Privacy Policy

Hypersight IO, operating as hyperguard ("hyperguard," "we," "us," or "our"), respects your privacy and is committed to protecting your personal data. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information when you use our invalid traffic detection and ad fraud prevention services (the "Service").

By accessing or using our Service, you agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

Scope

This Privacy Policy applies to:

• Customers: Organizations and individuals who register for and use our Service
• End Users: Visitors to websites and applications that use our Service for traffic quality verification
• Website Visitors: Visitors to our corporate website at hyperguard.app
• Free Tool Users: Individuals who use our free tools, including the GA4 Traffic Analyzer, which may access third-party services (such as Google Analytics) on your behalf

1. Information We Collect

Information from Customers

When you register for our Service, we collect:

• Account Information: Business name, contact name, email address, phone number, and account credentials
• Billing Information: Payment card details and billing address (processed by our payment service provider)
• Service Configuration: Website domains, API configurations, and service preferences
• Usage Information: Service usage data, feature utilization, and performance metrics
• Communications: Support inquiries, feedback, and other correspondence

Information from End Users

When our Service analyzes traffic on our customers' digital properties, we collect limited technical information to distinguish between legitimate users and invalid traffic:

• Device Information: Browser type and version, operating system, device type, screen resolution, and technical device characteristics
• Network Information: Anonymized IP address data, approximate geographic location (country/region level), and connection type
• Interaction Data: Page interactions, session duration, and navigation patterns (no personal content is captured)
• Technical Identifiers: Session identifiers and technical fingerprints for fraud detection purposes

Google API Services — GA4 Traffic Analyzer

We offer a free GA4 Traffic Analyzer tool (available at hyperguard.app/tools/traffic-analyzer) that connects to your Google Analytics 4 account to provide a one-time traffic quality analysis. This section describes how we handle data accessed through Google APIs when you use this tool.

Data Accessed

The GA4 Traffic Analyzer requests read-only access to your Google Analytics data using the analytics.readonly OAuth scope. Specifically, we access:

• Property Listing: The names and IDs of Google Analytics 4 properties accessible to your Google account
• Traffic Dimensions: Browser, operating system, screen resolution, device category, country, language, traffic source, traffic medium, and landing page
• Traffic Metrics: Sessions, total users, new users, bounce rate, average session duration, pageviews, engaged sessions, transactions, and event count
• Aggregated Patterns: Hourly distribution, channel grouping, and campaign-level data

We do not request or have write access to your Google Analytics account. We cannot modify your analytics configuration, properties, or data.

How We Use This Data

Your Google Analytics data is used solely to generate a one-time traffic quality analysis report displayed to you in your browser. This includes estimating the percentage of invalid or bot traffic, providing source-by-source breakdowns, and identifying geographic patterns of suspicious activity.

Data Storage and Retention

• All Google Analytics data is processed entirely in-memory within your browser session
• Zero data is stored on any server, database, or persistent storage
• Data exists only for the duration of your browser session and is automatically discarded when you close the tab, click "Disconnect," or your session expires
• No Google user data is written to any logs, databases, or files

Data Sharing

Google Analytics data accessed through the GA4 Traffic Analyzer is not shared with any third parties. The data is not sold, rented, traded, or disclosed to anyone. It is used exclusively to render analysis results to you in your browser.

Revoking Access

You can revoke access to your Google Analytics data at any time by:

• Clicking the "Disconnect" button within the tool, which immediately clears all session data
• Removing the GA4 Traffic Analyzer from your connected apps in your Google Account security settings at myaccount.google.com/permissions

Google API Services User Data Policy

Meta Ads Integration

Hyperguard offers a Meta Ads integration that connects to your Meta (Facebook/Instagram) advertising account to provide campaign performance analytics and calculate the cost impact of bot traffic on your ad spend. This section describes how we handle data accessed through Meta APIs.

Data Accessed

The Meta Ads integration requests read-only access to your advertising data using the ads_read and business_management OAuth scopes. Specifically, we access:

• Ad Account Information: Account ID, account name, currency, and account status
• Campaign Metrics: Campaign names, IDs, spend, clicks, impressions, CPC, CPM, conversions, revenue, and ROAS

We do not have write access to your Meta advertising account. We cannot create, modify, pause, or delete any campaigns, ads, or account settings.

How We Use This Data

Your Meta advertising data is used solely to display campaign performance metrics in your Hyperguard dashboard, calculate the cost impact of bot traffic on your advertising budget, and show ROI and ROAS analytics.

Data Storage and Retention

• Your OAuth access token is encrypted using AES-256-GCM before storage in our database
• Campaign metrics are fetched on-demand when you view your dashboard and are not permanently stored
• Your ad account ID and account name are stored to identify the connected account
• Access tokens are long-lived (~60 days). When expired, you will be prompted to reconnect

Data Sharing

Meta advertising data accessed through the Hyperguard integration is not shared with any third parties. The data is not sold, rented, traded, or disclosed to anyone. It is used exclusively to display analytics to you in your Hyperguard dashboard.

