Kissmetrics' Privacy Policy


Effective Date: February 26, 2019


As used in this “Privacy Policy”, “Metrics Enterprises” refers to all websites (including https://www.kissmetricshq.com, https://app.kissmetrics.com), properties, and services owned or operated by Metrics Enterprises, Inc., aka Kissmetrics.

This Privacy Policy is part of Metrics Enterprises Terms of Use and describes the privacy practices of Metrics Enterprises. It explains when and how Metrics Enterprises collects end user and client information, including Personally Identifiable Information (defined below), how we use such information, and the circumstances under which we may disclose such information to others. This Privacy Policy includes the policies that Metrics Enterprises observes for compliance with laws in the United States as well as other applicable laws, including those followed regarding the transfer of Personally Identifiable Information from the European Economic Area (“EEA”) and/or Switzerland to the United States under the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield, respectively.

By visiting the Metrics Enterprises website, visiting a Metrics Enterprises client website that provides notice of its use of Metrics Enterprises and/or this policy, or registering for our service, you acknowledge that you accept and consent to the practices outlined in this Privacy Policy.

What Types of User Information Does Metrics Enterprises Obtain?

Visitors to the Metrics Enterprises Website. If you are a visitor to the Metrics Enterprises website or a Metrics Enterprises client (“Client”) who registers or signs into the Metrics Enterprises website (including for purposes of obtaining a free trial of Metrics Enterprises services), we may obtain the following types of information from you or concerning your computer or device (“Metrics Enterprises Client Information”), which may include information that can itself be used to identify and/or contact you (“Personally Identifiable Information”):

  • Name
  • Email address
  • Phone number
  • Website name and URL
  • Credit card number
  • Billing address
  • Visitor site preferences

Metrics Enterprises may also receive certain information that may be provided by your browser or mobile device, including:

  • Browser information
  • Operating system information
  • Mobile device information (e.g., device identifier, mobile operating system, etc.)
  • IP address
  • Pages accessed
  • Time of visit
  • Time of last visit
  • Referring site, application, or service, including the relevant search queries that led you to Metrics Enterprises website

Visitors to the Metrics Enterprises Blog. If you wish to access certain functions within the Metrics Enterprises Blog, such as posting comments or registering for webinars, we may ask you to provide information, including:

  • Name
  • Email address
  • Your website

Visitors to Metrics Enterprises Clients’ Websites. Our Clients may use customized and proprietary Metrics Enterprises code, software and/or services (“Service(s)”) to obtain information regarding the activities that users engage in while visiting their web pages (“Client User Data”). When a user visits a website that uses Metrics Enterprises Service, Metrics Enterprises code contained on the website contacts Metrics Enterprises servers and enables Metrics Enterprises to collect Client User Data. Some Clients may also use their own code to obtain Client User Data and then send such information to Metrics Enterprises servers. Client User Data may include Personally Identifiable Information, including, but not limited to, the types of information listed for Metrics Enterprises Client Information above.

Client User Data is stored on Metrics Enterprises web servers and databases (including those hosted on third party servers on behalf of Metrics Enterprises) for use in performing analysis and producing reports for the applicable Metrics Enterprises Client. In addition, Metrics Enterprises itself uses the Metrics Enterprises Service in order to obtain insights into visitors’ activities on its own websites, which include, as of the Effective Date, http://www.kissmetricshq.com and http://www.kissmetricshq.com/blog.

Metrics Enterprises collection and analysis of Client User Data helps our Clients to evaluate and understand how their users are interacting with their websites, and potentially, to modify their websites in order to make them more valuable or useful for their users. Metrics Enterprises Clients determine the types of Client User Data that are sent to Metrics Enterprises servers for analysis. This data may include or be linked to Personally Identifiable Information depending on how the Client uses Metrics Enterprises Services on its website(s). Metrics Enterprises Clients are contractually prohibited from sending personally sensitive Client User Data (e.g. personal health information, political opinions, religious or philosophical beliefs) to Metrics Enterprises and Metrics Enterprises does not knowingly receive such data.

In addition, Metrics Enterprises may collect certain information about a Client’s visitor’s computer that may be provided by the visitor’s browser. This includes browser information, operating system information, mobile device information, IP address, time of visit, and the referring site, application, or service. Such information may be collected and shared with the Metrics Enterprises Client even though not specifically requested by the Client.

How Do We Use This Information?

Visitors to the Metrics Enterprises Website. We use the Metrics Enterprises Client Information, including Personally Identifiable Information, to register your account, fulfill your requests, understand how you are engaging with Metrics Enterprises, communicate with you, determine if you are satisfied with the Service, process billing for Metrics Enterprises Services, and personalize your experience on the Metrics Enterprises website and with the Metrics Enterprises Service.

