Privacy Policy

Last updated: 27 April 2026

1. Who We Are

PatX is a product of The Little Dentist, registered in Gurgaon, India. PatX provides a unified analytics dashboard that lets D2C brands view their advertising and commerce data from platforms like Meta Ads, Google Ads, Google Analytics, and Shopify in one place.

Contact: dhruvkhatkar@patx.in
Address: Sispal Vihar, Sector 49, Gurgaon, India

2. Data We Collect

When you use PatX, we may collect and store the following:

  • OAuth Access Tokens — When you connect your Meta Ads, Google Ads, Google Analytics, or Shopify account, we store the access tokens required to fetch your data on your behalf. These tokens are stored securely in our database.
  • Account Identifiers — Your Meta user ID, ad account IDs, Google Ads customer IDs, GA4 property IDs, or Shopify store domain to identify which accounts to fetch data from.
  • Order & Revenue Data — If you use the P&L or Shopify features, order-level data (revenue, SKUs, dates) may be stored to compute analytics.
  • Cookies — We use essential cookies for authentication (session cookie) and CSRF protection during OAuth flows. We do not use any tracking or advertising cookies.

Most dashboard data (ad metrics, campaign performance, analytics) is fetched live from the respective platform APIs and is not stored on our servers.

3. How We Use Your Data

We use the collected data solely to:

  • Display your advertising and commerce analytics in the PatX dashboard.
  • Generate AI-powered insight cards and alerts that summarise notable changes in your campaign performance, shown directly inside the PatX dashboard.
  • Maintain your authenticated session.

We access your connected accounts in read-only mode. We never create, modify, or manage your ads, campaigns, or store data.

Specifically with respect to data obtained through Google APIs (Google Ads and Google Analytics): PatX's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. Data Sharing & Sub-Processors

We do not sell or rent your data, and we do not transfer it to advertising networks, data brokers, or any third party for advertising, retargeting, credit-scoring, or lending purposes. Humans on the PatX team do not read the contents of your connected-account data.

We use the following sub-processors strictly to operate PatX's user-facing features. Each sub-processor is bound by its own contractual privacy obligations and is restricted to processing data only for the purpose described.

  • Neon (Postgres on AWS, Singapore region) — database hosting for OAuth tokens, account identifiers, and cached analytics. Encrypted in transit.
  • Vercel — web application hosting and serverless function execution.
  • Anthropic (Claude API) — AI provider used to generate the insight cards and alert summaries shown inside your dashboard. We send aggregate metrics from your connected accounts to Anthropic's API for inference. Anthropic's API does not use this data to train any model. Data is not retained beyond what is required to return the inference response.
  • Sentry — error monitoring service used to detect and diagnose application errors. When PatX encounters an error, we send the stack trace, a request URL, an account identifier, and any error context to Sentry so we can fix bugs quickly. Connected-account credentials and metric values are not sent. Sentry retains error events for a limited period and does not use them for any purpose other than providing the monitoring service.

These sub-processors are necessary to provide features that are visible and prominent in PatX's user interface. We do not transfer your data anywhere else.

5. Data Storage & Security

Your data is stored on Neon (serverless PostgreSQL) hosted on AWS in the Asia-Pacific (Singapore) region. OAuth tokens and credentials are stored in the database with secure connection pooling. All connections to our database use SSL encryption.

6. Data Retention & Deletion

OAuth tokens are retained for as long as your account is connected. You can disconnect your accounts at any time. If you wish to have all your data deleted from our systems, you can submit a request on our Data Deletion page. We will process deletion requests within 30 days.

7. Your Rights

You have the right to:

  • Access the data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Disconnect your connected accounts at any time.

To exercise any of these rights, contact us at dhruvkhatkar@patx.in.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.