Privacy Policy

Introduction

FlareWarden LLC ("FlareWarden," "we," "us," or "our") operates the website monitoring service at flarewarden.com and app.flarewarden.com. This Privacy Policy describes how we collect, use, and protect your personal information when you use our services.

By using FlareWarden, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our services.

Information We Collect

Account Information

When you create an account, we collect:

• Email address
• Password (stored as a secure hash, never in plain text)
• Region preference (for data residency)

Session and Security Data

For security and service delivery, we collect:

• IP address (when you log in)
• User agent (browser and device information)
• Session tokens (for authentication)

Team and Organization Data

If you use team features, we collect:

• Team member email addresses
• Roles and permissions
• Invitation records

Monitoring Data

When you create monitors, we collect and store:

• URLs you choose to monitor
• Check results (response times, status codes, error messages)
• SSL certificate information (expiry dates, fingerprints, chain details)
• DNS records (A, AAAA, MX, CNAME, TXT, CAA records)
• Content verification results

Status Page Subscriber Data

If you create public status pages, your visitors may subscribe for updates. We collect:

• Subscriber email addresses (with their consent)
• Notification preferences
• Timezone (for localized notifications)

Note: Status page subscribers provide their email addresses voluntarily and must verify their email through double opt-in. They can unsubscribe at any time.

Audit Logs

We maintain audit logs of account activity including user actions, IP addresses, and timestamps. These logs help us maintain security and troubleshoot issues.

How We Use Your Information

We use the information we collect to:

• Provide our services: Execute monitoring checks, detect incidents, and send notifications
• Cross-region validation: Validate failures from multiple geographic regions to prevent false positives
• Account administration: Manage your account, process payments, and provide customer support
• Security: Detect and prevent fraud, abuse, and security threats
• Service improvement: Analyze usage patterns to improve our services
• Communication: Send transactional emails about your account and service updates

Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data under the following legal bases:

• Contract Performance (Article 6(1)(b)): Processing necessary to provide our monitoring services, manage your account, process payments, and deliver notifications you have configured
• Legitimate Interests (Article 6(1)(f)): Security monitoring, fraud prevention, service improvement, and analytics. We balance our interests against your rights and only process data where our interests do not override your fundamental rights
• Consent (Article 6(1)(a)): Status page subscribers provide consent when subscribing to notifications. You may withdraw consent at any time
• Legal Obligation (Article 6(1)(c)): Processing required for tax, accounting, and regulatory compliance

You may contact us at support@flarewarden.com to learn more about the specific legal basis for any particular processing activity.

Cookies

We use the following cookies:

We do not use tracking cookies or third-party analytics that track you across websites.

Third-Party Services

We use the following third-party services to operate FlareWarden:

Data Retention

We retain different types of data for different periods:

• Check results: 30-90 days depending on monitor type
• Webhook delivery logs: 7-30 days based on your plan
• Session data: 30 days (automatically cleaned up)
• Audit logs: Duration of your account
• Account data: Until you delete your account

Your Rights

You have the following rights regarding your personal data:

• Access: Export your data anytime via Account > Privacy & Data
• Correction: Update your profile information in your account settings
• Deletion: Delete your account via Account settings. This permanently removes all your data including monitors, team members, status pages, and historical data
• Portability: Export your data in CSV format

For EU residents (GDPR) and California residents (CCPA), you have additional rights including the right to object to processing and the right to restrict processing. Contact us at support@flarewarden.com to exercise these rights.

Data Security

We implement industry-standard security measures to protect your data:

• Passwords are hashed using bcrypt with a high cost factor
• All connections are encrypted using HTTPS/TLS
• Data is isolated between accounts
• CSRF protection on all forms
• Regular security reviews

For more details, see our Security page.

Children's Privacy

FlareWarden is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

International Data Transfers

FlareWarden operates in multiple regions (US-East, EU-West, Asia-Pacific). When you select a region, your account data is primarily stored in that region. However, some data may be processed in other regions for cross-region validation and service delivery. We ensure appropriate safeguards are in place for any international data transfers.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Your continued use of FlareWarden after changes are posted constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

FlareWarden LLC
Email: support@flarewarden.com