" "
This Privacy Policy explains what information CPA Analytics ("we," "us," "our") collects when you use our service, how we use it, and the choices you have. It applies to organizations that register for an account and to individual users who sign in to use the service.
When you register, we collect your organization name, address, primary contact email, phone number, and billing information. For each user account we collect name, email, username, optional phone number, and an encrypted password hash. We never store passwords in plain text.
The service receives operational data from Mutha Goose devices and their attached machines that you or your organization have registered. This includes meter readings, transaction events, timestamps, device identifiers, and machine identifiers. Telemetry does not include personally identifiable information about end customers of the machines.
Subscription payments are processed by Stripe. We do not store full card numbers; Stripe retains the card and returns a reference token we store to charge your subscription. See Stripe's privacy policy at stripe.com/privacy.
We collect standard server logs including IP address, browser user agent, pages viewed, timestamps, and errors. We use cookies to keep you signed in and to remember preferences. We do not use third-party advertising cookies.
When you submit a support ticket or reply to one, we retain the subject, body, and metadata (status, priority, who it was assigned to). Agents may add internal notes that are not visible to you.
CPA Analytics may send account-related text messages to users who have provided express consent. These messages may include verification codes, login alerts, password reset notifications, account security alerts, and other account-related communications.
Message frequency varies. Message and data rates may apply.
Users may opt out at any time by replying STOP. Users may request assistance by replying HELP.
SMS consent is not shared with third parties or affiliates for marketing purposes. When consent is given, we retain the timestamp, the IP address from which consent was provided, and the version of the consent text the user agreed to, for audit and compliance purposes.
For a full description of our SMS opt-in process, see our SMS Consent & Opt-In Disclosure.
We do not sell personal information. We share information only with:
Account and billing records are retained for the life of your subscription and for a reasonable period thereafter to comply with tax, accounting, and legal obligations. Device telemetry is retained according to your plan. Support tickets and replies are retained for historical reference. Deleted records are soft-deleted in our database; we purge backups on a rolling schedule.
We use industry-standard safeguards: encrypted transport (HTTPS/TLS), hashed passwords, role-based access controls, session timeouts, CSRF protection, and audit logging. No system is perfectly secure; please use a strong password and do not share it.
The service is intended for business use. We do not knowingly collect personal information from children under 13.
We operate in the United States. If you access the service from outside the US, you understand that your information will be transferred to and processed in the US.
We may update this policy from time to time. Material changes will be posted here with a new effective date. Continued use of the service after changes become effective constitutes acceptance of the updated policy.
Questions about this policy? Contact CPA Analytics support through the in-app support page, or by email at the address listed in your account.