Privacy

Privacy Policy

We are committed to protecting your privacy and ensuring the security of your personal information.

Last updated: January 1, 2025 Effective: January 1, 2025

1. Overview

This Privacy Policy describes how Monoduty ("we," "us," or "our") collects, uses, and shares your personal information when you use our alerting and monitoring services ("Service").

We are committed to protecting your privacy and maintaining the confidentiality and security of your personal information in accordance with applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, and other details you provide when creating an account
  • Payment Information: Billing address and payment method details (processed securely by our payment processors)
  • Profile Information: Profile pictures, preferences, and other optional information you choose to provide
  • Communication Data: Messages, support requests, and other communications with us

2.2 Webhook and Alert Data

When external services send webhooks to Monoduty, we capture and store:

  • Request payload: The JSON body sent by your monitoring tools
  • Request headers: HTTP headers from the webhook request
  • Source IP address: Origin IP of the webhook request
  • User agent: HTTP User-Agent header
Important: You should not include sensitive personal data (passwords, API keys, credit card numbers, health information) in webhook payloads. We store webhook payloads as received to enable debugging and replay.

2.3 Information We Collect Automatically

  • Usage Data: Information about how you use our Service, including features accessed and actions taken
  • Device Information: Device type, operating system, browser type, and IP address
  • Log Data: Server logs, access times, and technical error information
  • Performance Data: Service performance metrics and system status information

2.4 Information from Third Parties

  • Integration Data: Information from monitoring tools and services you connect to our platform
  • Authentication Providers: Information from OAuth providers like Google if you choose to use social login

3. How We Use Information

We use your information for the following purposes:

3.1 Service Provision

  • Providing and maintaining our alerting and monitoring services
  • Processing notifications and alerts
  • Managing your account and subscriptions
  • Facilitating integrations with third-party services

3.2 Communication

  • Sending service-related notifications and alerts
  • Responding to your support requests and inquiries
  • Sending important updates about our Service
  • Marketing communications (with your consent)

3.3 Improvement and Analytics

  • Analyzing usage patterns to improve our Service
  • Monitoring system performance and reliability
  • Developing new features and capabilities
  • Troubleshooting technical issues

3.4 Legal and Security

  • Complying with legal obligations
  • Protecting against fraud and abuse
  • Enforcing our Terms of Service
  • Maintaining security and preventing unauthorized access

4. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers (Sub-Processors)

We share information with trusted third-party service providers who help us operate our Service:

  • AWS SES (Amazon Web Services) - Email delivery services, EU region (eu-north-1)
  • Twilio - SMS and voice call notifications
  • Expo - Push notification delivery for mobile apps
  • Stripe - Payment processing (we do not store full card numbers)
  • Google Analytics - Website analytics and usage tracking
  • Sentry - Error tracking and monitoring (EU data center)
  • New Relic - Application performance monitoring (EU region)
  • Slack/Discord - Integration notifications (user-configured)

4.2 Legal Requirements

We may disclose information when required by law or to protect our rights, including:

  • Complying with legal processes and government requests
  • Protecting against fraud or security threats
  • Enforcing our agreements and policies

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication mechanisms
  • Staff training on data protection practices
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information based on your subscription plan and operational necessity:

Data Type Retention Period
Account DataUntil account deletion requested
Incident Data (Free plan)7 days
Incident Data (Starter plan)30 days
Incident Data (Pro plan)90 days
Incident Data (Business plan)365 days
Incident Data (Enterprise plan)Unlimited
Webhook/Trigger Logs3-365 days (by plan)
Server Access Logs14 days
Payment RecordsAs required by law (typically 7 years)

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

7.1 Essential Cookies

Necessary for the Service to function properly, including authentication and security.

7.2 Analytics Cookies

Help us understand how you use our Service to improve performance and user experience.

7.3 Preference Cookies

Remember your settings and preferences for a personalized experience.

You can control cookie settings through your browser preferences or our cookie consent banner.

8. Third-Party Services

Our Service may integrate with third-party services and contain links to external websites. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party services you use in connection with our Service.

9. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards.

For transfers outside the European Economic Area (EEA), we use standard contractual clauses and other approved mechanisms to ensure adequate protection.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your data in a portable format
  • Restriction: Request limitation of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where applicable

To exercise these rights, please contact us using the information provided below.

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Displaying a prominent notice in our Service

Your continued use of our Service after the changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Contact: Contact Form

Address: Monoduty Inc., Estonia, EU