openstatus logoPricingDashboard

Privacy

The privacy conduct for openstatus

Welcome to openstatus.dev (the "Site"), hosted by openstatus ("openstatus", "we", "us", and/or "our"). openstatus provides an open-source synthetic monitoring platform that lets users monitor websites and APIs and receive notifications when they are down or slow (the "Services"). We value your privacy and are dedicated to protecting your personal data. This Privacy Policy covers how we collect, handle, store, and disclose personal data on our Platform.

If you have any questions, comments, or concerns regarding this Privacy Policy, our data practices, or would like to exercise your rights, do not hesitate to contact us at privacy@openstatus.dev.

To Whom Does This Policy Apply

This Privacy Policy applies to customers and site visitors. Each customer is responsible for posting its own terms, conditions, and privacy policies, and ensuring compliance with all applicable laws and regulations.

Changes To This Privacy Policy

This Privacy Policy may change from time to time, as our Platform and our business may change. Your continued use of the Platform after any changes to this Privacy Policy indicates your agreement with the terms of the revised Privacy Policy.

What Information Do We Collect

We collect the following categories of information:

  • Account information you provide when signing up or updating your profile: name, email address, profile photo, and authentication identifiers from the identity provider you choose (e.g. GitHub or Google OAuth subject IDs).
  • Workspace and billing information: workspace name, billing address, tax identifiers, and payment metadata returned by our payment processor (Stripe). We do not store full card numbers ourselves.
  • Configuration data you submit to operate the Services: monitor URLs, request headers, request bodies, assertions, status page configurations, notification channel destinations (email addresses, Slack/Discord/Microsoft Teams webhook URLs and bot tokens, OpsGenie/PagerDuty integration keys, SMS phone numbers), and incident notes.
  • Third-party integration credentials and identifiers that you choose to connect — for example, Slack workspace IDs, channel IDs, bot tokens, and user IDs returned during the OAuth install. We use these solely to deliver the integration's features (e.g. posting status updates to a Slack channel).
  • Monitoring results and telemetry generated by the Services: HTTP status codes, response timings, response headers and bodies (when you opt in), TCP/DNS check results, and trace data from the regions you select.
  • Usage and device information: log data such as IP address, browser type, pages viewed, referring URL, and timestamps. We use privacy-friendly analytics tools and do not use third-party advertising cookies.
  • Communications you send us, such as support requests and feedback.

We collect this information directly from you when you provide it on the Site, automatically when you use the Services, and from integration providers when you authorize them (e.g. Slack returns workspace and user identifiers during the OAuth flow).

What We Use Your Information For

We use your information to:

  • Provide, operate, and secure the Services, including running monitoring checks and delivering notifications you have configured.
  • Authenticate you and manage your workspace, billing, and subscriptions.
  • Communicate with you about your account, service updates, and support requests.
  • Improve the Platform, debug issues, and prevent abuse.
  • Comply with legal obligations.

We do not sell your personal data, and we do not use it for third-party advertising.

How We Share Your Information

We share personal data only with the sub-processors required to operate the Services, including our hosting and database providers, our payment processor (Stripe), our transactional email provider, our error-monitoring provider, and the third-party notification platforms you explicitly connect (such as Slack, Discord, Microsoft Teams, OpsGenie, PagerDuty, or SMS gateways). We may also disclose information when required by law.

Data Retention

We retain personal data only for as long as is necessary for the purposes set out in this Privacy Policy:

  • Account and workspace data is retained for as long as your account remains active. If you delete your account or workspace, we delete or anonymize the associated personal data within 30 days, except where we are required to retain it for legal, accounting, or fraud-prevention purposes.
  • Billing records are retained for the period required by applicable tax and accounting law (typically up to 7 years).
  • Monitoring results and telemetry are retained according to the data retention window of your subscription plan, after which they are deleted or aggregated.
  • Application logs containing IP addresses and request metadata are retained for up to 30 days for security and debugging purposes.
  • Third-party integration tokens (e.g. Slack bot tokens) are retained until you uninstall the integration or delete the workspace, after which they are deleted within 30 days.

When you uninstall the Slack app — either from the Slack workspace or from within openstatus — we revoke the OAuth grant and delete the associated bot token, workspace ID, and channel mappings within 30 days.

Your Rights

Depending on your jurisdiction (including under the GDPR, UK GDPR, and CCPA), you may have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete information.
  • Right to erasure ("right to be forgotten") — request that we delete your personal data.
  • Right to restrict or object to processing — ask us to limit how we use your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
  • Right to lodge a complaint with your local data protection authority.

You can exercise most of these rights directly from your account settings — you can edit or delete your profile, export your workspace data, and delete your workspace from the dashboard. To make any other request, or if you need help, email us at privacy@openstatus.dev. We will respond within 30 days. We may need to verify your identity before fulfilling the request, and we will not charge a fee unless the request is manifestly unfounded or excessive.

How To Contact Us

For privacy-related questions or to exercise any of the rights above, please contact us at privacy@openstatus.dev.