Last updated: December 1, 2025
Privacy Policy
We're building this to help you, not to track you. Here's how we handle your data with transparency and respect.
What we collect
We collect minimal data to provide customer health insights and improve our service:
Account Information
Email address and company name when you create an account. We use this to manage your account and communicate with you about the service.
Product Usage Events
Data collected via our SDK about how customers use your product (page views, feature usage, user actions). This data is used to calculate customer health scores and identify at-risk accounts.
Customer Account Data
Account IDs, user identification, and company information you provide to track customer accounts and calculate health scores.
Health Score Data
Calculated health scores and risk indicators for your customer accounts. This helps you identify which customers need attention.
Usage Analytics
Aggregated, anonymous data about how you use the Customer Insights dashboard (page views, feature usage). No personal information is included in analytics.
Why we collect it
Every piece of data we collect serves a specific purpose in helping you monitor customer health and prevent churn:
Customer Health Monitoring
Product usage events help us calculate health scores for each customer account, so you can see which customers are thriving and which need attention.
Churn Prediction
We analyze usage patterns to identify at-risk accounts and send you alerts when customer health scores drop to critical levels.
Account Management
Your account information allows us to provide you with a personalized dashboard and communicate important updates about your customer accounts.
Product Improvement
Anonymous usage patterns help us understand what works and what doesn't, so we can improve the accuracy of health scores and alerts.
How we protect it
We use enterprise-grade security measures to protect your data:
Supabase Infrastructure
Your data is stored on Supabase, which provides enterprise-grade security, encryption, and compliance with industry standards.
Data Isolation
Each vendor's data is completely isolated using row-level security. Your data is never mixed with other companies' information.
Encryption
All data is encrypted both in transit (when being sent) and at rest (when stored). Your information is protected at every step.
Limited Access
Only authorized project maintainers have access to the data, and all changes require approval. We don't share your data with third parties.
Data retention
We don't keep your data longer than necessary. Here are our retention periods:
Product Usage Events
Raw product usage events are retained for 90 days to calculate health scores. Aggregated data is kept longer for historical health score trends.
Customer Account Data
Customer account information and health scores are retained while your account is active. You can request deletion at any time.
Account Information
We keep your email address and company information until you request deletion or close your account. You can unsubscribe from communications at any time.
Analytics Data
Raw dashboard usage logs are purged after 30 days. We only keep aggregated, anonymous metrics for product improvement.
Your rights
You have control over your data. Here's what you can do:
Delete Your Account
You can delete your FirstDistro account at any time from your Profile settings. This will permanently delete all your data, including:
- All customer accounts and their data
- All product usage events
- All health scores and alerts
- All API keys and SDK configurations
- All user profiles
This action cannot be undone. Once you delete your account, all data is permanently removed from our systems. You will be signed out immediately after deletion.
Opt Out of Communications
You can unsubscribe from our emails at any time using the link in any email we send, or by contacting us directly.
Request Data Export
You can ask for a copy of all the personal data we have about you in a portable format.
Ask Questions
You can contact us anytime to ask questions about how we handle your data or to make any of the above requests.
Third-party services
We use trusted third-party services to provide our platform:
Supabase
We use Supabase for database storage and authentication. Your data is stored securely on Supabase's infrastructure.
Stripe
We use Stripe for payment processing. Payment information is handled directly by Stripe and never stored on our servers.
We don't share your customer data with third parties for marketing or advertising purposes. These services are used only to provide the core functionality of Customer Insights.
Note: We do not currently use Facebook Pixel or Google Ads tracking on our marketing site. Any future implementation of marketing tracking will require explicit user consent via a cookie banner.
Your Role as Data Controller
When you use FirstDistro SDK to track your customers, you are the data controllerfor that data. This means:
Your Responsibilities
- You must obtain consent from your end users before collecting personal data via our SDK
- You must have your own privacy policy that explains how you use FirstDistro
- You are responsible for handling data subject requests from your end users
- You decide what data to collect and send to FirstDistro
FirstDistro's Role
FirstDistro acts as a data processor. We process data on your behalf to provide customer health insights. We do not use your customer data for our own marketing or purposes beyond providing the service.
Anonymous Tracking
You can use FirstDistro SDK without collecting personal data. Simply don't callfirstDistro.identify() with names or emails. You can still track events and calculate health scores using anonymous session IDs.
Questions or Requests?
We're here to help with any privacy questions or requests. Contact us at:
We typically respond within 24 hours and will work with you to address any concerns or requests promptly.
This privacy policy is not legal advice. If you need legal guidance for your business, please consult with a qualified attorney.