Security at PearlScout

When you connect your Google Analytics account via OAuth, we request the minimum required permissions: read-only access. PearlScout literally does not have the technical ability to modify your tracking code, alter your reports, or change your settings in Google Analytics. We only pull aggregated metrics once a week.

We only fetch the high-level aggregated data necessary to understand your funnel: total sessions, traffic sources, intent pages, and conversion counts. We never fetch or store Personally Identifiable Information (PII) about your specific website visitors.

Your connection tokens and metrics are stored in a secure Supabase PostgreSQL database protected by strict Row-Level Security (RLS) policies. This ensures that only you and our automated reporting backend can ever access your data.