LEGAL

Privacy Policy

Last updated: April 19, 2026

Attri ("we", "us", or "our") respects your privacy and is committed to protecting it through compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit attri.io and use the Attri application (our "Service"), and our practices for collecting, using, maintaining, protecting, and disclosing that information.

By accessing or using this Service, you agree to this privacy policy. This policy may change from time to time. Your continued use of this Service after changes are posted constitutes acceptance of those changes.

Information we collect about you

We may collect, use, store, and transfer different kinds of personal data about you:

  • Identity data · first name, last name, username, or similar identifier
  • Contact data · email address and billing address
  • Financial data · we use Stripe as our payment processor. Stripe collects and stores your payment details; we do not store payment card information directly
  • Technical data · login data, browser type and version, time zone, operating system, and other technology on the devices you use to access the Service
  • Profile data · your username and password, workspace settings, and preferences
  • Usage data · information about how you use our Service, including features accessed and actions taken

We do not collect any Special Categories of Personal Data about you (race, ethnicity, religious beliefs, health data, biometric data, etc.).

How we collect information

  • Direct interactions · you provide identity and contact data when you create an account, subscribe, or contact us
  • Automated technologies · as you interact with our Service, we automatically collect technical data using cookies, server logs, and similar technologies
  • Third parties · we receive technical data from analytics providers and financial data from Stripe

How we use your information

  • To provide and maintain the Service
  • To process your subscription and payments
  • To send service-related communications (account notifications, security alerts, support messages)
  • To respond to your inquiries and provide customer support
  • To improve and optimize the Service
  • To detect, prevent, and address technical issues or fraudulent activity
  • To comply with legal obligations

Disclosure of your information

We may disclose personal information:

  • To service providers who assist in operating our Service, bound by contractual obligations to keep information confidential
  • To a buyer or successor in the event of a merger, acquisition, or sale of assets
  • To comply with any court order, law, or legal process
  • To enforce our Terms of Service and other agreements
  • To protect the rights, property, or safety of the Company, our users, or others

We do not sell, rent, or share your personal data with third parties for their marketing or advertising purposes.

Cookies and tracking technologies

We use cookies and similar technologies to track activity on our Service and store certain information. You can instruct your browser to refuse cookies, but some portions of our Service may not function properly without them.

  • Strictly necessary cookies · required for authentication and security
  • Analytical cookies · help us understand how users navigate the Service
  • Functionality cookies · remember your preferences when you return

Tracking data (what our customers collect)

Attri provides a link tracking and attribution service. When end users click short links created by our customers, or when customers embed our tracking script on their websites, we collect click data (timestamp, referrer, country, device type, browser) on behalf of the customer. This data is owned by the customer and processed according to their instructions. We act as a data processor for this data; the customer is the data controller.

We do not use end-user click data for our own advertising or marketing purposes. We do not build profiles of end users across customers.

Data security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information is stored on secure servers. All data transmission uses HTTPS/TLS encryption. Payment transactions are processed and encrypted by Stripe.

The transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee absolute security.

Data retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. When you request deletion of your account, we will delete or anonymize your personal information within 30 days, unless we are required to retain certain information for legal or legitimate business purposes.

Your rights and choices

  • Access · request a copy of the personal data we hold about you
  • Correction · update your personal information through your account settings or by contacting us
  • Deletion · request deletion of your personal data
  • Portability · request a copy of your data in a machine-readable format
  • Opt-out · opt out of marketing communications at any time

To exercise any of these rights, contact us at privacy@attri.io.

Children's privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children under 18. If we learn we have collected such information, we will delete it.

International data transfers

Our application is hosted on Vercel and Cloudflare infrastructure. Your data may be processed in multiple regions. By using the Service, you consent to the transfer of your information to these facilities. For users in the European Economic Area (EEA), we ensure appropriate safeguards are in place for any transfer of personal data outside the EEA.

California privacy rights (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request deletion, opt out of sale (we do not sell personal information), and exercise these rights without discrimination. Contact privacy@attri.io.

European privacy rights (GDPR)

If you are a resident of the European Economic Area, you have additional rights under GDPR: right to access, rectification, erasure, restriction of processing, data portability, objection to processing, and withdrawal of consent. Contact privacy@attri.io. You also have the right to lodge a complaint with your local data protection authority.

Changes to this policy

We may update this privacy policy from time to time. If we make material changes, we will notify you by email or through a notice on the Service prior to the change becoming effective.

Contact us

If you have any questions about this privacy policy, contact us at:

Attri
Email: privacy@attri.io