Privacy Policy

Analytics Widgets · Effective June 12, 2026

This Privacy Policy explains how the Analytics Widgets Android app (“the app”, “we”, “us”) handles your information. The app displays website analytics in home-screen widgets. It is built to be privacy-first: your data stays on your device.

In short: we do not operate any backend server for this app. The app connects directly from your phone to the analytics services you choose. Your credentials and access tokens are stored only on your device, and we never receive, see or store your analytics data.

1. Information the app accesses

The app works with analytics providers that you connect yourself:

Google Analytics 4 & Google Search Console. When you sign in with Google, you grant the app read-only access to your Analytics and Search Console data (scopes: analytics.readonly and webmasters.readonly). The app reads metrics such as users, sessions, views, clicks and impressions to display them in your widgets.
Self-hosted analytics (Umami, Plausible, Matomo). You provide the server URL and the credentials or API key for your own instance.
Custom endpoints. If you configure a custom widget, the app sends an HTTP request to the URL you specify, optionally with one HTTP header you define, and displays the JSON it returns.

2. How your information is stored

OAuth tokens (Google access and refresh tokens) are stored locally on your device only.
Self-hosted credentials and API keys are stored locally on your device only.
Custom endpoint authentication headers are stored locally and are deliberately excluded from backup exports.
Cached analytics values (recent numbers and daily history used to draw widgets and sparklines) are stored locally on your device.

We do not transmit any of this information to ourselves or to third parties. There is no app account and no server operated by us.

3. How your information is used

Information is used solely to fetch and display the analytics you requested in your widgets, and to refresh that data in the background on the schedule you choose. The app communicates only with: Google APIs (for Google data), the self-hosted servers you configure, and the custom endpoints you configure.

4. Data sharing

We do not sell, rent or share your data. The app does not include third-party advertising or analytics SDKs that track you. Network requests go only to the providers you explicitly connect.

5. Google API Services User Data Policy

The app’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Google user data is used only to provide and improve the in-app and widget features described above, is not transferred to others except as necessary to provide those features, is not used for advertising, and is not read by humans.

6. Data retention and deletion

Because all data lives on your device, you are in control of it:

Signing out of an account in the app deletes that account’s stored tokens.
Removing a widget removes its configuration.
Uninstalling the app removes all locally stored data.
You can revoke the app’s access to your Google data at any time at myaccount.google.com/permissions.

7. Backups

The app offers an optional manual backup (export/import) of your analytics history and widget configuration as a JSON file, written through your device’s file picker to a location you choose. OAuth tokens and custom endpoint authentication headers are intentionally excluded from backups.

8. Children

The app is intended for website owners and is not directed at children under 13.

9. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the effective date above.

10. Contact

Questions about this policy? Email info@codewitcher.sk.