Privacy Policy
Effective July 6, 2026
Undownable is an uptime and status-page monitoring service operated by Undownable ("we", "us"). This policy describes what data we collect when you use undownable.com, why we collect it, and what we do with it. The short version: we collect what the service needs to work, we don't run ads or third-party analytics, and we don't sell or share your data with anyone except the processors listed below.
Data we collect
- Account data — your name, email address, and a hashed password (we never store plaintext passwords), plus the teams you create or belong to.
- Monitoring configuration — the URLs, hostnames, and settings of the monitors you create. Sensitive monitor settings such as request headers and notification-channel credentials are encrypted at rest.
- Check results — the outcomes of monitoring checks we run against your configured targets (status, response time, errors), retained according to your plan's history limits and then deleted.
- Billing data — handled by Stripe. We store your Stripe customer reference and subscription state; your card details never touch our servers.
- Operational logs — standard server logs (IP address, user agent, request path) kept briefly for security and debugging.
What we don't collect
- No advertising or third-party analytics trackers — the only cookies we set are the session and security cookies the application needs to function.
- No marketing emails — email from us is transactional (alerts you configured, billing, account notices).
- We never sell, rent, or trade your data.
How we use your data
Solely to provide the service: running your checks, opening and resolving incidents, delivering the notifications you configure, rendering your status pages, and billing your subscription. Aggregated, non-identifying statistics (for example, total checks run) may be used to operate and improve the service.
Public status pages
Status pages you mark as public are visible to anyone with the link and show the monitor names, uptime history, and incident timeline you chose to include. Making a status page public is always your explicit choice, and you can make it private or delete it at any time.
Processors we rely on
- Stripe — payment processing (stripe.com/privacy).
- DigitalOcean — cloud hosting; your data is stored on servers in the United States.
- Notification services you configure — when you connect a channel (email, ntfy, Telegram, Slack, Discord, or a webhook), we send alert content to that service on your behalf. Their handling of it is governed by their own policies.
Data retention and deletion
Check history is pruned automatically to your plan's retention window. Deleted monitors and their history are purged shortly after deletion. If you delete your account, or ask us to, we delete your account data, monitors, check history, and status pages; billing records are retained only as long as tax and accounting law requires.
Your rights
You can access and update your account data in the app at any time. You can ask us for a copy of your data, or ask us to correct or delete it, by emailing the address below. We answer promptly — there's a human on the other end, not a ticket queue.
Security
All traffic is encrypted in transit (TLS). Sensitive configuration is encrypted at rest. Access to production systems is restricted and key-based. No system is perfectly secure, but if we ever learn of a breach affecting your data we will notify you without undue delay.
Changes
If this policy changes materially we'll note the new effective date here and, for significant changes, email account holders before they take effect.
Contact
Questions or requests: support@undownable.com