Legal

Privacy Policy

Effective May 27, 2026 · Applies to the GA4 Auditor tool at ga4auditor.analyticsliv.com

At ANALYTICS LIV DIGITAL LLP, accessible from https://ga4auditor.analyticsliv.com, one of our main priorities is the privacy of our users. This Privacy Policy document contains the types of information that is collected and recorded by the GA4 Auditor tool and how we use it.

The GA4 Auditor (the “Service”) helps users audit their Google Analytics 4 (GA4) properties and interact with an AI assistant that answers questions about their GA4 configuration. If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies only to the GA4 Auditor tool at ga4auditor.analyticsliv.com and is valid for users of this tool with regard to the information that they share and/or we collect within the Service. This policy is not applicable to any information collected offline or via channels other than this application. Other AnalyticsLiv products and the main analyticsliv.com website are governed by their own policies.

1. Consent

By signing in to and using the GA4 Auditor Service with your Google account, you hereby consent to our Privacy Policy and agree to its terms.

2. Information we collect

When you sign in with Google, we receive:

  • Profile information — your name, email address, and profile picture, used to identify your account.
  • Google Analytics data — your GA4 account list, property configuration, data streams, events, conversions, custom dimensions/metrics, and audience definitions. This is read on demand to generate audit reports and to answer your questions in the in-app chatbot.
  • OAuth tokens — Google-issued access and refresh tokens, stored securely so the Service can call the Google Analytics API on your behalf without requiring you to log in again on every request.
  • Generated audit reports — the results of audits you run are saved to your account so you can revisit them later.

We do not collect payment information, browsing history outside the Service, advertising identifiers, or any data that is not necessary to provide the Service.

3. Google API scopes we request

The Service requests the following Google OAuth scopes. You see and approve each scope on the Google consent screen when you sign in:

  • openid, email, profile — to identify you and create your account.
  • https://www.googleapis.com/auth/analytics.readonly — to read your GA4 account, property, and configuration data so we can generate audit reports and answer chatbot questions.
  • https://www.googleapis.com/auth/analytics.edit — to apply configuration changes only when you explicitly approve a recommendation inside the Service (for example, enabling enhanced measurement or creating a recommended custom dimension). We never modify your GA4 configuration without an explicit in-app confirmation from you.

4. How we use your information

  • To authenticate you and maintain your session.
  • To fetch and analyse your GA4 configuration in order to generate audit reports.
  • To answer your questions about your GA4 setup through the in-app AI chatbot.
  • To save your audit reports to your account so you can view them again later.
  • To apply, on your explicit request, configuration changes to your GA4 properties.

We do not use your data for advertising, do not sell it, do not share it with third parties for their own marketing, and do not use it to train generic machine-learning models.

5. Google Limited Use disclosure

The Service’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically: Google user data accessed via the analytics.readonly and analytics.edit scopes is used solely to provide and improve the user-facing features of the GA4 Auditor Service, and is not transferred to third parties except as necessary to provide those features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to affected users.

6. Use of AI / chatbot

The in-app chatbot uses a third-party large language model provider to answer your questions about your GA4 configuration. When you ask a question, the relevant slice of your own GA4 data is sent to the provider as context for that single request. The provider is contractually prohibited from using this data to train their models.

7. Data storage and retention

  • Your account profile, audit reports, and OAuth refresh tokens are stored in a managed MongoDB database hosted in a secure cloud region.
  • GA4 data fetched at audit time is processed in memory and is not stored beyond what is needed to render the resulting audit report.
  • Audit reports are retained for as long as your account is active so you can revisit them later.
  • The Service currently reads from your Google Analytics properties only. We do not write to, or modify, any data in your GA4 properties as part of the Service’s current functionality.

8. Log files

The GA4 Auditor follows a standard procedure of using log files. These files log users when they use the Service. The information collected by log files may include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, and referring or exit pages. This information is not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the Service, troubleshooting errors, and ensuring security. These logs are retained for a limited operational window and are accessible only to authorised engineering staff.

9. How to revoke access or request data deletion

  • You can revoke the Service’s access to your Google account at any time from myaccount.google.com/permissions. Once revoked, we can no longer call the Google Analytics API on your behalf.
  • To request deletion of your account and the data stored about you, email us at support@analyticsliv.com from the email address you signed up with. We will action verified deletion requests within 30 days and confirm by email when the data has been removed.

10. Your rights

Depending on where you live, you may have the following rights in respect of the personal data we hold about you. We honour these rights for all users regardless of jurisdiction:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to correct information that is inaccurate or incomplete.
  • Deletion — ask us to delete your account and associated data, as described in §8.
  • Portability — receive a machine-readable copy of your data (e.g. your stored audit reports) so you can move it elsewhere.
  • Objection / withdrawal of consent — withdraw your consent for us to process your data at any time, which you can do by revoking the Service’s Google access (see §8) and emailing us to request deletion.
  • Complaint — lodge a complaint with your local data-protection authority. In India, this is the Data Protection Board of India (under the Digital Personal Data Protection Act, 2023).

To exercise any of these rights, contact us at support@analyticsliv.com. We will respond within 30 days.

11. Cookies

The Service uses a single session cookie (managed by NextAuth) to keep you signed in between page loads. This cookie is essential to the operation of the Service and cannot be disabled without losing the ability to use the Service.

We do not use advertising cookies, tracking cookies, third-party analytics cookies, or any other cookies beyond what is strictly necessary to authenticate you.

12. Security

We use industry-standard measures to protect your data: encrypted connections (HTTPS) for all traffic, encrypted storage at rest, scoped database credentials, and least-privilege access controls for engineering staff. No system is perfectly secure, but in the event of a security incident that exposes your personal data, we will notify affected users without undue delay — and, in any case, within 72 hours of confirming the incident — by email to the address associated with your account.

13. Children

The Service is not directed to children under 18 and we do not knowingly collect personal data from them. If you believe a child has provided personal data to the Service, please contact us and we will delete it.

14. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or via an in-app notice before they take effect. The “Effective” date at the top of this page indicates when the current version was published.

15. Contact and grievance officer

For any questions, complaints, data-protection requests, or grievances relating to this Privacy Policy or your personal data, please contact our grievance officer at support@analyticsliv.com. We aim to acknowledge all such requests within 7 business days and to substantively resolve them within 30 days.

ANALYTICS LIV DIGITAL LLP. · Ahmedabad, Gujarat, India.