Privacy Policy

1. Introduction

Saengsa ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website monitoring service. Please read this privacy policy carefully.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and password when you create an account
• Profile Information: Company name, timezone preferences, and notification settings
• Website Information: URLs and names of websites you choose to monitor
• Payment Information: Processed securely by Paddle.com, our payment processor

2.2 Information We Collect Automatically

• Monitoring Data: Response times, status codes, and availability of monitored websites
• Usage Data: Features used, frequency of use, and interaction patterns
• Device Information: Browser type, operating system, and device identifiers
• Log Data: IP addresses, access times, and referring pages

2.3 Information from Third Parties

• OAuth Providers: Basic profile information when you sign in with Google
• Payment Processor: Transaction status and subscription information from Paddle

3. How We Use Your Information

We use the collected information for:

• Providing and maintaining our monitoring service
• Processing your transactions and managing subscriptions
• Sending downtime alerts and notifications
• Improving and personalizing our service
• Analyzing usage patterns and service performance
• Communicating service updates and changes
• Preventing fraud and ensuring security
• Complying with legal obligations

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information with:

4.1 Service Providers

• Paddle: Payment processing and subscription management
• AWS SES: Email delivery for alerts and notifications
• Vercel: Hosting and infrastructure services
• PostgreSQL: Database hosting through secure providers

4.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or if necessary to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

5. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit using HTTPS/TLS
• Encryption of sensitive data at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Secure development practices and code reviews
• Incident response and breach notification procedures

6. Data Retention

1. Account data is retained while your account is active
2. Monitoring history is retained based on your plan (7-365 days)
3. Deleted account data is removed within 30 days
4. Backup data is retained for up to 90 days
5. Legal and billing records may be retained as required by law

7. Your Rights and Choices

7.1 Access and Control

• Access: View your personal information in your account settings
• Update: Modify your profile and preferences anytime
• Export: Download your monitoring data in common formats
• Delete: Request account deletion through support

7.2 Communication Preferences

• Manage alert notifications in your account settings
• Unsubscribe from marketing emails using the link in emails
• Control browser notifications through your browser settings

8. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Understanding usage patterns and improving service
• Preference Cookies: Remembering your settings and choices

You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and data processing agreements.

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it promptly.

11. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

12. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising privacy rights

13. GDPR Rights

If you are in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on our service. Your continued use after changes indicates acceptance of the updated policy.

15. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

• Email: privacy@saengsa.com
• Support: support@saengsa.com
• Website: https://saengsa.com
• Data Protection Officer: dpo@saengsa.com