will be posted on our website with revision date
• Continued use of the service constitutes acceptance of updates
• Historical versions are available upon request

Contact Us

If you have questions about this Privacy Policy or our privacy practices:

We're committed to addressing privacy concerns promptly and transparently. We typically respond to privacy inquiries within 72 hours.