Privacy Policy
Last updated: July 3, 2026
This Privacy Policy explains how Vantic (“Vantic”, “we”, “us”) collects, uses, and protects your information when you use our analytics service (the “Service”). By creating an account you agree to the practices described here.
Information we collect
- Account information. Your email address and an encrypted password, managed by our authentication provider. If you enable two-factor authentication, we store the associated factor.
- Connected platform data.When you connect a social account (YouTube, Instagram, Facebook, or TikTok) we access analytics about that account and its content — for example views, watch time, followers, reach, engagement, and audience demographics — strictly on a read-only basis. We never post, message, or make changes on your behalf.
- Access tokens. The OAuth access and refresh tokens that let us sync your analytics are encrypted at rest and are used only by our server-side sync jobs. They are never exposed to your browser and never logged.
- Technical data. Limited diagnostic and error data to keep the Service reliable and secure.
How we use your information
- Provide your unified dashboard, trends, and reports.
- Generate AI-assisted insights derived from your stored metrics.
- Send the email reports and notifications you configure.
- Secure the Service, prevent abuse, and provide support.
Platform data & compliance
Our use of information received from platform APIs adheres to each platform’s developer terms and policies. In particular, Vantic’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We only request the minimum scopes needed to display your analytics, and we do not use platform data for advertising or sell it to anyone.
How we store and protect your data
Your data is stored in a managed PostgreSQL database with row-level security, so each account can access only its own data. Access tokens are encrypted with application-level encryption. All traffic is served over HTTPS.
Service providers
We share data only with the infrastructure providers required to operate the Service, under their own data-protection obligations: hosting and database (Supabase, Vercel), transactional email (Resend), AI insight generation (Anthropic), bot protection (Cloudflare), error monitoring (Sentry), and, when billing is enabled, payments (Paddle). We do not sell your personal information.
AI processing
To generate insights, a compact summary of your own stored metrics is sent to our AI provider. This content is used only to produce your insights and is not used to train third-party models.
Data retention and deletion
You can disconnect any platform at any time, which immediately purges the stored tokens for that connection. You may delete your account and all associated data from your account settings or by contacting us; we honor deletion requests, including platform-initiated deletion callbacks, within the timeframes required by each platform.
Your rights
You may access, correct, export, or delete your personal data. To exercise these rights, email us at the address below.
Cookies
We use strictly necessary cookies to keep you signed in. We do not use third-party advertising or tracking cookies.
Children
The Service is not directed to children under 16, and we do not knowingly collect their personal information.
Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above.
Contact
Questions about this policy or your data? Email mike@rockpowermarketing.com.