1. Overview
FirstMetrics ("we", "us", "our") is a profit analytics tool for online resellers. This Privacy Policy explains what data we collect, how we use it, and your rights over it. By using FirstMetrics, you agree to this policy.
2. Data we collect
We collect only the data necessary to provide the service:
- Account information — Your email address and name, provided when you sign in via Google OAuth.
- Etsy transaction data — Sales, fees, and order details retrieved via the Etsy API after you authorize the connection.
- eBay transaction data — Sales, fees, and order details retrieved via the eBay API after you authorize the connection.
- CSV imports — Sales export files you voluntarily upload from Mercari, Poshmark, or Depop.
- Inventory and expense data — Items, purchase prices, sourcing locations, and expenses you manually enter.
- Usage data — Basic server logs (page requests, error traces) for debugging. No behavioral tracking or ad targeting.
3. How we store your data
All data is stored in a PostgreSQL database hosted on Supabase infrastructure in the United States. Data is encrypted at rest and in transit (TLS 1.2+). We follow industry-standard access controls and do not store platform OAuth credentials — only short-lived access tokens required for API calls.
4. How we use your data
Your data is used exclusively to provide and improve the FirstMetrics service:
- Calculate profit, fees, and ROI across your selling platforms
- Generate P&L reports and tax summaries
- Send transactional emails (account confirmation, billing receipts)
- Improve accuracy of fee calculations and platform integrations
5. We never sell your data
We do not sell, rent, or share your personal data or transaction data with any third party for marketing, advertising, or commercial purposes. Your sales data belongs to you.
6. Third-party services
We use a limited number of third-party services to operate the product:
- Supabase — Database hosting
- Stripe — Subscription billing (we never see your full card number)
- Google OAuth — Authentication only; we do not access your Google Drive, Gmail, or other Google data
- Resend — Transactional email delivery
7. Your rights
You have the following rights regarding your data:
- Access — You can export all your data from the Settings page at any time.
- Correction — You can edit any data you have entered directly in the app.
- Deletion — You can permanently delete your account and all associated data from Settings → Account → Delete Account. Deletion is immediate and irreversible.
- Portability — Your sales and P&L data can be exported as CSV.
8. Data retention
We retain your data for as long as your account is active. If you delete your account, all data is permanently removed within 30 days. Billing records may be retained for up to 7 years as required by law.
9. Changes to this policy
We may update this policy as the product evolves. If we make material changes, we will notify you by email at least 14 days before the changes take effect.