Security and Data Privacy
MagicMetrics S.r.l.s. – Via di Salviano 567/C – 57124 – Livorno (LI) – Italy
Last updated: May 2026
MagicMetrics is committed to ensuring the highest level of security and privacy for the data processed through the Service. Our infrastructure is designed following the Privacy by Design principle and our systems are fully compliant with the EU GDPR.
How We Handle Your Analytics Data
Our architecture distinguishes between two types of connectors, with differentiated privacy levels.
Direct connectors — maximum privacy (GA4, Google Search Console, Google AdSense, YouTube Analytics): your analytics data never passes through MagicMetrics servers in any way. Our server is involved exclusively in the authentication and subscription verification process.
Server-side connectors (Google Ads and connectors requiring reserved credentials): API calls pass through MagicMetrics servers because they require reserved credentials that cannot be exposed client-side. Data is processed exclusively in volatile memory for the sole technical duration of the response. It is never written to disk or stored in a database.
Data Flow for Direct Connectors
For GA4, Search Console, AdSense, and YouTube, your data follows this path:
1. Your Google Sheets requests a valid authentication token from the MagicMetrics server.
2. The server verifies your subscription and returns the token — no analytics data is involved.
3. Google Sheets calls the Google APIs directly using that token.
4. Data travels from Google to your sheets without ever passing through MagicMetrics.
MagicMetrics does not see, process, or store your analytics data in any form.
What We Store on Our Servers
Regardless of the connector type, we store exclusively: encrypted OAuth tokens (required for automatic token refresh, revocable at any time); connected account email address (required to identify the connection); connection metadata (connector type, authorisation date, unique identifier); execution counter (to verify plan limits).
No analytics data (metrics, dimensions, reports) is ever stored on our servers.
Encryption and Communication Security
All OAuth tokens are stored encrypted at rest. All communications between your devices, our servers, and Google APIs use TLS 1.2 or higher. Any HTTP connection is automatically redirected to HTTPS. Credit card details do not pass through or get stored on our servers: payments are managed by Stripe Inc., PCI-DSS certified.
Infrastructure and GDPR Compliance
MagicMetrics uses Google Cloud Platform (GCP), certified ISO/IEC 27001 and ISO/IEC 27018. All computing servers and the database are physically located in Italy (Milan), in compliance with GCP's Data Residency configuration.
MagicMetrics S.r.l.s. is legally registered in Italy and is fully compliant with the GDPR. Transfers to third countries required for the operation of Google services are covered by Standard Contractual Clauses (SCC) approved by the European Commission pursuant to Art. 46 GDPR.
Internal Access Controls
Access to administration systems is protected by multi-factor authentication and governed by the least-privilege principle: each member of the technical team accesses only the resources necessary for their role. Infrastructure is continuously monitored.
Security Breach Management
MagicMetrics maintains an internal incident response procedure to identify, contain, and manage potential security breaches. In the event of a data breach posing a risk to the rights of data subjects, we notify the competent Data Protection Authority within 72 hours and, where necessary, the affected users, in accordance with Art. 33 and 34 GDPR.
Revoking Access
You can revoke MagicMetrics's access to your data sources at any time from the MagicMetrics dashboard, under "Connections", or directly from your Google account security panel at myaccount.google.com/permissions.
Contact
For any security-related question: security@magicmetrics.ai
MagicMetrics S.r.l.s. – Via di Salviano 567/C – 57124 – Livorno (LI) – Italy
VAT: 02099470490
The reporting tool that actually works, and always has.
Every connector comes with a 14-day free trial. No credit card required, no automatic renewal. Try it at your own pace.