Skip to main content
Snooplytics — Weekly competitive-intelligence briefingsHome

Privacy Policy

Last updated: 2026-04-04

1. Introduction and Data Controller

Snooplytics("we", "us", or "our") is an AI-powered market and competitive intelligence service accessible via https://www.snooplytics.com. The data controller responsible for your personal data is MB Laimingas Verslas, a Lithuanian small partnership (mažoji bendrija) registered under company code 302630890, VAT number LT100007071010, with registered office at Didlaukio g. 80-96, LT-08326 Vilnius, Lithuania, trading as Snooplytics. For any privacy-related inquiry, contact [email protected]; we aim to respond within 30 days as required by GDPR.

2. Personal Data We Collect

  • Account information: name, email, password hash, and (if you use social login) the public profile information provided by Google, GitHub, LinkedIn, X, or Facebook.
  • Project data:monitoring project configurations — topics, sources, URLs, business context, and instructions — whether entered directly or accepted from AI-generated suggestions. You are solely responsible for the lawfulness and appropriateness of what is saved into your projects.
  • Billing data: subscription and payment history. Card details are processed directly by Stripe and never stored on our servers.
  • Technical data: IP address, browser, device information, pages visited, and timestamps, collected automatically when you access the service.

Do not submit special categories of personal data (health, biometric, political, etc.) or secrets to your projects; if you do, you do so at your own risk and on your own legal basis. Where briefings cause personal data about identifiable third parties to be processed, you are responsible for ensuring that a lawful basis exists for such processing and for responding to any data subject requests concerning that personal data. If we receive a data subject request about content in your projects, we will forward it to the relevant user or organization and cooperate reasonably in its handling.

3. Legal Basis and How We Use Your Data

We process personal data to provide and maintain your account, process payments, generate AI-synthesized briefings, send transactional emails, respond to support requests, analyse usage, prevent fraud, and comply with legal obligations. Our legal bases are contract performance (delivering the service you requested), legitimate interests (security, fraud prevention, product improvement), consent (marketing and non-essential cookies, which you may withdraw at any time), and legal obligation.

4. AI Processing and Third-Party Model Providers

We use third-party large language model (LLM) providers to synthesize briefings. The topics, sources, business context, and gathered signal content in your projects is transmitted to these providers for the sole purpose of generating your briefing. We do not use customer monitoring configurations, inputs, or AI-generated briefings to train or fine-tune any AI model, and at the time of selection we choose providers whose published terms are consistent with this commitment. We take reasonable care when choosing providers but do not control their internal practices, and we may add, remove, or replace providers at any time. Treat any submission as potentially exposed to the selected AI provider: do not submit secrets, credentials, or regulated data (PHI, PCI, etc.) to your projects. A current list of third-party providers is available on request by contacting [email protected]. We are not liable for the independent practices of third-party AI providers beyond our good-faith selection of them.

5. Cookies and Tracking

We use essential cookies for authentication and core functionality, Google Analytics (G-TT3GN2DP9V) for usage measurement, Facebook Pixel for advertising measurement, and Cloudflare Turnstile for bot protection. Analytics and marketing cookies (Google Analytics, Facebook Pixel) are not loaded until you accept them via our cookie consent banner, and you may change or withdraw your consent at any time via the "Cookie Preferences" link in our site footer. Essential cookies are required for authentication and security and cannot be disabled without breaking the service.

6. Third-Party Service Providers

We share personal data with service providers solely to operate the service. As of the last update of this policy this includes: Stripe (payments; subject to Stripe's Privacy Policy), third-party LLM / AI providers (briefing generation), Google Analytics and Facebook (analytics and ad measurement), transactional email providers, cloud hosting and storage providers, Cloudflare Turnstile (bot protection), and Sentry (error monitoring). We may add, remove, or replace providers with equivalent services at any time. We do not sell your personal data and do not share it with third parties for their own marketing purposes.

7. Data Retention and Your Export Responsibility

Account data is retained until you delete your account, then removed from active systems within 30 days (backup copies may persist briefly until overwritten in the normal backup cycle). Billing records are retained as required by applicable tax law (typically 5–10 years). Server logs are deleted after 90 days. Before deleting your account you are responsible for exporting any briefings, configurations, or other content you wish to retain; once deleted, data cannot be recovered.

8. Data Security and International Transfers

We apply reasonable, industry-standard security measures including encryption in transit (TLS), hashed passwords, and access controls. No method of transmission or storage is completely secure. You are responsible for keeping your credentials confidential, enabling available security features such as two-factor authentication, and notifying us of suspected unauthorised access at [email protected]. Your data may be processed in countries outside the European Economic Area (for example where our infrastructure, AI, or analytics providers are located); such transfers rely on Standard Contractual Clauses approved by the European Commission or on transfers to jurisdictions that the Commission has determined provide an adequate level of data protection.

9. Your GDPR Rights

If you are located in the European Economic Area, you have the right to access, rectification, erasure, restriction of processing, data portability, objection to processing based on legitimate interests, and withdrawal of consent where processing is based on consent. To exercise any of these rights, contact [email protected]; we will respond within 30 days. You also have the right to lodge a complaint with the Lithuanian State Data Protection Inspectorate or with your local data protection supervisory authority. We do not make solely automated decisions concerning you that produce legal or similarly significant effects within the meaning of GDPR Article 22. We will notify you without undue delay after becoming aware of a personal data breach likely to result in a risk to your rights and freedoms, as required by applicable law.

10. Children, Changes, and Contact

The service is not directed to individuals under 18 and our Terms of Service require account holders to be adults. We do not knowingly collect personal data from minors. You must not configure monitoring projects targeted at minors; where briefings incidentally contain information about minors from public sources, you are responsible for establishing a lawful basis for such processing. We may update this Privacy Policy from time to time; material changes will be notified by email or in-product notice, and the "Last Updated" date at the top of this page will reflect the latest revision. For any questions about this policy or our data practices, contact [email protected].