We may also use Metrics Enterprises User Information to facilitate the delivery of content or advertisements that we believe may be of interest to you, or to communicate with you about new or existing products and services or special offers. For more information on opting out of these communications, please see the section on “User Privacy Controls” below.

Visitors to the Metrics Enterprises Blog. We may use information you voluntarily provide when visiting the Metrics Enterprises blog to send you e-mail communications, such as information on upcoming webinars, and to understand how you are engaging with and perceive Metrics Enterprises Services.

Visitors to Metrics Enterprises Clients’ Websites. Except as described in the “Disclosure of Information to Third Parties” section below, Metrics Enterprises never sells or shares any Client User Data with individuals or companies other than the specific Client whose website transmitted the Client User Data to Metrics Enterprises.

Metrics Enterprises does not collect or aggregate information about end user behavior across multiple, different websites that are operated by different Clients, nor does it use any Client User Data for purposes of behavioral advertising. However, Metrics Enterprises may analyze Client User Data in the aggregate for purposes of internal research and/or to determine overall trends or metrics concerning how users are engaging with websites, and may report such general trends publicly, without disclosing any Client User Data.

Our Client’s Use of Metrics Enterprises. Metrics Enterprises contractually requires its Clients to abide by all applicable laws, rules and regulations, including Privacy Shield where it applies, as well as other applicable laws relating to privacy and data collection (“Applicable Laws”). Metrics Enterprises also contractually requires its Clients to obtain any necessary consents from visitors to its website(s) for the Client’s use of Metrics Enterprises services, comply with all Applicable Laws (including, as an example, Privacy Shield where it applies) with respect to the transfer of Personally Identifiable Information of EU or Swiss subjects through the Service, and to post an online privacy policy that provides each visitor with clear notice of its practices regarding data collection, use, and disclosure (including the Client’s use of Metrics Enterprises), along with a link to the Metrics Enterprises Privacy Policy and to the Metrics Enterprises Service Opt-Out (discussed below).

Metrics Enterprises cannot be held responsible for any Client’s failure to make these disclosures on its website or for any Client’s use or collection of Client User Data that is not permitted under this Privacy Policy or otherwise. For more details on the terms that apply to our Clients’ use of the Metrics Enterprises Service, please see Section 4 (“Privacy”) in the Metrics Enterprises Terms of Use.

Metrics Enterprises Use of Cookies and Web Beacons

Cookies. Metrics Enterprises uses cookies (small text files that Metrics Enterprises stores locally on your computer) on our Client’s websites for one or more of the following purposes: to help identify unique visitors and/or devices; assess usage patterns and perform traffic analysis; identify visitor preferences; conduct A/B testing; diagnose problems with our servers, and otherwise administer the Metrics Enterprises Service. Metrics Enterprises does not use methods such as browser cache, Flash cookies, or eTags, for acquiring or storing information about end users web browsing activity on Client websites or otherwise.

Depending on how our Clients use Metrics Enterprises Services, information contained in Metrics Enterprises cookies placed on the computers of end users may be linked to Personally Identifiable Information in Metrics Enterprises database. This allows our Clients to use the Metrics Enterprises Service to better analyze and measure their users’ interactions with their website and to organize activities by the same user on their website across time.

If you do not wish to have Metrics Enterprises place and use cookies on your computer, you should set your browser preferences to refuse all cookies before accessing Metrics Enterprises or other websites that may use Metrics Enterprises. Metrics Enterprises is not responsible for any failure by you or your browser to accurately implement or communicate your browser preferences or settings. In addition, please be aware that even if you configure your browser settings to reject all cookies, your activity on Metrics Enterprises client websites will still be recorded by our Service, unless you opt out of our Service as set forth below. However, your rejection of all cookies will prevent Metrics Enterprises from determining whether or not someone using your computer has previously visited the website, i.e., whether or not the visitor is a “unique” visitor, and from retrieving any information about your prior activities on a Client’s website through information contained in a cookie.

Please note that if you set your browser to reject cookies, some features of the websites you visit may be unavailable. For more information on how to reject cookies, see your browser's instructions on changing your cookie settings. Additionally, please note that rejecting cookies may also prevent you from opting out of our Service because that involves placing an opt-out cookie in your browser.

If you do not elect to set your browser preferences to refuse cookies, you consent to have cookies, including cookies used by Metrics Enterprises, placed on your computer when you visit our Client’s websites.

