Legal

Privacy Policy

Effective Date: February 28, 2026 · Last Updated: February 28, 2026

This Privacy Policy explains how CloudSigma FZ-LLC ("CloudSigma", "we", "us") collects, uses, stores, and protects your personal information when you use the Status Page service ("Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Password (stored as a bcrypt hash — we never store plaintext passwords)
  • OAuth provider identifiers (if you sign in via Google or GitHub)
  • Profile avatar URL (if provided by your OAuth provider)

1.2 Usage Information

We automatically collect:

  • IP address and browser user agent
  • Pages visited and features used
  • Login timestamps and session duration
  • API request logs (endpoint, timestamp, response code)

1.3 Subscriber Information

If you subscribe to status notifications, we collect your email address and notification preferences (channels, components, event types).

1.4 Content

We store content you create through the Service, including incident descriptions, maintenance notices, component definitions, and uploaded images (logos, favicons).

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Send status notifications you have subscribed to
  • Send transactional emails (account verification, password resets, invitations)
  • Authenticate your identity and protect against unauthorized access
  • Monitor and prevent abuse, fraud, and security incidents
  • Comply with legal obligations

We do not sell your personal information to third parties. We do not use your data for advertising or profiling purposes.

3. Data Sharing

We may share your information with:

  • Service providers — Third-party services that help us operate the Service (email delivery via Mandrill/Mailchimp, cloud hosting). These providers are contractually bound to protect your data.
  • Your organization — If you are part of an organization using the Service, administrators within your organization can see your name, email, role, and activity.
  • Legal requirements — We may disclose information if required by law, regulation, or legal process.

4. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law. Aggregated, anonymized data may be retained indefinitely for analytics.

5. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.2+) and at rest
  • Passwords hashed with bcrypt (12 rounds)
  • API keys stored as SHA-256 hashes
  • Role-based access controls
  • Regular security reviews and infrastructure monitoring

No system is 100% secure. If we discover a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law.

6. Cookies

We use essential cookies for:

  • Session management (authentication state)
  • UI preferences (theme selection, UI version)

We do not use third-party tracking cookies or analytics cookies. We do not participate in cross-site tracking.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Rectification — Correct inaccurate personal data
  • Erasure — Request deletion of your personal data
  • Data portability — Receive your data in a structured, machine-readable format
  • Objection — Object to processing of your personal data
  • Withdraw consent — Where processing is based on consent, withdraw it at any time

To exercise these rights, contact us at privacy@cloudsigma.com.

8. International Data Transfers

The Service is operated from multiple regions. Your data may be processed in Switzerland, the United Arab Emirates, and other locations where CloudSigma operates infrastructure. We ensure appropriate safeguards are in place for international data transfers.

9. Children's Privacy

The Service is not intended for use by children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Last Updated" date at the top indicates when the policy was last revised.

11. Contact

For privacy-related inquiries:

CloudSigma FZ-LLC
Data Protection Contact: privacy@cloudsigma.com
General Support: support