WG
Uptime Monitor

GDPR Information – Uptime Monitor

Version 1 – effective from 16 May 2026.

1. Data controller

The controller of your personal data is:

Infoweb
ul. Wrzosowa 12a/3
55-080 Smolec, Poland
NIP: 7342997158
(hereinafter: "Controller")

2. Contact for data protection matters

For matters related to personal data protection, you may contact the Controller:

  • email: contact@uptimestats.eu,
  • or via the contact form available in the Uptime Monitor Service.

The Controller has not appointed a Data Protection Officer.

3. Purposes and legal bases for processing

Your personal data is processed for the following purposes:

a) Provision of Uptime Monitor services

  • creating and managing a user account,
  • monitoring website availability,
  • checking SSL certificates and page load times,
  • sending notifications (email, web push, phone via ntfy).

Legal basis: Article 6(1)(b) GDPR (performance of a contract)

b) Billing and tax obligations

  • settlements for subscription plans based on a proforma invoice and bank transfer,
  • maintaining accounting records and issuing invoices.

Legal basis:

  • Article 6(1)(b) GDPR (contract),
  • Article 6(1)(c) GDPR (legal obligations).

During the beta phase, the Service does not support online payments and does not process payment card details.

c) User contact and support

  • handling enquiries and complaints,
  • communication related to the operation of the Service.

Legal basis: Article 6(1)(b) and (f) GDPR

d) Security and Service development

  • ensuring system security,
  • preventing abuse,
  • analysing Service operation and developing new features.

Legal basis: Article 6(1)(f) GDPR (legitimate interests of the Controller)

4. Categories of data processed

We may process in particular:

  • first name,
  • email address,
  • user account data,
  • data relating to monitored websites and projects,
  • email addresses of persons invited to share,
  • technical data (e.g. IP address, browser, device),
  • system logs and Service activity data,
  • invoice data (name, tax ID, address).

5. Recipients of data and processors

Personal data may be shared with entities supporting the Controller, in particular:

  • Hetzner Online GmbH (Germany, EU) – hosting of application and database servers; data stored within the European Union;
  • ntfy.sh (public push server) – delivery of phone notifications if you enable this channel;
  • browser push services (Google, Mozilla, Apple) – delivery of web push notifications (payload encrypted);
  • Google LLC (USA) – reCAPTCHA and Google Analytics / Tag Manager (transfer based on standard contractual clauses – SCC);
  • outgoing mail handled by the Controller's mail server in the EU;
  • accounting and legal entities and public authorities – where required by law.

6. Data transfers outside the EEA

Hosting data is stored within the European Union. With regard to the use of Google services (reCAPTCHA, Analytics) and browser push services, data may be transferred outside the European Economic Area – in such cases the Controller applies standard contractual clauses (SCC) approved by the European Commission.

7. Data retention periods

Personal data is retained:

  • for the duration of the use of Uptime Monitor services,
  • up to 30 days after account deletion (unless law requires a longer period),
  • for the period required by applicable law (e.g. tax regulations),
  • until claims become time-barred,
  • technical and security logs – as a rule up to 90 days.

Monitoring data is retained in accordance with the selected plan (from 1 to 12 months).

8. Data security

  • Servers in the European Union – data is stored on servers located in the EU (Hetzner, Germany).
  • Secure transmission – communication encrypted via HTTPS.
  • Password protection – passwords are not stored in plain text, only as one-way cryptographic hashes.
  • Access protection – rate limiting of login attempts, CSRF tokens and access control to data.
  • Data isolation – the Service architecture ensures that each User has access only to their own data and monitors.
  • Breach notification – in the event of a personal data breach, the Controller takes action in accordance with the GDPR, including, where necessary, reporting the incident to UODO within 72 hours.

9. Your rights

You have the right to:

  • access your data,
  • rectify your data,
  • erase your data,
  • restrict processing,
  • data portability,
  • object to processing,
  • withdraw consent at any time.

To exercise your rights, please contact the Controller (contact@uptimestats.eu).

10. Right to lodge a complaint

You have the right to lodge a complaint with the supervisory authority:

President of the Personal Data Protection Office (UODO)
ul. Stawki 2, 00-193 Warsaw, Poland

11. Voluntary nature of data provision

Providing data is voluntary, but necessary to:

  • create an account,
  • use Uptime Monitor services.

Failure to provide the required data makes it impossible to use the Service.

12. Automated processing

The Service uses automated monitoring mechanisms (e.g. checking website availability and SSL certificates). We do not make decisions with legal effects concerning you solely by automated means.

13. Final provisions

This information may be updated in response to legal or organisational changes. The current version, together with its number and effective date, is always available in the Uptime Monitor Service.

Start free monitoring of your website

Use free monitoring or try a Plan tailored to your needs for free.

Try for freeView available Plans