Legal

Analytics & Cookies

What we measure, how we measure it, and how to opt out.

Last updated: March 19, 2026

Two separate contexts

We use different analytics tools for our website (supertemplates.ai) and our Forge app (inside Jira). This page covers both.

Part 1

Website Analytics (supertemplates.ai)

1. Google Analytics

We use Google Analytics 4 to understand how visitors interact with our website. This helps us improve our content, identify popular pages, and understand where visitors come from.

What Google Analytics tracks

  • Page views and navigation paths
  • Referral sources and campaigns
  • Device type, browser, and screen resolution
  • Country and city-level geolocation (IP-based)
  • Session duration and bounce rate
  • Events (button clicks, scroll depth)

Google Analytics details

Provider: Google LLC

Data location: United States (Google servers)

Their privacy policy: policies.google.com/privacy

Opt-out: Google Analytics Opt-out Browser Add-on

Legal basis

Consent (GDPR Art. 6(1)(a) and ePrivacy Directive Art. 5(3)). Google Analytics scripts are only loaded after you grant explicit consent via our cookie banner. No tracking occurs until you click “Accept” or enable analytics in your preferences.

2. Vercel Analytics

We use Vercel Analytics and Vercel Speed Insights for privacy-friendly website analytics and performance monitoring.

Why Vercel Analytics doesn't need consent

  • No cookies — fully cookieless tracking
  • No cross-site or cross-device tracking
  • No personal data collected
  • GDPR, CCPA, and PECR compliant by design
  • Data is aggregated and anonymized

Vercel Analytics loads on all pages without requiring cookie consent. See Vercel's privacy policy.

3. Snitcher

We use Snitcher for B2B visitor identification. Snitcher identifies which companies visit our website based on IP address reverse lookup. This helps us understand which organizations are interested in our product.

What Snitcher identifies

  • Company name and industry (based on IP lookup)
  • Pages visited by company visitors (aggregated)
  • Company size and location (from public business data)

What Snitcher does not identify

  • Individual visitors — Snitcher identifies companies, not people
  • Personal names, email addresses, or direct contact information
  • Visitors from residential IP addresses

Snitcher details

Provider: Snitcher B.V. (Netherlands)

Data location: EU

GDPR compliant: Yes (EU-based company)

Their privacy policy: snitcher.com/privacy-policy

Legal basis

Consent (GDPR Art. 6(1)(a) and ePrivacy Directive Art. 5(3)). Snitcher scripts are only loaded after you grant explicit consent via our cookie banner. IP addresses are personal data — we process them only with your consent, even though the purpose is company-level identification, not individual tracking.

4. Cookies

CookiePurposeContextType
themeDark/light mode preferenceWebsiteEssential
_ga, _ga_*Google Analytics session trackingWebsiteAnalytics
snitcher_*Company identificationWebsiteAnalytics

We do not use advertising cookies or cross-site tracking cookies.

Part 2

In-App Analytics (Forge App)

5. PostHog (In-App Only)

Inside the Jira Forge app, we use PostHog for product analytics. PostHog is an open-source analytics platform. We chose PostHog over alternatives because it supports cookieless tracking and admin-level opt-out.

What we track in the app

  • Task creation: tasks created in Jira (count, input mode, AI provider)
  • AI generation: generation started events (provider name, requested task count)
  • Counts: task count per generation (numeric only, no content)
  • Errors: JavaScript stack traces for debugging (no user content)
  • Abuse detection: rate-limit strikes and blocks (server-side, not disableable)

All user identifiers are SHA-256 hashed before leaving the app. PostHog never receives raw Atlassian account IDs, emails, or display names.

What we don't track in the app

  • Atlassian account IDs or email addresses
  • Task content, descriptions, or prompts
  • Jira project names, keys, or issue data
  • Template content or variable values

PostHog details

Provider: PostHog Inc.

Type: Open-source product analytics

Hosting: PostHog Cloud EU (Frankfurt) — hardcoded for all users

Compliance: SOC 2 Type II, GDPR compliant

Their privacy policy: posthog.com/privacy

No cookies or local storage

PostHog is configured with in-memory persistence only — it sets no cookies and uses no localStorage. This is required by Atlassian Forge's security policy for sandboxed apps.

Admin opt-out (two layers)

  • Atlassian admin controls: Site administrators can disable analytics egress for any Forge app from Jira Administration > Connected Apps. Atlassian blocks the network traffic at the proxy level.
  • In-app toggle: The app's Settings > Privacy panel includes a dedicated analytics toggle that stops all PostHog event collection.

The app functions normally without analytics — no features are degraded or removed.

6. Data Sharing

Analytics data is used exclusively by SuperTemplates for product improvement and understanding visitor interest. We do not:

  • Sell analytics data to third parties
  • Share data with advertising networks for retargeting
  • Use data for cross-site user profiling
  • Provide data to data brokers

7. How to Opt Out

Website

  • Cookie banner: Click “Reject all” on the cookie banner that appears on your first visit. You can also click “Customize” to toggle analytics cookies individually. No analytics scripts are loaded until you explicitly accept.
  • Change your preference: Click “Manage cookies” in the page footer to reopen the consent banner at any time and update your preferences.

Forge App

  • Admin toggle: Disable analytics egress from the App admin panel — stops all PostHog tracking. No features are degraded.

Contact

For analytics or cookie-related questions: privacy@supertemplates.ai