Security & your data
Plain answers to the questions you should ask any analytics vendor — especially a small one.
What we collect
The snippet auto-captures pageviews, clicks, form submits and errors from your site, plus events you track explicitly. Events carry an anonymous or your-app-provided user id — we never see your users’ passwords or payment details. Everything is scoped to your project and never shared or sold.
Where it flows
your site → api.growth-loop.dev → ClickHouse (events)
chat question → your metrics summary → OpenRouter LLM → cited answer
Prefer your own LLM key? Paste it in Settings → AI — then chat traffic runs on your OpenRouter account, not our shared key.
Subprocessors
| Service | Role | Sees |
|---|---|---|
| Fly.io (US) | API + analysis workers | event ingest, AI analysis |
| Vercel (US) | web app hosting | pages you see; no event data stored |
| Neon (US) | Postgres | accounts, projects, hashed API keys |
| ClickHouse Cloud (EU-DE) | events database | your product’s events |
| Tigris (Fly, US) | object storage | rendered demo videos |
| Redis Cloud (US) | queues & rate limits | short-lived tokens, counters |
| OpenRouter → LLMs | AI answers | metric aggregates in chat context — or your own key |
| Anthropic | repo instrumentation agent | code snippets during a PR run |
Your exit, guaranteed
Your data is yours: download every raw event as CSV anytime from Setup — no ticket, no waiting. If growth-loop ever shuts down, you get at least 90 days of export access, and our published SDKs (npm, PyPI) stay open source either way. It is our stated intent that if the service stops shipping, the platform code is released under Apache 2.0 so self-hosting remains possible.
The boring hygiene
API keys are stored hashed (never plaintext), sessions are server-side with sliding expiry, passwords are bcrypt-hashed and checked against common-password lists, the browser SDK has zero runtime dependencies, and every AI action that touches your code ships as a PR you review — nothing merges itself.
Questions
Write to security@growth-loop.dev — you’ll get the founder, not a bot.