NEOUPTIME

Privacy Policy

Last updated: __ / __ / ____ — DRAFT, pending legal review

1. Who we are

Neouptime ("we") provides uptime-monitoring software. This policy explains what personal data we collect, why, and your rights. For privacy questions, contact privacy@neouptime.com.

2. What we collect

Account data — your name, email, and hashed password. Configuration — the monitors, alert channels, clients, and status pages you create. Operational data — check results, incidents, and logs. Billing data — handled by Stripe; we store only customer/subscription identifiers, never card numbers.

3. How we use it

To operate the Service (run checks, send alerts, render status pages and reports), to process payments, to secure accounts and prevent abuse, and to communicate with you about your account.

4. Service providers (sub-processors)

We share data only as needed with infrastructure and service providers, including: Cloudflare (hosting, database, network), Stripe (payments), and Resend (transactional and alert email). Each processes data on our behalf under its own terms. Confirm and complete this list before launch.

5. Cookies

We use a single strictly-necessary, HTTP-only session cookie to keep you signed in. We do not use advertising or third-party tracking cookies.

6. Retention

We keep account and configuration data for as long as your account is active. Raw check results are retained according to your plan's history window and then aggregated or pruned. Expired sessions, used invites, and spent reset tokens are pruned automatically.

7. Security

Passwords are stored using salted PBKDF2; session, invite, and reset tokens are stored only as hashes. Access is scoped per workspace. No system is perfectly secure, but we take reasonable measures to protect your data.

8. Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact privacy@neouptime.com. Complete with the specific GDPR/CCPA wording applicable to your entity.

9. International transfers

Our providers may process data in regions outside your own. Where required, transfers rely on appropriate safeguards. Confirm the mechanism that applies to your setup.

10. Changes & contact

We may update this policy; material changes will be communicated through the Service. Questions: privacy@neouptime.com.

Terms of Service · Home