Last updated: 2026-04-28
We built Lodd to be privacy-friendly. We collect only what we need to operate the service and understand usage.
When our script runs on a site, we process: page URL, referrer, timestamp, a pseudonymous session ID stored in sessionStorage (which expires when you close the browser tab), basic device data (browser, operating system, device type), country, and time spent on each page. We do not collect precise location or advertising identifiers.
IP Addresses: IP addresses are used temporarily for country-level geolocation and rate limiting. For site owners who opt-in to filtering their own visits, IP addresses are hashed (SHA-256) with the site ID before storage. Raw IP addresses are never stored in our database.
We use this data to provide privacy-friendly analytics, keep the service reliable, and improve product decisions. We do not sell data, run ads, or use cross-site tracking.
Our lawful basis is legitimate interests (GDPR Art. 6(1)(f)). We have conducted a balancing test considering our minimal data collection (pseudonymous session IDs, hashed IPs for filtering only, country-level geo only) against the legitimate interest in providing privacy-friendly analytics. You can opt out by blocking the script in your browser or network.
All users can export their data or delete their account at any time from the account page. For assistance, contact contact@holenventures.com.
We retain analytics data indefinitely to enable historical trend analysis and provide valuable insights to site owners. You can delete individual site data or your entire account at any time via Data Management.
We use trusted vendors to run the service: Supabase (database and edge functions, hosted on AWS EU-North-1), Vercel (hosting/CDN), and Namecheap Private Email (support mailbox for contact@holenventures.com). We update this list as vendors change.
Questions or requests: contact@holenventures.com.