Web Beacons. Metrics Enterprises may also collect certain information using Web Beacons. “Web Beacons” are electronic images that may be used on Metrics Enterprises Website, in Metrics Enterprises Service, or in our email communications. They are used, for example, to count website visits or to tell if an email has been opened and acted upon.

Disclosure and Transfer of Information to Third Parties

Service Providers. Information, including Metrics Enterprises Client Information, Client User Data, and any Personally Identifiable Information contained therein, may be shared with certain third-party companies and individuals that help facilitate technical and administrative aspects of the Metrics Enterprises Service (e.g., credit card processing), or perform functions related to the administration of Metrics Enterprises (e.g. hosting services). These third parties perform tasks on our behalf and are contractually obligated not to disclose or use Metrics Enterprises User Information or Client User Data for any other purpose, and to employ adequate security measures to prevent unauthorized access to such data. However, Metrics Enterprises is not responsible in the event that Personally Identifiable Information is disclosed as a result of a breach or security lapse by any such third party.

Metrics Enterprises Clients. Metrics Enterprises Clients may share Client User Data with service providers (e.g. customer relationship management platforms) that perform tasks on behalf of Metrics Enterprises Clients. Metrics Enterprises contractually requires the Clients to disclose such practices to its users.

Metrics Enterprises Partners. If you are a Metrics Enterprises Client that signed up through our Partners Program, your Metrics Enterprises Client Information may be shared with the Partner Program member that signed you up for Metrics Enterprises Service, provided that, prior to any such sharing, Metrics Enterprises will obtain contractual obligations from the Partner Program Member that it will comply with all Applicable Laws with respect to such Metrics Enterprises Client Information. These Partner Program members may use that information to help you setup, adjust, manage, and cancel your account with Metrics Enterprises.

Law Enforcement and Legal Process. Metrics Enterprises also reserves the right to disclose any Metrics Enterprises Client Information or Client User Information (including Personally Identifiable Information) to: (i) comply with any law, regulation, or legal request; (ii) enforce, apply, or investigate breaches of the Terms of Use or other agreements; (iii) respond to client requests; or (iv) protect the rights, property, or safety of Metrics Enterprises, our employees, our users, or others.

Change of Control. If Metrics Enterprises, or substantially all of its assets, is acquired by another company or successor entity, Metrics Enterprises Client Information and/or Client User Data will be one of the assets transferred or acquired by the purchaser or successor. You acknowledge that such transfers may occur, and that any purchaser of or successor to Metrics Enterprises or its assets may continue to collect, use and disclose your information acquired prior to such transfer or acquisition as set forth in this policy.

User Privacy Controls and Do Not Track Signals

Clients and Visitors to the Metrics Enterprises Website. Metrics Enterprises offers several ways for you to review and update account information that is obtained and stored by Metrics Enterprises, or to change your Metrics Enterprises communication preferences:

  • If you have a Metrics Enterprises account, you can review or update your account information by contacting us at support@kissmetrics.com.
  • You may unsubscribe to any of our e-mail or direct message communications regarding updates or products by following the unsubscribe instructions in the body of any message.
  • You may contact us at privacy@kissmetrics.com, attn: Metrics Enterprises Privacy Office.

Do Not Track Signals. Metrics Enterprises Clients decide whether their use of Metrics Enterprises Service is responsive to Do Not Track signals from browsers, and whether Metrics Enterprises will be notified of a Do Not Track signal received from a user’s browser. If a Metrics Enterprises Client enables the forwarding of a Do Not Track signal to Metrics Enterprises, Metrics Enterprises will attempt to read the signal and will not collect any Client User Data from a user visiting that Metrics Enterprises Client’s website during that session, following receipt of the Do Not Track signal. The Do Not Track signal is browser-specific, and will not work for mobile devices. If a Metrics Enterprises Client does not forward Do Not Track signals to Metrics Enterprises, then Metrics Enterprises will not have any access to such signals from the Client’s users, and such signal will have no effect on Metrics Enterprises collection or use of data received from that user during the applicable session(s).

Visitors to Metrics Enterprises Clients’ Websites. If you wish to opt out of Metrics Enterprises collecting Client User Data when you visit Metrics Enterprises Client Websites, please see the Metrics Enterprises' Tracking Opt-Out Instructions or opt-out directly below.

