AlertsDockAlertsDock
🔒Syscobyte AB · GDPR Compliant

Privacy Policy

Last updated: 1 March 2026  ·  Effective: 1 March 2026

This Privacy Policy describes how Syscobyte AB ("we", "us", or "our"), a company registered in Sweden, collects, uses, and protects personal data when you use AlertsDock (alertsdock.com) and its related services. We are committed to processing personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Swedish data protection legislation.

1. Data Controller

Syscobyte AB

Registered in Sweden

Email: [email protected]

For all data protection inquiries, please contact us at the email address above. We aim to respond within 30 days.

2. Personal Data We Collect

2.1 Account Information

  • Name and email address (provided at registration)
  • Password (stored as a cryptographic hash — never in plain text)
  • Account preferences and settings

2.2 Billing Information

  • Payment details are processed by Stripe, Inc. — we do not store credit card numbers on our servers
  • Billing address and VAT number (for EU business customers)
  • Subscription history and invoices

2.3 Service Usage Data

  • Monitor URLs, configurations, and check results
  • Cron job ping records and schedules
  • Status page configurations and subscriber email addresses
  • Webhook payloads and inspection logs
  • Alert notification history

2.4 Technical Data

  • IP address and general geolocation (country/region)
  • Browser type, operating system, and device type
  • Access logs and API request logs
  • Cookies and similar tracking technologies (see Section 7)

3. Legal Basis for Processing (GDPR Article 6)

Art. 6(1)(b)
Contractual necessity: Processing your account data, billing, and service data to provide AlertsDock services under our Terms of Service.
Art. 6(1)(a)
Consent: For non-essential cookies, marketing communications, and analytics. You may withdraw consent at any time.
Art. 6(1)(f)
Legitimate interests: Security monitoring, fraud prevention, service improvement, and maintaining access logs. We balance this against your privacy rights.
Art. 6(1)(c)
Legal obligation: Where required by Swedish or EU law, such as retaining invoices and billing records for tax purposes (7 years under Swedish Bookkeeping Act).

4. How We Use Your Data

  • To create and manage your AlertsDock account
  • To provide uptime monitoring, cron job tracking, status pages, and webhook inspection services
  • To send service-related notifications (downtime alerts, billing receipts, account security notices)
  • To process payments and manage subscriptions via Stripe
  • To respond to support requests and communications
  • To detect, prevent, and investigate fraud and security incidents
  • To improve the reliability and performance of our platform
  • To comply with legal obligations

We do not sell, rent, or share your personal data with third parties for their marketing purposes.

5. Third-Party Data Processors

We work with trusted third-party processors under GDPR-compliant Data Processing Agreements:

ProcessorPurposeLocation
Stripe, Inc.Payment processing and billingUSA (SCCs apply)
Hetzner Online GmbHCloud infrastructure and hostingGermany/EU
Resend, Inc.Transactional email deliveryUSA (SCCs apply)
Cloudflare, Inc.DNS, CDN, and DDoS protectionUSA/Global (SCCs apply)

SCCs = Standard Contractual Clauses as approved by the European Commission for international data transfers.

6. International Data Transfers

Some of our third-party processors operate outside the European Economic Area (EEA). Where data is transferred to countries without an EU adequacy decision, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission under GDPR Article 46(2)(c) to ensure an adequate level of protection. Our primary infrastructure is hosted within the EEA (Germany).

7. Cookies and Tracking Technologies

We use cookies and similar technologies in accordance with the EU ePrivacy Directive (Cookie Law). You can manage your cookie preferences at any time using the cookie settings button at the bottom of any page.

Necessary CookiesAlways Active

Session management, authentication tokens, CSRF protection, and user preferences. Required for the site to function. No consent needed under ePrivacy Directive.

Analytics CookiesConsent Required

Help us understand how visitors use our site (page views, traffic sources, device types). We use privacy-respecting analytics that do not track individuals across websites.

Marketing CookiesConsent Required

Used to measure the effectiveness of marketing campaigns. These are only active if you have explicitly consented.

8. Data Retention

Account dataRetained for the duration of your account. Deleted within 30 days of account deletion request.
Monitor history30 days on Free plan, 90 days on Pro, 1 year on Team. Deleted when account is deleted.
Billing records7 years as required by the Swedish Bookkeeping Act (Bokföringslagen).
Access logs90 days for security purposes, then automatically deleted.
Status page subscribersUntil the subscriber unsubscribes or the status page is deleted.

9. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights. To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Right of Access (Art. 15)

Request a copy of all personal data we hold about you.

Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete data.

Right to Erasure (Art. 17)

Request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements.

Right to Restriction (Art. 18)

Request that we limit how we process your data in certain circumstances.

Right to Portability (Art. 20)

Receive your data in a structured, machine-readable format and transfer it to another controller.

Right to Object (Art. 21)

Object to processing based on legitimate interests, including for direct marketing.

Right to Withdraw Consent (Art. 7)

Withdraw consent at any time where processing is based on consent. This does not affect prior lawful processing.

Right to Lodge a Complaint

Lodge a complaint with the Swedish supervisory authority: Integritetsskyddsmyndigheten (IMY) at imy.se.

10. Security Measures

We implement appropriate technical and organisational security measures (GDPR Article 32) including: TLS/HTTPS encryption for all data in transit; bcrypt hashing for passwords; encrypted database backups; role-based access controls; regular security audits; and isolated infrastructure. In the event of a personal data breach that risks your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, as required by GDPR Articles 33–34.

11. Children's Privacy

AlertsDock is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email at least 30 days before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of AlertsDock after a policy update constitutes acceptance of the updated policy.

13. Supervisory Authority

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the Swedish data protection supervisory authority:

Integritetsskyddsmyndigheten (IMY)

Box 8114, 104 20 Stockholm, Sweden

Website: imy.se

Email: [email protected]

We encourage you to contact us first so we can address your concern directly.

Questions?

For all data protection and privacy inquiries, contact our privacy team.

📧[email protected]