C
NeverMissPro← Back to home

Legal

Privacy Policy

Last updated: April 15, 2026

1. Introduction

Welcome to NeverMissPro, a product of NeverMissPro ("we", "us", or "our"), accessible at nevermisspro.com. NeverMissPro is an AI-powered analytics platform that enables digital marketing agencies to query their clients' Google Analytics 4 (GA4) data using plain-English questions.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and your rights under the General Data Protection Regulation (GDPR) and applicable Italian, French, and Swiss data protection laws.

By using NeverMissPro, you agree to the practices described in this policy. If you do not agree, please discontinue use and contact us at sovon@nevermisspro.com to request deletion of your data.

2. Who We Are (Data Controller)

The data controller responsible for your personal data is:

NeverMissPro

NeverMissPro, Milan, Italy

Email: sovon@nevermisspro.com

Website: nevermisspro.com

3. Data We Collect

3.1 Account & Registration Data

When you sign up for NeverMissPro, we collect:

  • Full name and email address
  • Agency name
  • Password (stored as a salted hash — never in plain text)
  • IP address and approximate geolocation at registration

3.2 Google Analytics 4 (GA4) Access Tokens

When you connect a client's GA4 account, we store OAuth access and refresh tokens issued by Google. These tokens are used exclusively to query GA4 data on your behalf. We do not store raw GA4 data permanently — analytics data is fetched in real time per conversation and discarded after the AI response is generated.

3.3 Conversation & Message Data

We store the questions you type and the AI responses generated. This data is tied to your agency account and the specific client context. Conversations are used to display your history and to improve response quality. We do not use your conversation data to train external AI models.

3.4 Usage & Technical Data

We automatically collect:

  • Browser type, device type, operating system
  • Pages visited, features used, timestamps
  • Error logs and performance metrics

This data is used to maintain, improve, and secure the platform.

3.5 Billing & Payment Data

Credit usage and plan information are stored in our database. Payment processing is handled by third-party providers (Stripe). We do not store full card numbers on our servers.

4. How We Use Your Data

PurposeLegal Basis (GDPR)
Providing and operating the NeverMissPro serviceContract performance (Art. 6(1)(b))
Authenticating users and securing accountsContract performance (Art. 6(1)(b))
Processing GA4 queries via AIContract performance (Art. 6(1)(b))
Sending transactional emails (e.g. password reset)Contract performance (Art. 6(1)(b))
Billing and credit managementContract performance (Art. 6(1)(b))
Platform security and fraud preventionLegitimate interests (Art. 6(1)(f))
Product analytics and improvementLegitimate interests (Art. 6(1)(f))
Legal complianceLegal obligation (Art. 6(1)(c))

5. AI Processing & Third-Party Services

5.1 AI / LLM Processing

NeverMissPro uses large language models (LLMs) to interpret your questions and generate analytics responses. Queries are processed via our n8n automation layer. GA4 metric summaries — not raw personal data of your end-users — are passed to the AI model. We use DeepSeek as our primary LLM provider. Their data processing terms apply to data transmitted to their API.

5.2 Supabase (Database & Auth)

Our database and authentication infrastructure is hosted on Supabase (eu-west-3, Paris, France), ensuring your data remains within the European Economic Area.

5.3 Google OAuth & Analytics

When you connect GA4 accounts, OAuth flows are handled through Google's identity platform. Google's Privacy Policy applies to data processed through their services.

5.4 Hosting

The NeverMissPro web application is hosted on Vercel. Your data transmitted to the frontend passes through Vercel's global CDN infrastructure.

6. Data Retention

  • Account data: Retained for the duration of your subscription and up to 90 days after account closure.
  • Conversation history: Retained for 12 months from the date of creation, then automatically deleted.
  • GA4 tokens: Deleted immediately upon disconnection or account closure.
  • Billing records: Retained for 7 years to comply with EU accounting laws.
  • Usage logs: Retained for 90 days for security purposes.

7. Data Sharing

We do not sell your personal data. We share data only:

  • With sub-processors listed in Section 5 (Supabase, Vercel, DeepSeek, Stripe, Google) under strict data processing agreements
  • When required by law, court order, or regulatory authority
  • In the event of a merger or acquisition, with the acquirer under the same privacy commitments

Agency-level data is never shared across agencies. Each agency's data is strictly isolated via row-level security policies in our database.

8. International Transfers

Our primary database is hosted in the EU (Paris, France). Some sub-processors (DeepSeek, Vercel) may process data outside the EU. In such cases, transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an adequate level of protection.

9. Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Correct inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten"): Request deletion of your data (subject to legal retention requirements).
  • Right to restriction: Ask us to restrict processing of your data in certain circumstances.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email sovon@nevermisspro.com. We will respond within 30 days. If you believe your rights have been violated, you may lodge a complaint with your local data protection authority (e.g. Garante Privacy in Italy, CNIL in France, FDPIC in Switzerland).

10. Cookies

NeverMissPro uses only essential cookies required for authentication (session tokens). We do not use advertising, tracking, or third-party analytics cookies. No cookie consent banner is displayed because we do not use non-essential cookies.

11. Security

We implement industry-standard security measures including:

  • TLS encryption for all data in transit
  • Encrypted storage for sensitive fields (OAuth tokens)
  • Row-level security (RLS) at the database level ensuring strict agency data isolation
  • Regular security audits and dependency updates
  • Two-factor authentication available for all accounts

In the event of a data breach affecting your rights, we will notify affected users and the relevant supervisory authority within 72 hours as required by GDPR Art. 33–34.

12. Children's Privacy

NeverMissPro is a B2B platform intended for business professionals aged 18 and over. We do not knowingly collect data from children under 16. If you believe a minor has submitted personal data, contact us immediately at sovon@nevermisspro.com.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated by email to registered users at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of NeverMissPro after the effective date constitutes acceptance of the revised policy.

14. Contact Us

For any privacy-related questions, requests, or complaints:

NeverMissPro — Privacy Team

Email: sovon@nevermisspro.com

Website: nevermisspro.com