Opt-in/Opt-out of Metrics Enterprises Tracking


Unlike the Do Not Track signal described above, which applies only to Metrics Enterprises Clients who have activated the functionality, this opt-out mechanism applies to all Metrics Enterprises Client websites, meaning that no user data will be collected about you on any such websites. Please note that if you use a different device or Internet browser than you used when opting out of Metrics Enterprises Service, or if you clear your cookies, Metrics Enterprises will not be able to view the opt-out and will collect Client User Data when you visit Metrics Enterprises Client websites. In these circumstances, you will need to revisit the link above from the new browser or device in order to reiterate your opt-out decision for that device or browser.

Email Communications

We may contact you by e-mail or other equivalent electronic communications if you access Metrics Enterprises products or services. By registering or using Metrics Enterprises Services, you specifically consent to the receipt of these e-mail or text message communications. If you do not want to receive emails or other communications from us, please follow the unsubscribe instructions in the body of such communications or notify us by email at privacy@kissmetrics.com.

How We Protect Your Personal Information

Metrics Enterprises has implemented reasonable security mechanisms to protect Metrics Enterprises Client Information and Client User Data that is maintained on Metrics Enterprises servers from loss, misuse and unauthorized access, disclosure, alteration and destruction. Examples of these security mechanisms include limited and password-protected access, high security public/private keys, encryption on processed data, and SSL encryption to protect transmission of data.

However, please keep in mind that no security system is impenetrable. It may be possible for third parties to intercept or access Metrics Enterprises Client Information and Client User Data in spite of these measures. Metrics Enterprises cannot guarantee the security of your information and cannot be held responsible for unauthorized access to Metrics Enterprises client accounts.

Our Policy Toward Children

Our Site and Service is not directed to children under 13. We do not knowingly collect personally identifiable information from children under 13 or from websites that are targeted to children under 13. If you are under 13, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us as provided below. If we become aware that a child under 13 has provided us with personally identifiable information, we will delete such information from our servers.

Changes to this Privacy Policy

Metrics Enterprises retains the discretion to amend or modify this Privacy Policy from time to time. If we make material changes to the way we collect, use or disclose Personally Identifiable Information, we will notify you by posting a clear and prominent announcement on Metrics Enterprises or through a direct communication to your Metrics Enterprises account. For new users, the change or update will become effective upon posting. For existing users, the change or update will become effective 14 days after posting.

Use and disclosure of information we obtain is subject to the later of: (1) the Privacy Policy in effect at the time such information is collected or (2) any subsequent Privacy Policy of which you have constructive notice.

How to Contact Us

Metrics Enterprises welcomes any questions or comments about this Privacy Policy or our privacy practices. Any such comments or questions should be submitted via e-mail to: privacy@kissmetrics.com, or by first class mail, air mail, or overnight courier to:

Metrics Enterprises Privacy Office
847 Sansome Street,
San Francisco, CA 94111

We will use reasonable efforts to respond promptly, within 10-20 business days, to requests, questions or concerns you may have regarding access to Personally Identifiable Information about you that we have collected. We may contact you for follow up information.

Privacy Shield Rights and Dispute Resolution

Metrics Enterprises complies with the EU-U.S. Privacy Shield framework and the Swiss-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Metrics Enterprises has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield programs, and to view Metrics Enterprises certification, please visit https://www.privacyshield.gov/ . Metrics Enterprises complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Metrics Enterprises is subject to the investigatory and regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Metrics Enterprises may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under Privacy Shield individuals have the right to access information held about them and amend or delete it if it is inaccurate. Any such requests or inquiries should be directed to the Metrics Enterprises Privacy Office; contact information is provided above under “How to Contact Us

Under Privacy Shield individuals must have the choice to opt out of the collection and forward transfer of the data to third parties. Metrics Enterprises' options for doing so are explained under “User Privacy Controls” Metrics Enterprises further certifies that it complies with Privacy Shield policies regarding the onward transfer of data to third parties. Information about onward transfer and disclosure is available under “Disclosure and Transfer of Information to Third Parties

Any questions or concerns regarding the use or disclosure of Personally Identifiable Information should be directed to the Metrics Enterprises Privacy Office at the address given above. Metrics Enterprises will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personally Identifiable Information by reference to the principles contained in this Privacy Policy. For complaints that cannot be resolved between Metrics Enterprises and the complainant, disputes will be resolved pursuant to Sections 13.4 through 13.6 of the Terms of Use. For the avoidance of doubt, the dispute resolution procedures will be conducted in English.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at:

https://feedback-form.truste.com/watchdog/request/ .

Under certain conditions individuals may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. In addition, the United States Federal Trade Commission is the statutory body that has jurisdiction to hear any claims against Metrics Enterprises regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.

Effective Date of this Privacy Policy

This Privacy Policy is effective as of the Effective Date set forth at the top of this document.