legal

Privacy Policy

Last updated: June 28, 2026

Who we are

Datalenk is a revenue-first, cookieless web analytics service operated by Go To Agency, a company registered in France ("Datalenk", "we", "us"). This policy explains what we collect, why, and the rights you have. Questions? Email [email protected].

Our two roles

As a data controller, we process the account information of the people who sign up to Datalenk. As a data processor, we process the analytics data that our customers collect from their own websites — our customers decide what is collected and why, and we act on their instructions.

Information we collect

Account information. When you create an account we store your email address, your name (if provided), and your workspace and site settings. If you sign in with Google, we receive your basic profile (name, email, profile picture) to create and secure your account.

Analytics data (on behalf of customers). Datalenk is cookieless. We do not set cookies, do not fingerprint, and do not track people across sites. We process privacy-friendly signals such as page URL, referrer, approximate location derived from IP, device type and an ephemeral daily session identifier. Raw IP addresses are not stored — they are used transiently to derive coarse location and are then discarded or anonymized.

Connected services (read-only). If you choose to connect an external service, we receive read-only access to specific data so we can show it back to you inside Datalenk:

  • Google Search Console (scope webmasters.readonly): we read your search performance (queries, pages, clicks, impressions, position) to display it and to estimate revenue per search query. Read-only — we never modify anything in your Search Console.
  • Stripe (a restricted, read-only API key you create): we read charges, customers and subscriptions to attribute revenue to channels. We never receive your secret key, never move funds, and you can revoke access at any time from your Stripe dashboard.

How we use information

We use data to provide and secure the service: to authenticate you, to render your analytics, opportunities and revenue attribution, to send service emails (such as the magic sign-in link), and to prevent abuse. We do not sell your data, and we do not use it for advertising.

Google user data & Limited Use

Datalenk's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Concretely: data obtained from Google Search Console is used only to provide and improve user-facing features inside your Datalenk dashboard; it is never sold, never used for advertising, and never transferred to third parties except as required to operate the service or comply with the law. Humans do not read this data except with your explicit consent, for security, or where required by law.

Legal bases (GDPR)

We rely on: the performance of our contract with you (to deliver the service you signed up for); your consent (for optional connections you choose to enable); and our legitimate interests (to keep the service secure and to improve it), balanced against your rights.

Data retention

Account information is kept while your account is active and for a short period afterwards. Analytics aggregates are retained to power historical reporting; granular, more sensitive records are kept for a shorter, configurable window. Connection tokens and keys are stored encrypted and are deleted when you disconnect the service or close your account.

Sub-processors & sharing

We use a small number of vetted providers to run Datalenk: EU-based hosting (servers and databases), an email provider to deliver transactional email, Google (for the connections you enable), and Stripe (for billing and for the revenue data you connect). We share data with them only as needed to operate the service, and we never sell personal data.

International transfers

Datalenk is hosted in the EU. Where a provider processes data outside the EU, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.

Security

We protect data with encryption in transit, encryption of connection secrets at rest, scoped access, and least-privilege practices. No system is perfectly secure, but we work hard to keep yours safe and to respond quickly if something goes wrong.

Your rights

Subject to applicable law, you may access, correct, export or delete your data, object to or restrict certain processing, and withdraw consent at any time. To exercise these rights, email [email protected]. You may also lodge a complaint with your local data protection authority (in France, the CNIL).

Children

Datalenk is a tool for businesses and is not directed to children under 16. We do not knowingly collect their data.

Changes

We may update this policy as the product evolves. We will change the date above and, for material changes, notify you. Continued use after an update means you accept the revised policy.

Contact

Go To Agency — [email protected].