datafairy
Sign in Start free in the app
Legal

Privacy Policy

Plain-English explanation of what datafairy collects, how it's used, and what we don't do with it.

Last updated: March 2026

What datafairy does

datafairy is an AI operator for automated marketing. We help marketers understand and improve the signal that feeds ad-platform automation — analytics tags, conversion tracking, dataLayer events, and ad-platform measurement. The audience is a marketer, not a developer.

The product operates through several surfaces, each with its own data-collection scope:

  • Customer dashboard (app.datafairy.ai) — where you sign in, view findings, manage connected platforms, and review or approve suggested actions. Stores your account, your connected-platform state, and your decisions on suggested actions.
  • Chrome extension — records what's happening on a tab you're actively inspecting (dataLayer pushes, analytics network requests). Runs only on the tab you open it on and only while you're using it.
  • Connected platforms — when you authorize datafairy via OAuth, it reads configuration from your GA4 property, GTM container, Google Ads account, and other connected services so it can audit their setup.
  • Background analysis — a backend service processes recordings and connected-platform data to produce findings. AI-assisted reasoning runs through a third-party model service (see Third-party services).

What we collect and why

Google account (sign-in)
Sign-in only requests your email and display name via OAuth. This identifies your account so your data is kept separate from other users. Access to GA4, GTM, Google Ads, or other marketing platforms is a separate, additional authorization that you grant explicitly when connecting each platform (see Connected platforms below). We do not request access to Gmail, Drive, or other unrelated Google services.

Connected platforms (optional)
When you connect a marketing platform — Google Analytics 4, Google Tag Manager, Google Ads, Meta, or others — you authorize datafairy via OAuth (or the platform's equivalent) to read your account's configuration. We use this access to audit your setup: which events are firing, which conversions are wired up, which tags are healthy. The scopes we request are limited to configuration data. We do not modify your account in this phase, and we do not request scopes that grant access to billing, audience exports, or personally identifiable end-user data within those platforms.

dataLayer events and network hits (Chrome extension)
The Chrome extension reads dataLayer pushes and intercepts GA4/GTM network request URLs on the tab you're inspecting. This data is processed in your browser and, when you run an analysis, sent to our backend service to generate findings. The backend uses a third-party AI model service to assist reasoning over the recording (see Third-party services). We do not permanently retain raw recordings from your live sessions.

Scan results (backend)
When you run a site scan, a backend service visits pages on a domain you authorize and records dataLayer and network data from each page. Scan summaries — per-domain metadata, finding counts, last-run timestamp — are stored in Google Cloud Firestore for as long as your account is active so we can produce trend reports and history. Raw per-page recordings are archived to Google Cloud Storage for 30 days, then automatically deleted. The 30-day window lets us re-process a recent scan or investigate a regression; we do not retain raw recordings beyond that.

Waitlist signups (website only)
If you submit your email on datafairy.ai, that email is stored in our database (Firestore) so we can contact you about early access. We do not sell or share waitlist emails with third parties.

What we do not collect

  • We do not track your general browsing history
  • We do not read page content outside of analytics-related signals (dataLayer, GA4 hits, GTM)
  • We do not collect end-user personally identifiable information from your customers' sessions
  • We do not collect passwords, payment information, or other sensitive personal data
  • We do not sell your data to anyone

Third-party services

datafairy uses the following third-party services:

  • Anthropic Claude (via Google Cloud Vertex AI) — analysis data is sent to Anthropic's Claude model for AI-powered reasoning. The model runs on Google Cloud's Vertex AI infrastructure (a partnership between Anthropic and Google Cloud). Both Anthropic's privacy policy and Google Cloud's privacy notice apply to data processed through this service.
  • Google Cloud (Firestore, Cloud Storage) — used to store account data, scan summaries, scan archives, and waitlist signups. Google's privacy policy applies.
  • Google OAuth — used for sign-in and for authorizing read access to connected marketing platforms. Google's privacy policy applies.
  • Google Analytics 4 via GTM — we use GA4 on this website (datafairy.ai) to understand how people find and use the site. Standard analytics data (page views, referrers) is collected. No personal identifiers are sent.

Data retention

  • Live session recordings (Chrome extension) — held in memory during your session and discarded when you close the panel. Not retained on our servers unless you explicitly save the session.
  • Scan summaries — retained in Firestore while your account is active.
  • Scan raw recordings (Cloud Storage archive) — retained for 30 days, then automatically deleted.
  • Connected-platform credentials (OAuth tokens) — retained as long as you keep the platform connected. You can disconnect at any time, which revokes the token.
  • Account information (email, display name) — retained while your account is active.
  • Waitlist emails — retained until you ask to be removed.

Your rights

You can request deletion of your account data or waitlist email at any time by emailing us. We will respond within 30 days.

Changes to this policy

If we make material changes, we'll update the "last updated" date at the top of this page. Continued use of the extension after changes constitutes acceptance.

Contact

Questions? Email us at [email protected].