FeedSplit

Privacy Policy

Last updated: 2026-05-19

1. Who we are

This Privacy Policy describes how FeedSplit, operated by Martin Aberastegue as a sole proprietor in Germany (“FeedSplit”, “we”, “us”), collects, uses, and protects your personal data when you use https://feedsplit.com and the application at https://app.feedsplit.com.

For any privacy or data-protection question, contact privacy@feedsplit.com .

2. Data we collect

We collect the categories below for the purposes listed in §3.

  • Account data: the email address, display name, and (when you sign up with email/password) a securely hashed password. Authentication is handled by our embedded auth library (better-auth); we never store plaintext passwords.
  • Workspace and product data: the product feeds you upload or fetch from URLs you control, the rules and output configurations you create, and derived data such as merge attributions and diagnostic findings. This data primarily describes products and may contain personal data only when you intentionally include it (e.g. retailer-side seller identifiers).
  • Payment data: billing email, the plan you've selected, your Stripe customer ID, and subscription status. Card details are entered directly with Stripe; FeedSplit never sees or stores card numbers, CVCs, or full bank details.
  • Google account data via OAuth (only if you connect Google Merchant Center): your Google email, an OAuth refresh token (encrypted at rest with AES-GCM), and the list of Merchant Center accounts your Google identity can access. See §4 for full detail.
  • Analytics and logs: Google Analytics 4 page-view metrics on the public marketing site, and operational server logs from Cloudflare (IP address, user agent, timestamps) used for security, debugging, and abuse prevention.

3. How we use your data

  • Operate, secure, and maintain the FeedSplit service.
  • Send transactional email (account verification, password resets, billing receipts, and product notifications you have enabled) via our email sub-processor.
  • Process subscription payments via Stripe.
  • Push products to Google Merchant Center on your behalf when you have connected the integration and configured push targets.
  • Produce aggregated, anonymized analytics that help us understand which features are used and improve them.

Limited Use of Google user data. Our use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy , including the Limited Use requirements. We do not use Google user data for advertising, do not sell or share it, do not allow humans (including our own staff) to read it except (a) with your explicit consent for support purposes, (b) where required to operate or improve user-facing features, or (c) as required by law.

4. Google Merchant Center integration

When you connect Google Merchant Center on /settings/integrations, we initiate an OAuth flow with Google. With your explicit consent on Google's consent screen, we receive an OAuth refresh token granting the scope https://www.googleapis.com/auth/content.

What we read from your Merchant Center account:

  • The list of merchant accounts (and sub-accounts, if you operate an Advanced Account) your Google identity has access to.
  • The list of data sources within those accounts (to find or create the FeedSplit-owned API data source).
  • Per-product validation status from the productStatuses endpoint, polled hourly, so we can surface Merchant Center issues in your FeedSplit Diagnostics tab.

What we write to your Merchant Center account:

  • Product input rows (`productInputs.insert` / `delete`) into a data source named feedsplit-<split-id>, owned exclusively by FeedSplit. We never modify other data sources.

How we store and protect it:

  • The OAuth refresh token is encrypted with AES-GCM using a key stored as a Cloudflare secret. Decryption happens in-memory at the moment we exchange the token; access tokens are never persisted.
  • Refresh tokens are never sent to third parties, never used for advertising, and never sold.

How you revoke access:

  • Click Disconnect on the integrations page. We mark the connection revoked and stop using the refresh token immediately.
  • You can additionally revoke the OAuth grant directly in your Google account at myaccount.google.com/permissions.
  • To request full deletion of stored encrypted tokens, email privacy@feedsplit.com.

5. Legal bases (GDPR Article 6)

  • Contract performance. Operating your account, processing your subscription, and running the feed/push pipeline you've configured.
  • Legitimate interest. Aggregated analytics, security logging, fraud prevention, and product improvement.
  • Consent. The Google OAuth grant; any future marketing email (we'll ask before sending).
  • Legal obligation. Retention of payment records required by tax law.

6. Sub-processors

We use the following sub-processors. Each one has its own privacy policy you can review:

Sub-processor Purpose Location Policy
Cloudflare, Inc. Application hosting, edge cache, database (D1), object storage (R2), queues USA / global edge cloudflare.com/privacypolicy
Stripe, Inc. Payment processing, subscription billing USA stripe.com/privacy
Resend, Inc. Transactional email delivery USA resend.com/legal/privacy-policy
Google LLC OAuth identity (login + GMC integration), Merchant API, Google Analytics 4 USA policies.google.com/privacy

7. International data transfers

FeedSplit runs on Cloudflare's global edge, and several of our sub-processors are based in the United States. Where personal data of EU/EEA residents is transferred outside the EEA, we rely on Standard Contractual Clauses adopted by the European Commission, signed with each sub-processor that offers them.

8. Retention

  • Account data: kept for as long as your account is active. After account deletion, retained 90 days in backups before permanent erasure.
  • Payment records: retained for 7 years to satisfy tax and accounting obligations.
  • Server logs: 30 days.
  • GMC OAuth refresh tokens: retained while the connection is active; on disconnect, marked revoked immediately and the encrypted record purged within 30 days.
  • Analytics: Google Analytics retention is set to 14 months on our account.

9. Your rights

Under GDPR (and most other modern data-protection regimes) you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Request erasure of your personal data (subject to legal retention obligations).
  • Restrict or object to processing.
  • Receive a portable copy of your data in a machine-readable format.
  • Withdraw consent at any time where processing is based on consent (this does not affect lawfulness of past processing).
  • Lodge a complaint with your local data-protection supervisory authority.

To exercise any of these rights, email privacy@feedsplit.com . We respond within 30 days.

10. Cookies and tracking

  • Strictly necessary cookies: session cookies set by better-auth so the dashboard remembers you between requests. These cannot be disabled without breaking sign-in.
  • Google Analytics 4 (consent-gated): we use GA4 on the public marketing site to measure anonymized page-view metrics. GA4 is loaded with Google Consent Mode v2 and analytics_storage defaulted to denied. No analytics cookies (_ga, _gid, etc.) are written until you accept via the consent banner shown on first visit. If you reject, GA4 collects only cookieless aggregate signals; no identifier is stored on your device.
  • Consent storage: your choice is stored in localStorage under the key feedsplit-consent-v1 for up to 12 months, after which we ask again. You can change your choice or revoke consent at any time via the Cookie settings link in the footer, or by clearing site data in your browser. You can also install the official Google Analytics opt-out browser add-on for a global opt-out.

11. Children

FeedSplit is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Security

We protect your data with reasonable, industry-standard measures:

  • TLS 1.2+ in transit, managed by Cloudflare, across every endpoint.
  • AES-GCM encryption at rest for Google OAuth refresh tokens.
  • Hashed passwords (never plaintext); industry-standard hashing via better-auth.
  • Cloud sub-processors that maintain SOC 2 / ISO 27001 controls.
  • Principle of least privilege for internal access; access reviews on a rolling basis.

No system can be guaranteed 100% secure. We commit to notify affected users within 72 hours of confirming a personal-data breach with adverse impact.

13. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated to active account holders by email at least 30 days before they take effect, and the “Last updated” date at the top of this page will change.

14. Contact

Privacy or data-protection requests: privacy@feedsplit.com.

General support: hi@feedsplit.com.