Privacy
Last updated: 29 May 2026
1. Who we are
Attributed Ltd ("Attributed", "we") provides Attribution Intelligence for Ecommerce. This policy explains what we collect, how we process it, and the rights you have over your data.
2. Data we process
To run diagnostics and produce Implementation Packs we process: ecommerce platform data (Shopify, WooCommerce, Magento), analytics and tag data (GA4, GTM), advertising data (Google Ads, Meta), CRM and email data (Klaviyo) and anonymised event data from your storefront tracking layer. We connect via read-only OAuth by default.
3. Personal data
Events from your storefront are consent-aware and anonymised at ingestion. We do not retain personally identifiable information beyond hashed identifiers required for de-duplication.
4. Security
OAuth tokens, webhook secrets and integration credentials are encrypted at rest and never exposed to the browser. Access to customer workspaces is scoped via row-level security.
5. Sub-processors
We use a small number of vetted sub-processors for hosting, observability and email delivery. A current list is available on request.
6. Your rights
You may request access, correction or deletion of your data at any time by writing to privacy@attributed.io.