Privacy policy

Jordan Wells (“JMP,” “we,” “us”) operates JMP Dashboard (the “portal”) at portal.jmptech.dev and related hosts. This policy describes how we handle personal and usage data when you sign in, when we connect Google services on behalf of our agency, and when client websites send analytics and leads to our backend.

Questions: support@jmptech.dev

• Portal users — JMP staff, agency admins, and invited client users who sign in to view dashboards and manage content.
• Website visitors— people who browse client websites that use JMP analytics or contact forms. Those sites should publish their own privacy policy; JMP processes visitor data on the client's behalf as a service provider.

When you create or use a portal account, we may store:

• Name and email address
• Authentication credentials (hashed passwords; we do not store plain-text passwords)
• Session tokens and sign-in timestamps
• Role and website access assignments

We use this data to authenticate you, enforce access controls, send account-related email (password reset, invitations), and operate the service.

JMP agency administrators may connect one agency Google account to the portal. Client users never complete Google OAuth and never grant Google permissions directly. Clients only see aggregated Search Console and Google Analytics reports inside the dashboard.

When an administrator connects Google, we request these OAuth scopes:

• Google Search Console — Read search performance data and manage site properties for client domains in the agency account.
• Google Site Verification — Request DNS TXT verification tokens so client domains can be verified in Search Console.
• Google Analytics (read-only) — Read aggregated GA4 reports so clients can view Google Analytics charts in the dashboard without signing in to Google.

We use Google data only to:

• Display Google Search performance for linked client domains
• Add and verify client domains in Search Console (including DNS TXT records)
• Link GA4 properties and show read-only analytics charts to authorized portal users
• Support SEO and content workflows configured by JMP for managed websites

We store OAuth refresh and access tokens securely on our servers. We do not sell Google user data. We do not use Google data for advertising or unrelated products.

Administrators can disconnect the agency Google account in Admin settings at any time. You can also revoke the app under Google Account → Third-party access.

Google's use of data is also governed by the Google Privacy Policy and Google API Services User Data Policy.

Client websites integrated with JMP may send page views, session metrics, and contact events to our API. Depending on configuration, this can include page paths, referrer URLs, approximate country, device category, UTM campaign parameters, and contact form fields (name, email, phone, message). Session identifiers may be stored in the visitor's browser session storage on the client site, not in analytics cookies.

We retain analytics and lead data according to our agreements with each client and operational needs (reporting, support, and security). Clients can request export or deletion through their JMP contact.

We do not sell personal information. We share data only with service providers that help us operate the portal (for example hosting, email delivery, and database providers), under contracts that require appropriate safeguards, and when required by law.

We use industry-standard measures to protect data in transit and at rest, restrict access by role, and monitor for abuse. Retention periods vary by data type; account data is kept while your account is active and for a reasonable period afterward for legal and operational purposes.

• Update account details in portal settings.
• Request account deletion by contacting support@jmptech.dev.
• Agency admins: disconnect Google in Admin settings or revoke access in Google Account permissions.

We may update this policy from time to time. We will revise the “Last updated” date at the top of this page. Continued use of the portal after changes constitutes acceptance of the updated policy.