Privacy Policy

Introduction

downtime.ad ("we", "our", "us") is an uptime monitoring service operated from Andorra. We provide an iOS application and backend service that monitors website availability and sends push notifications when outages are detected.

This Privacy Policy explains what data we collect, how we use it, and your rights regarding your personal information. We are committed to protecting your privacy and handling your data transparently.

1. Data We Collect

We collect only the data necessary to provide our monitoring service. Here is exactly what we store:

• Email address — used for account creation and authentication.
• Password — stored as a secure, salted hash. We never store your password in plain text and cannot read it.
• URLs to monitor — the website addresses you add for uptime checking.
• Check results — HTTP status codes, response times, and timestamps from each monitoring check.
• Device push tokens — Apple Push Notification service (APNs) tokens used to deliver notifications to your iPhone.

2. How We Use Your Data

Your data is used exclusively to provide and operate the downtime.ad monitoring service:

• Authentication — your email and password hash are used to securely log you in via JWT-based authentication.
• Monitoring — the URLs you add are checked at regular intervals by our servers to determine their availability and response time.
• Notifications — your device push token is used to send you instant alerts via Apple Push Notification service when a monitored site goes down or recovers.
• Service improvement — aggregated, non-identifiable check data may be used to improve our monitoring infrastructure reliability.

3. Data Storage and Location

All data is stored in a PostgreSQL database hosted on a Hetzner VPS located in Europe. Data does not leave the European region.

We use industry-standard security practices for our server infrastructure, including encrypted connections (TLS/SSL), firewalls, and regular security updates.

4. Third-Party Sharing

The only external service that receives any of your data is Apple Push Notification service (APNs), which requires your device token to deliver push notifications. Apple's handling of push notification data is governed by Apple's Privacy Policy.

5. Cookies and Tracking

We do not use tracking cookies, third-party analytics, advertising pixels, or any form of cross-site tracking.

Our iOS app does not contain any third-party analytics SDKs, advertising frameworks, or tracking libraries. We do not track your behavior, build user profiles, or collect any data beyond what is described in this policy.

Authentication is handled via JWT tokens stored securely on your device. No cookies are used for tracking purposes.

6. Push Notifications

Push notifications are delivered through Apple Push Notification service (APNs). When you enable notifications in the app, we store your APNs device token on our server to send you alerts.

• Device tokens are stored securely in our database and are used solely for delivering monitoring alerts.
• You can disable push notifications at any time through your iPhone's Settings.
• If you revoke notification permissions, we will no longer send you alerts, though monitoring will continue.

7. Data Retention

We retain your data for as long as your account is active and you use the service.

• Account data (email, password hash) is kept while your account exists.
• Monitor data (URLs, check results, response times) is kept while your account exists.
• Device tokens are updated automatically when they change and removed when you delete your account.

When you delete your account, all associated data — including your email, monitors, check history, and device tokens — is permanently deleted from our database. This action is irreversible.

8. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR) and applicable data protection laws, you have the following rights:

• Right of access — you can request a copy of all personal data we hold about you.
• Right to rectification — you can update or correct your personal data (e.g., change your email address through the app).
• Right to erasure — you can delete your account and all associated data at any time.
• Right to data portability — you can request your data in a structured, machine-readable format.
• Right to object — you can object to any processing of your personal data.
• Right to restriction — you can request that we limit how we use your data.

To exercise any of these rights, contact us at hello@downtime.ad. We will respond within 30 days.

9. Security Measures

We take the security of your data seriously and implement the following measures:

• Encrypted connections — all communication between the app and our servers uses TLS/SSL encryption (HTTPS).
• Password hashing — passwords are hashed using industry-standard algorithms. We cannot retrieve your original password.
• JWT authentication — secure, stateless authentication tokens with expiration to protect your sessions.
• Minimal data collection — we only collect what is strictly necessary to provide the service.
• Server security — our infrastructure uses firewalls, SSH key authentication, and regular security updates.

10. Children's Privacy

downtime.ad is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16 years of age.

If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at hello@downtime.ad.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make changes, we will update the "Last updated" date at the top of this page.

For significant changes, we will make reasonable efforts to notify you through the app or via email. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us: