This Privacy Policy describes how Status Harbor ("we", "us", "our") collects, uses and protects your personal information when you use our uptime monitoring service ("Service").

1. Information We Collect

Account Information

Email address
Name (if provided)
Password (stored as a bcrypt hash — we never store plaintext passwords)
Google account information (if you register via Google OAuth)

Service Data

Monitor configurations (URLs, check intervals, expected responses)
Monitoring results and incident history
Status page configurations
Notification settings and integration tokens (Slack, Telegram, Webhook URLs)

Payment Information

Payment details (credit card numbers, billing address) are collected and processed directly by our payment provider, Solidgate. We do not store your full payment card details on our servers. We receive only a transaction reference and subscription status from Solidgate.

Automatically Collected Information

IP address
Browser type and version
Pages visited and usage patterns
Authentication tokens (JWT) stored in your browser

2. How We Use Your Information

To provide the Service — running monitors, sending alerts, managing your account
To process payments — managing subscriptions via Solidgate
To send notifications — delivering alerts through your configured channels (email, Slack, Telegram, Webhooks)
To improve the Service — analyzing usage patterns to fix issues and develop features
To communicate with you — sending service updates, billing notifications and support responses

3. Third-Party Services

We share information with the following third-party services as necessary to operate the Service:

Solidgate — payment processing (receives billing and payment information)
Google — authentication (if you use Google OAuth sign-in)
Slack — notification delivery (if you configure Slack integration)
Telegram — notification delivery (if you configure Telegram integration)

We do not sell, rent or trade your personal information to third parties for marketing purposes.

4. Data Retention

Account data — retained for the lifetime of your account
Monitoring data — check results and incident history are retained for the duration of your active subscription
Notification logs — retained for 90 days
After account deletion — all personal data is deleted within 30 days, except where retention is required by law

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

Encrypted data transmission (TLS/HTTPS)
Hashed passwords (bcrypt)
Encrypted integration tokens at rest
Access controls and authentication for all systems

6. Your Rights

You have the right to:

Access your personal data
Correct inaccurate personal data
Delete your account and associated data
Export your monitoring data
Withdraw consent for optional data processing

To exercise these rights, contact us at support@statusharbor.io or use the account settings in the application.

7. Cookies and Local Storage

We use JWT authentication tokens stored in your browser's local storage to maintain your session. We do not use third-party tracking cookies. If we introduce analytics in the future, we will update this policy and notify you.

8. International Data Transfers

Your data may be processed in countries other than your own. We ensure that appropriate safeguards are in place for any international data transfers in compliance with applicable data protection laws.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top reflects the most recent revision.

11. Contact

For questions or concerns about this Privacy Policy, contact us at support@statusharbor.io.