Privacy Policy

Effective date: March 24, 2026

Who We Are

Adapted Hub LLC operates OwlMetry, an analytics platform for mobile and backend applications. OwlMetry is available as a hosted service at owlmetry.com and as self-hosted open-source software.

Information We Collect

Platform Users (You)

When you create an OwlMetry account, we collect the following information:

  • Email address — used as your login identifier
  • Name — auto-generated from your email address and editable in your profile

Authentication is passwordless. We send a 6-digit verification code to your email when you sign in. Verification codes are hashed before storage and expire after 10 minutes.

End-User Data (Your Application's Users)

When your application uses our SDKs, the following data may be collected about your end users:

  • Device information: device model, OS version, locale
  • App information: app version, build number, bundle identifier
  • Session data: session identifier (UUID, generated fresh on each app launch)
  • User identifiers: anonymous ID (auto-generated) or user ID (if you call our identity API)
  • Event data: log level, message, screen name, timestamps
  • Custom attributes: key-value pairs that you explicitly send
  • Experiment assignments: A/B test variant assignments
  • Network connection type (Swift SDK only, opt-in)

What We Do Not Collect

  • IP addresses
  • GPS or precise location data
  • Biometric data
  • Browser fingerprints
  • Advertising identifiers
  • Contact lists, photos, or other device content

How We Use Your Information

  • Provide and operate the OwlMetry analytics service
  • Authenticate your account and maintain your session
  • Send verification codes and team invitation emails
  • Monitor service health and prevent abuse

We do not use your data for advertising, profiling, or any purpose other than providing the service.

Data Storage and Security

  • Data is stored in a PostgreSQL database hosted on DigitalOcean infrastructure in the United States
  • API keys are SHA-256 hashed before storage — full keys are shown only once at creation
  • Email verification codes are hashed before storage
  • Authentication uses HTTP-only, secure cookies that are inaccessible to JavaScript
  • The API is protected by rate limiting and request size guards
  • All data in transit is encrypted via TLS (HTTPS)

If you self-host OwlMetry, your data stays entirely on your own infrastructure.

Data Retention

  • Event data is retained until you delete it or until automatic pruning removes it (if you have configured a database size limit on your self-hosted instance)
  • Deleted resources (projects, apps, API keys) are soft-deleted and permanently removed after 7 days
  • Email verification codes expire after 10 minutes
  • Database backups are retained for 7 days on the hosted service
  • Team invitations expire after 7 days

Third-Party Services

We use a minimal set of third-party services. We do not use any analytics, advertising, or tracking services on our own platform.

  • Resend — email delivery for verification codes and team invitations
  • Cloudflare — CDN, SSL termination, and DDoS protection
  • DigitalOcean — infrastructure hosting

Cookies

OwlMetry uses a single authentication cookie:

  • Name: token
  • Purpose: maintains your authenticated session
  • Type: HTTP-only, secure, SameSite=Lax
  • Duration: 7 days

This cookie is strictly necessary for the service to function. We do not use any tracking, analytics, or advertising cookies.

Our Role as a Data Processor

When you use OwlMetry to collect data about your application's users, you are the data controller and OwlMetry acts as a data processor (under GDPR) or service provider (under CCPA). This means:

  • You determine what data is collected from your users and why
  • We process that data solely to provide the OwlMetry service to you
  • We do not sell, share, or use your end-user data for any purpose other than providing the service
  • You are responsible for obtaining any necessary consents from your end users and for complying with applicable privacy laws

Your Rights Under GDPR

If you are located in the European Economic Area, you have the right to:

  • Access your personal data
  • Correct inaccurate personal data
  • Delete your personal data
  • Port your data to another service in a machine-readable format
  • Restrict processing of your personal data
  • Object to processing of your personal data

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Your Rights Under CCPA

If you are a California resident, you have the right to:

  • Know what personal information we collect and how we use it
  • Delete your personal information
  • Opt out of the sale of your personal information — we do not sell personal information
  • Non-discrimination for exercising your privacy rights

To exercise any of these rights, contact us at [email protected].

International Data Transfers

Data collected through the hosted service is stored in the United States. If you are located outside the United States, your data will be transferred to and processed in the United States. We rely on standard contractual clauses where required for lawful international data transfers.

Children's Privacy

OwlMetry is not directed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us at [email protected] and we will promptly delete it.

Changes to This Policy

We may update this privacy policy from time to time. The effective date at the top of this page indicates when the policy was last revised. If we make material changes, we will notify you by email.

Contact Us

If you have questions about this privacy policy or our data practices, contact us at:

[email protected]