TracekitTracekit

Privacy Policy

Last Updated: April 8, 2026

Introduction

tracekit.dev (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Information We Collect

Information You Provide

When you register for Tracekit, we collect:

  • Account Information: Name, email address, company name
  • Billing Information: Credit card details (processed securely through Stripe)
  • Profile Information: Optional profile photo, job title, timezone preferences
  • Support Communications: When you contact support, we retain correspondence

Email Marketing

When you download one of our free guides, we collect:

  • Email Address: To deliver the guide and send educational follow-up emails about the topic you selected
  • Consent Record: Whether you opted in to receive educational emails, and when
  • Guide Selection: Which guide you requested, to personalize follow-up content

Email marketing is handled by Kit(formerly ConvertKit). Your email address is stored in Kit's systems and is subject to their privacy policy. You can unsubscribe from any email sequence at any time using the unsubscribe link in every email. Unsubscribing removes you from future marketing emails but does not delete your data from Kit. To request full deletion, contact support@tracekit.dev.

Information We Automatically Collect

  • Usage Data: Application traces, metrics, and logs you send to Tracekit
  • Device Information: Browser type, IP address, operating system
  • Cookies: We use cookies for authentication and analytics (see Cookies section)
  • Analytics: We track page views, feature usage, and performance metrics

Advertising and Tracking

We use the following tools to measure the effectiveness of our advertising campaigns:

  • Google Tag Manager (GTM): A tag management system that loads analytics and advertising scripts. GTM itself does not collect personal data, but it manages the tags below.
  • Google Analytics 4 (GA4): Collects anonymized usage data including page views, session duration, and conversion events (such as guide downloads). GA4 respects your cookie consent preferences. Data is processed by Google under their privacy policy.
  • Reddit Pixel: Tracks conversions from Reddit ad campaigns. The pixel fires only on guide landing pages and only when you have accepted marketing cookies. Data is processed by Reddit under their privacy policy.

All advertising and analytics scripts load only after you grant consent via our cookie consent banner. If you deny consent, these scripts do not load and no tracking data is collected.

Information from Integrations

If you connect third-party services (GitHub, Slack, etc.), we may access:

  • Repository information
  • Webhook data
  • Basic profile information from connected services

How We Use Your Information

We use your information to:

1. Provide Services:

  • Process and display your application traces
  • Generate performance metrics and dashboards
  • Send alert notifications
  • Provide customer support

2. Improve Services:

  • Analyze usage patterns to improve features
  • Identify and fix bugs
  • Develop new functionality

3. Communications:

  • Send service-related emails (account confirmations, billing notifications)
  • Share product updates and feature announcements (you can opt-out)
  • Respond to inquiries and support requests

4. Security:

  • Detect and prevent fraud
  • Monitor for security threats
  • Enforce our Terms of Service

5. Legal Compliance:

  • Comply with applicable laws and regulations
  • Respond to legal requests

Data Retention

We retain your data as follows:

  • Account Data: Until you delete your account, plus 30 days
  • Trace Data:According to your plan's retention period (7-90 days)
  • Billing Records: 7 years for tax/legal compliance
  • Deleted Data: Permanently removed within 30 days of deletion

Data Sharing and Disclosure

We do not sell your personal information. We share data only in these circumstances:

Service Providers

We use trusted third-party services:

  • Stripe: Payment processing (PCI-compliant)
  • Hetzner: Cloud hosting and storage
  • Resend: Transactional emails
  • Kit (ConvertKit): Email marketing and subscriber management
  • Reddit: Advertising conversion tracking
  • Google: Analytics (GA4) and tag management (GTM)

All providers are contractually bound to protect your data.

Legal Requirements

We may disclose information if required by:

  • Court orders or legal processes
  • Government requests
  • Preventing fraud or security threats
  • Protecting our legal rights

Business Transfers

If Tracekit is acquired or merged, your data may transfer to the new entity. We will notify you of any such change.

With Your Consent

We may share information for other purposes with your explicit consent.

Your Rights and Choices

Access and Portability

You can:

  • View all your data in your account dashboard
  • Export your trace data via API or UI
  • Request a complete data export (contact: support@tracekit.dev)

Correction and Deletion

You can:

  • Update your profile information anytime
  • Delete your account (Settings → Account → Delete Account)
  • Request data deletion (contact: support@tracekit.dev)

Marketing Communications

You can:

  • Opt-out of marketing emails via unsubscribe links
  • Adjust notification preferences in Settings
  • You will still receive essential service emails

Do Not Track

We honor Do Not Track (DNT) browser signals for analytics tracking.

Cookies

What Cookies We Use

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: Google Analytics 4 (via GTM) for usage statistics, loaded only with your consent
  • Marketing Cookies: Reddit pixel and UTM attribution cookies for advertising campaign measurement, loaded only with your consent
  • Preference Cookies: Remember your settings and preferences

UTM Attribution Cookies

When you visit our site from an advertising link, we store UTM parameters (source, medium, campaign, content, term) as first-party cookies. These cookies:

  • Record which ad or link brought you to our site
  • Persist for 30 days from your first visit
  • Are sent to Kit when you submit a guide download form, to attribute your subscription to the correct campaign
  • Do not contain personal information -- only campaign identifiers (e.g., “reddit”, “paid”, “guide-debugging”)
  • Are classified as marketing cookies and are only set when you accept marketing cookies

Managing Cookies

You can control cookies through:

Data Security

We implement security measures including:

  • Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access
  • Infrastructure: SOC 2 Type II certified hosting (Hetzner)
  • Monitoring: 24/7 security monitoring and threat detection
  • Regular Audits: Quarterly security assessments

Despite our efforts, no system is 100% secure. We will notify you of breaches as required by law.

International Data Transfers

Tracekit is based in Germany. If you are outside the EU:

  • We use Hetzner data centers in Germany. Enterprise customers can request specific locations.
  • We comply with GDPR for European users

Children's Privacy

Tracekit is not intended for users under 16. We do not knowingly collect data from children. If you believe a child has provided data, contact us at support@tracekit.dev.

GDPR Rights (European Users)

If you are in the EU/EEA, you have additional rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure:Request deletion (“right to be forgotten”)
  • Right to Restriction: Limit how we use your data
  • Right to Portability: Receive data in a structured format
  • Right to Object: Object to processing for marketing purposes
  • Right to Withdraw Consent: At any time

To exercise these rights, email: support@tracekit.dev

Changes to This Policy

We may update this Privacy Policy occasionally. We will notify you of material changes via:

  • Email notification
  • Notice on our website

Continued use after changes constitutes acceptance.

Contact Us

For privacy questions or concerns:

Email: support@tracekit.dev

Mail: tracekit.dev Privacy Team

Data Protection Officer: dpo@tracekit.dev

Compliance

Tracekit complies with:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • SOC 2 Type II standards
  • PCI DSS (via Stripe)

Last Reviewed: April 8, 2026
Effective Date: April 8, 2026