Revoking Access

You can revoke access to your Meta advertising data at any time by:

• Clicking "Disconnect" on the Meta Ads integration in your Hyperguard property settings, which immediately revokes the token and removes stored data
• Removing Hyperguard from your connected apps in your Meta account at facebook.com/settings → Business Integrations

2. How We Use Information

We use the collected information for the following purposes:

Service Delivery

• Provide invalid traffic detection and ad fraud prevention services
• Generate analytics and reporting for our customers
• Monitor and improve Service performance and reliability
• Develop and enhance our detection capabilities

Customer Support

• Respond to customer inquiries and support requests
• Send service-related communications and updates
• Process billing and payment transactions

Legal and Security

• Comply with legal obligations and regulatory requirements
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service and other agreements

3. Legal Basis for Processing

For individuals in the European Economic Area (EEA) and United Kingdom (UK), we process personal data based on:

• Performance of Contract: To provide services to our customers
• Legitimate Interests: To detect and prevent fraud, maintain security, and improve our services
• Consent: Where required by applicable law
• Legal Obligations: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

We do not sell, rent, or trade personal information. We may share information in the following circumstances:

Service Providers

We engage trusted third-party companies to support our Service operations, including:

• Cloud hosting and infrastructure providers
• Payment processing services
• Customer support and communication tools
• Analytics and monitoring services

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose information when required by law, including:

• To comply with legal processes or government requests
• To protect our rights, property, or safety
• To investigate potential violations of our Terms of Service
• As part of a corporate transaction such as a merger or acquisition

With Consent

We may share information with your explicit consent or at your direction.

5. Data Retention

We retain information for as long as necessary to provide our Service and comply with legal obligations:

• Customer Account Data: Retained for the duration of your account and a reasonable period thereafter
• End User Data: Automatically deleted after 30 days (configurable by customers up to 90 days)
• Billing Records: Retained as required by tax and accounting regulations
• Legal Records: Retained as necessary to comply with legal obligations or resolve disputes
• GA4 Traffic Analyzer Data: Not retained. All Google Analytics data is processed in-memory during your browser session and discarded immediately when the session ends. No Google user data is stored on our servers at any time.

When retention is no longer necessary, we securely delete or anonymize the information.

6. Data Security

We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Industry-standard encryption for data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Security incident response procedures
• Employee training on data protection and privacy

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to maintaining robust protections.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

European Economic Area and United Kingdom

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete information
• Erasure: Request deletion of your personal data
• Data Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests
• Restriction: Request limited processing of your data
• Withdraw Consent: Withdraw consent where processing is based on consent

California

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

• Know: Request information about personal data collected, used, and disclosed
• Delete: Request deletion of personal information
• Opt-Out: Opt-out of the sale of personal information (we do not sell personal data)
• Non-Discrimination: Not be discriminated against for exercising privacy rights

Other Jurisdictions

Residents of other jurisdictions may have additional rights under local privacy laws. Please contact us to learn more about your specific rights.

8. Cookies and Similar Technologies

Our Use of Storage Technologies

Our Service uses browser storage mechanisms to maintain session state and improve performance:

• Local Storage: To maintain session continuity
• Session Storage: For temporary data during a browsing session

Important: Our fraud detection technology does not use traditional tracking cookies. We use alternative storage methods that respect user privacy while maintaining service functionality.

Third-Party Technologies

Third-party services integrated with our platform may use their own cookies and tracking technologies. These are governed by their respective privacy policies.

Managing Your Preferences

You can manage storage preferences through your browser settings. Note that disabling storage may affect the functionality of our Service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your country.

When we transfer personal data internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Ensuring recipients are in countries with adequate data protection laws
• Implementing technical and organizational security measures

By using our Service, you consent to the transfer of your information as described in this Privacy Policy.

10. Children's Privacy

Our Service is not intended for use by children under the age of 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information.

If you believe we have collected information from a child, please contact us immediately at privacy@hyperguard.app.

11. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) option that signals to websites that you do not want your online activities tracked. Our Service responds to DNT signals as follows:

• When DNT is enabled, our Service limits data collection to essential fraud detection operations
• We do not track users across unrelated websites regardless of DNT settings

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify registered customers via email
• We may display a prominent notice on our Service

We encourage you to review this Privacy Policy periodically. Your continued use of our Service after changes indicates your acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Regional Privacy Disclosures

European Union and United Kingdom

You have the right to lodge a complaint with your local data protection supervisory authority. We would appreciate the opportunity to address your concerns before you approach the supervisory authority, so please contact us first.

California

This section provides additional disclosures required by the California Consumer Privacy Act (CCPA):

• We do not sell personal information
• We do not share personal information for cross-context behavioral advertising
• In the past 12 months, we have collected the categories of personal information described in this Privacy Policy
• We collect personal information for the business purposes described in this Privacy Policy

California residents may make requests under the CCPA by emailing privacy@hyperguard.app.

Nevada

Nevada residents have the right to opt out of the sale of their personal information. We do not sell personal information as defined under Nevada law. To make a request under Nevada law, please email privacy@hyperguard.app.

Brazil

This Privacy Policy complies with the Lei Geral de Proteção de Dados (LGPD). Brazilian residents have rights similar to those described in the "Your Privacy Rights" section above.

Canada

We comply with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA). Canadian residents have the right to access and correct their personal information.