Privacy Policy

Effective date: 2026-05-14.

This policy describes what data howlops.com collects, how it is processed, and the rights you have under GDPR and equivalent regimes. This is the initial published version — please review the latest version in the admin legal editor.

1. Data we collect

• Account data: email, name, workspace name, password hash, MFA factors.
• Operational data: monitor configurations, incidents, alert deliveries, audit log.
• Billing data: Stripe customer ID, last 4 digits of payment instrument, invoice metadata.
• Diagnostics: server logs (90 days), request rate metrics (1 year aggregated).

2. How we use it

• To operate the platform, deliver alerts, and bill paid subscriptions.
• To investigate abuse or security incidents.
• To improve the product (aggregated, never individually identifiable).

3. Sharing

We do not sell personal data. We share data with sub-processors strictly to operate the service: Stripe (billing), AWS (hosting), Mailpit / SES (email delivery), Sentry (error monitoring). A full sub-processor list is published in the admin sub-processors page.

4. Your rights

You can access, export, correct or delete your personal data at any time via Settings → Account. Workspace owners can export the entire workspace via the data-export endpoint.

5. Retention

Monitor history is retained per your tier. Incident audit logs are retained 1 year. Closed accounts are scrubbed within 30 days of confirmation.

6. Contact

Privacy questions: [email protected].