⟠ updown.io
Pricing Sign in

TL;DR

  1. You have total control on your personal information.
  2. We don't share them unless necessary for the service.
  3. You can find the list sub-processors below (all GDPR compliant).
  4. If you have any questions, ask support@updown.io.

Privacy Policy & Data Storage Policy

Your privacy is critically important to us at updown.io. This document describes our privacy practices as well as your choices regarding use, access and correction of personal data.

What do we collect

We only collect information about you if we have a reason to do so, for example to provide our service or to communicate with you. It can either be information you provide or collected automatically. Let’s have a look:

Necessary to our service

  1. Basic account information (ex: screenname, email, password) are required to operate your service and allow you to log in. If you register using and OAuth provider (Github or Google) the screename and email are imported and the password is not required.

Optional

  1. Billing information (ex: name, company, address, VAT number) are only collected at your initiative to provide invoices addressed to you.
  2. Credentials (ex: basic auth, API key) can be collected at your initiative to monitor a URL requiring authentication.
  3. Extra contact details (ex: email address, phone numbers) can be collected at your initiative to send alerts to additional people.

Automatic

  1. Private data can potentially be collected from the web page you're monitoring if you choose to use the text search feature for example as updown.io have to keep the body of the page in case of downtime.
  2. Log Information: like most online service providers, we collect information that web browsers typically make available, such as the browser type, IP address, language preference, referring site, the date and time of access, operating system.
  3. Location Information: we may determine the approximate location of your servers from their IP addresses. We collect and use this information at the moment only to provide an accurate world map of monitored sites on the home page. In the future we may use this to help detect regional outages.
  4. Information from cookies: A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies only to identify and authenticate clients of our service.

Note: Financial information (ex: credit card number, name, postal code) are not collected by us, they go directly to the payment services provider and only when you make a purchase.

What do we share, and why

We share information about you as least as possible to protect your privacy, here are the information we share and why:

  1. Employees and Contractors may gain access to some information about you in order to help provide our service. For example if we need to assist you with something or if we're investigating an issue on your account.
  2. Third Party Vendors may gain access to some information about you in order to provide their services to us, or to you. Like payment providers that process your credit card information, SMS and email delivery services. These vendors are listed in in the "List of data sub-processors" section below.
  3. Legal Requests may force us to disclose information about you in response to a subpoena, court order, or other governmental request
  4. To Protect Rights, Property, and Others we may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of updown.io, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
  5. Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that updown.io goes out of business or enters bankruptcy, client information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy.
  6. With Your Consent we may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorize us to do so.
  7. Aggregated or De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our service.

You're in control

  1. If you have an account with us, you can choose not to provide the optional account information. Of course if you do this certain features may not be accessible or degraded.
  2. You can also choose at any time to close your updown.io account using the "Delete account" button in your settings, or by contacting us if you prefer. In which case all data (personal or not) associated with your account will be removed from the service database instantly. Some information may still be present in our logs and backups though, and will definitely be gone after up to one week.
  3. You can access and update most of your personal information from the website directly, but if you have a more specific request (right to portability, to object, etc.) feel free to reach out to support@updown.io.
  4. Remember that you can always submit a request to the CNIL (Commission Nationale de l'Informatique et des Libertés, the French Data Protection Authority).

Note: we didn't say anything about opting out from mailing lists because there's none. We don't send any marketing email, only personal emails related to your account.

Retention

By default we keep all the information provided in your settings or collected by your monitors (e.g. downtimes, metrics) up until you choose to delete your account (or monitors). But we automatically delete inactive checks and accounts after 3 years of inactivity.

Additionally we do reduce the level of details persisted after some time for active checks, for example the Apdex metrics (initially stored per hour) are grouped by day after 2 days and then by months after 40 days. The detailed responses for the last 5 requests which started a downtime are deleted after 3 years, the downtime is kept but only with basic information (error and timing).

Logs and usage information that are not necessary for the execution of our service are only kept for one month after their collection.

Security

While no online service is 100% secure, we work very hard to protect your information against unauthorized access or alteration, and take reasonable measures to do so, such as keeping software up-to-date, restricting access to internal services and using state-of-the-art authentication and encryption methods.

Other Things You Should Know (Keep Reading!)

Transferring Information

Because our service is offered worldwide, the information about you that we process when you use the service in the EU may be used, stored, and/or accessed by individuals operating outside the European Economic Area (EEA) who work for us, or third party data processors. This is required for the purposes listed in the "What do we share, and why" section above. When providing information about you to entities outside the EEA, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy as required by applicable law.

List of sub-processors

updown.io uses the following products/services (which are all GDPR compliant):

  • OVH, Vultr, Digital Ocean and Hetzner for sending monitoring requests, hosting the website and storing data.
  • Stripe, Paypal and CoinGate for payments.
  • Postmark and MailerSend for sending Email notifications.
  • Vonage (formerly Nexmo), SMS.to, SMSalert.mobi for sending SMS notifications.
  • Canny the product feedback tool.

Updates

Although most changes are likely to be minor, we may change our Privacy Policy from time to time. We encourage you to frequently check this page for any changes.

Changelog

  • August 17th, 2024: Replaced UserVoice by Canny as a product feedback tool.
  • June 12th, 2023: Added SMSalert.mobi notification provider (alternative used for some countries).
  • May 17th, 2023: Added SMS.to notification provider (alternative used for some countries or as failover).
  • July 28th, 2022: Added more details about the automatic data purge and compaction in the "Retention" section
  • May 5th, 2022: Renamed Nexmo to Vonage in the list of sub-processors (same service but acquired)
  • March 5th, 2021: Replaced SendGrid by MailerSend in the list of sub-processors
  • Jan 23th, 2020: Replaced Bitpay by CoinGate in the list of sub-processors as payment service provider for cryptocurrencies.
  • Nov 12th, 2020: Added a "Retention" section describing how long do we keep your data. Removed the "Usage Information" and "Analytics service Provided by Others" sections as we're not using such service any more. Updating the "Location Information" section to clarify that we may be locating servers but not clients. Updating the "Information from Cookies" section to clarify that we only use cookies for authentication.
  • June 7th, 2020: Replaced Scaleway by Hetzner in the list of sub-processors
  • August 14th, 2019: Replaced Mandrill by SendGrid in the list of sub-processors
  • June 23rd, 2018: Removed Google Analytics and added Uservoice to the list of sub-processors
  • May 25th, 2018: Initial version

Note: this Privacy Policy is based on the Creative Commons licensed policy by Automatic (the awesome guys that created WordPress).

Documention & FAQ Support
System Status
Twitter
  • API
  • About
  • Blog
  • Feature requests
  • Terms of Service
  • Privacy Policy
Made with in Paris, France since 2012