Privacy Policy
TL;DR: For experiencehunt.com visitors, we do not use cookies and we do not collect any personal data. If you decide to create an account, we ask for the bare minimum and only share it with services that are absolutely necessary for the app to function.
At XH, we are committed to complying with GDPR, CCPA, PECR and other privacy regulations on our website and on our product too. The privacy of your data — and it is your data, not ours! — is a big deal to us.
In this policy, we lay out what data we collect and why, how your data is handled and your rights to your data. We promise we never sell your data: never have, never will.
As a visitor to the experiencehunt.com website
The privacy of our website visitors is important to us so we do not track any individual people. As a visitor to the experiencehunt.com website:
- No personal information is collected
- No information such as cookies is stored in the browser
- No information is shared with, sent to or sold to third-parties
- No information is shared with advertising companies
- No information is mined and harvested for personal and behavioral trends
- No information is monetized
We do collect some anonymous usage data for statistical purposes. The goal is to track overall trends in our website traffic, it is not to track individual visitors. All the data is in aggregate only. No personal data is collected.
Data point | Example | Comment |
---|---|---|
Page URL | https://yoursite.com/pricing | We track the page URL of each page view on your profile. We use this to show you which pages have been viewed and how many times a particular page has been viewed. The hostname and path are collected. Query parameters are discarded, except for these special query parameters: ref= , source= , utm_source= , utm_medium= , utm_campaign= , utm_content= and utm_term= . |
HTTP Referer | https://facebook.com | We use the referrer string to show you the number of visitors referred to your profile from links on other sites. |
Browser | Chrome 86.0 | We use this to show you what browsers and browser version numbers people use when visiting your profile. This is derived from the User-Agent HTTP header. The full User-Agent is discarded. |
Operating system | macOS 10.15 | We use this to show you what operating systems people use when visiting your profile. We show the brand of the operating system and the version number. This is derived from the User-Agent HTTP header. The full User-Agent is discarded. |
Device type | Desktop | We use this to show you what devices people use when visiting your profile. Devices are categorized into desktop, mobile or tablet. This is derived from the User-Agent HTTP header. The full User-Agent is discarded. |
Country, region, city | United Kingdom, England, London | We look up the visitor’s location using their IP address. We do not track anything more granular than the city level and the IP address of the visitor is discarded. We never store IP addresses in our database or logs. |
As a customer and subscriber of XH
Our guiding principle is to collect only what we need and that we will solely process this information to provide you with the service you signed up for.
We use a select number of trusted external service providers for certain service offerings. These service providers are carefully selected and meet high data protection, data privacy and security standards.
We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process personal data only according to our instructions.
Here’s what that means in practice:
What we collect and what we use it for
- An email address is required to create an account. You need to provide us with your email address if you want to create a XH account. That’s just so you can log in and personalize your new account, and we can send you invoices, updates or other essential information.
- A persistent first-party cookie is stored to remember you’re logged in. If you log in to your XH account, you give us permission to use cookies so you don’t have to log in on each returning session. This makes it easier for you to use our product. A cookie is a piece of text stored by your browser. You can adjust cookie retention settings in your own browser. Cookies that are already stored may be deleted at any time.
- All of the data that we collect is kept fully secured, encrypted and hosted on 100% renewable energy powered server in Falkenstein, Germany. The server is owned by Hetzner, a European company. This ensures that all of the site data is being covered by the European Union’s strict laws on data privacy. Your site data never leaves the EU. See Hetzner privacy policy for full details.
- We use Bunny (another European-owned provider from Slovenia) for a global CDN and DDoS protection. This ensures that all visitor data we collect is exclusively processed with servers owned and operated by European companies. See Bunny privacy and data policy for full details.
- The payment process is handled by a third-party payment provider. If you choose to upgrade to a XH paid plan, the billing information and the payment process is handled by Paddle. See the Paddle Privacy Policy for full details.
- All emails are sent using a third-party email provider. Transactional emails and email reports (should you choose to subscribe to them) are sent using Postmark. We have disabled both open tracking and link tracking on all emails sent. See the Postmark Privacy Policy for full details.
- When you write to us with a question or to ask for help. We keep that correspondence, which includes the email address, so that we have a history of past correspondences to reference if you reach out in the future. We use this data solely in connection with answering the queries we receive.
- For our blog readers who choose the option to receive blog posts via email. We use Mailchimp to send those blog posts. We have disabled both open tracking and link tracking on all emails sent. See the Mailchimp Privacy Policy for full details.
Retention of data
We will retain your information as long as your account is active, as necessary to provide you with the services or as otherwise set forth in this policy.
We will also retain and use this information as necessary for the purposes set out in this policy and to the extent necessary to comply with our legal obligations, resolve disputes, enforce our agreements and protect XH’s legal rights.
You can choose to delete your XH account at any time. All your data will be permanently deleted immediately when you delete your account.
Changes and questions
We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will also announce them on our company blog or social media profiles.
Contact us if you have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information.
Last updated: October 6th, 2023