Skip to main content

Privacy Policy

Last Updated: 2026-01-30
Effective Date: 2026-01-30

FreshGuard ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our data pipeline monitoring service ("Service").

Quick Summary: We collect information to provide our Service. We don't sell your personal data. We comply with GDPR, CCPA, and other privacy regulations. You have rights over your data, including access, deletion, and portability.

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Legal Basis for Processing (GDPR)
  4. Information Sharing and Disclosure
  5. Data Retention
  6. Data Security
  7. International Data Transfers
  8. Your Privacy Rights
  9. Rights for EEA/UK Residents (GDPR)
  10. Rights for California Residents (CCPA/CPRA)
  11. Cookies and Tracking Technologies
  12. Children's Privacy
  13. Third-Party Links
  14. Changes to This Policy
  15. Contact Us

1. Information We Collect

1.1 Information You Provide

Account Information:

  • Name and email address
  • Company/organization name
  • Password (encrypted)
  • Profile information

Payment Information:

  • Billing name and address
  • Payment method details (processed by Stripe; we don't store full card numbers)

Communications:

  • Support requests and feedback
  • Survey responses
  • Email correspondence

Data Source Credentials:

  • Database connection strings (encrypted at rest)
  • API keys for integrations

1.2 Information Collected Automatically

Usage Data:

  • Features used and actions taken
  • Monitoring rules created and alerts triggered
  • Check execution history
  • Session duration and frequency

Device and Technical Data:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Referring URLs

Log Data:

  • Access timestamps
  • Error logs
  • API request logs

1.3 Information from Third Parties

OAuth Providers:

  • When you sign in via GitHub, Google, or Microsoft, we receive your name, email, and profile picture

Payment Processor:

  • Stripe provides us with transaction confirmations and billing details

2. How We Use Your Information

We use your information to:

Purpose Data Used
Provide and maintain the Service Account info, credentials, usage data
Process payments and billing Payment info, account info
Send service notifications and alerts Email, notification preferences
Provide customer support Account info, communications
Improve and develop new features Aggregated usage data
Ensure security and prevent fraud Log data, IP addresses
Comply with legal obligations As required by law
Send marketing communications (with consent) Email, preferences

For users in the European Economic Area (EEA) and UK, we process personal data based on:

  • Contract Performance: Processing necessary to provide the Service you've subscribed to
  • Legitimate Interests: Improving our Service, preventing fraud, and ensuring security
  • Legal Obligations: Compliance with applicable laws and regulations
  • Consent: For marketing communications and optional features (you can withdraw consent at any time)

4. Information Sharing and Disclosure

We do not sell your personal data.

We may share your information with:

4.1 Service Providers

Third parties that help us operate our Service, including:

  • Cloud Infrastructure: Cloudflare (hosting, CDN)
  • Database: Neon (PostgreSQL hosting)
  • Payment Processing: Stripe
  • Email: Our email service provider
  • Analytics: Privacy-focused analytics tools

These providers are contractually bound to protect your data and use it only for the services they provide to us.

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.4 With Your Consent

We may share information with third parties when you give us explicit consent.

5. Data Retention

Data Type Retention Period
Account Information Duration of account + 30 days after deletion
Customer Data (monitoring results) Per your subscription plan (30-365 days)
Billing Records 7 years (legal requirement)
Support Communications 3 years
Log Data 90 days
Audit Logs Per subscription plan (90 days - 1 year)

You can request deletion of your data at any time (see "Your Privacy Rights" below).

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Access Controls: Role-based access, multi-factor authentication
  • Infrastructure: SOC 2 compliant cloud providers
  • Monitoring: 24/7 security monitoring and incident response
  • Auditing: Regular security assessments and penetration testing

While we strive to protect your data, no method of transmission or storage is 100% secure. If you believe your account has been compromised, please contact us immediately.

7. International Data Transfers

We are based in the United States and process data globally. If you are located outside the US, your data may be transferred to and processed in the US or other countries.

For EEA/UK Users:

When we transfer personal data outside the EEA/UK, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU Commission-approved clauses
  • UK International Data Transfer Addendum
  • Data Processing Agreements with our service providers

You can request a copy of the safeguards we use by contacting us at privacy@freshguard.dev.

8. Your Privacy Rights

Regardless of your location, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@freshguard.dev or use the settings in your account dashboard.

9. Rights for EEA/UK Residents (GDPR)

If you are in the European Economic Area or United Kingdom, you have additional rights under GDPR:

  • Right to Restriction: Request that we limit how we use your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

Data Protection Authority Contacts:

Data Controller:

For EEA/UK users, the data controller is FreshGuard. Contact our Data Protection representative at dpo@freshguard.dev.

10. Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

10.1 Your Rights

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising
  • Right to Limit Use of Sensitive Personal Information: We only use sensitive information for providing the Service
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

10.2 Categories of Personal Information

In the past 12 months, we have collected:

  • Identifiers: Name, email, IP address, account ID
  • Commercial Information: Subscription records, payment history
  • Internet Activity: Usage data, log data
  • Geolocation: Approximate location based on IP
  • Professional Information: Company name, job title

10.3 How to Exercise Your Rights

Submit a request by emailing privacy@freshguard.dev with subject line "CCPA Request" or call us at the number listed below. We will verify your identity before processing your request.

You may designate an authorized agent to make a request on your behalf by providing written authorization.

11. Cookies and Tracking Technologies

11.1 What We Use

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Functional Cookies: Remember your preferences
  • Analytics Cookies: Help us understand how you use the Service (privacy-focused, no cross-site tracking)

11.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

11.3 Do Not Track

We respect Do Not Track (DNT) browser signals. When enabled, we limit tracking to essential functionality only.

12. Children's Privacy

The Service is not intended for children under 16 years of age (or under 13 in the US). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@freshguard.dev.

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the new policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for material changes)

We encourage you to review this policy periodically. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@freshguard.dev
Data Protection Officer: dpo@freshguard.dev
General Inquiries: hello@freshguard.dev

Mailing Address:
FreshGuard
[Your Address]
[City, State ZIP]
United States

For EEA/UK inquiries, you may also contact our EU representative at eu-representative@freshguard.dev.

This Privacy Policy was last reviewed on 2026-01-30.