Privacy Policy

1. Introduction

AmIUp ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website uptime monitoring and internet connectivity service (the "Service").

This policy applies to all users of AmIUp, including those in the European Union (EU), European Economic Area (EEA), United Kingdom (UK), and worldwide. We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

When you create an account or use our Service, we collect:

• Account Information: Email address, business name, password (encrypted)
• Billing Information: Payment details processed securely through Stripe (we do not store credit card numbers)
• Monitoring Configuration: Website URLs, agent locations, monitoring preferences
• Communication Data: Messages you send us via contact forms or support requests

2.2 Information Automatically Collected

When you use our Service, we automatically collect:

• Monitoring Data: Website HTTP status codes, response times, DNS lookup results, SSL certificate status, IP addresses of your monitored sites
• Agent Data: Internet connectivity status, latency measurements, public IP addresses, DNS health checks from your on-site agents
• Usage Data: Log data, access times, browser type, device information, IP address, pages viewed
• Cookies and Tracking: Session cookies, analytics cookies, authentication tokens (see Cookie Policy below)

2.3 Information We Do NOT Collect

• We do NOT inspect, store, or analyze the content of your website or network traffic
• We do NOT collect personal data of your website visitors
• We do NOT access internal network resources beyond connectivity monitoring

3. How We Use Your Information

We use your information for the following purposes:

• Provide the Service: Monitor website uptime and internet connectivity, send alerts, display dashboard data
• Account Management: Create and manage your account, authenticate access, process payments
• Communication: Send service notifications, alerts, billing updates, and respond to inquiries
• Improvement: Analyze usage patterns to improve service reliability and user experience
• Security: Detect fraud, prevent abuse, and protect against security threats
• Legal Compliance: Comply with legal obligations, resolve disputes, enforce our agreements

Legal Basis (GDPR): We process your data based on (a) contractual necessity to provide the Service, (b) legitimate interests in operating and improving our business, (c) your consent for optional features like analytics, and (d) legal obligations.

4. Cookie Policy

We use cookies and similar tracking technologies to provide and improve our Service. By using AmIUp, you consent to our use of cookies in accordance with this policy.

4.1 Types of Cookies We Use

4.2 Managing Cookies

You can control cookies through your browser settings. However, disabling essential cookies may prevent you from using certain features of the Service. To opt-out of Google Analytics specifically, visit Google Analytics Opt-out.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

5.1 Service Providers

We share data with trusted third-party vendors who help us operate the Service:

• AWS Cognito: User authentication and identity management
• Stripe: Payment processing (they have their own privacy policy)
• Google Analytics: Website usage analytics (with your consent)
• Cloud Infrastructure: Hosting providers (e.g., AWS, Vercel) for data storage and processing

All service providers are contractually required to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, safety, or property.

5.3 Business Transfers

If AmIUp is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

6. Data Retention

We retain your data only as long as necessary to provide the Service and comply with legal obligations:

• Account Data: Retained while your account is active, plus 90 days after deletion
• Monitoring Data: Historical uptime data retained for 12 months, then aggregated or deleted
• Billing Records: Retained for 7 years for tax and accounting purposes
• Logs: Server logs retained for 90 days for security and troubleshooting

You can request deletion of your data at any time by contacting us (see Section 9).

7. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (TLS/SSL) and at rest (AES-256)
• Secure authentication via OAuth 2.0 with PKCE
• Regular security audits and penetration testing
• Access controls and least-privilege principles
• Incident response and breach notification procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Rights (GDPR & CCPA)

Depending on your location, you have the following rights regarding your personal data:

EU/EEA/UK Users (GDPR):

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time (e.g., analytics cookies)
• Right to Lodge a Complaint: File a complaint with your data protection authority

California Users (CCPA):

• Right to Know: Request information about data collection and use
• Right to Delete: Request deletion of your personal data
• Right to Opt-Out: Opt-out of data sales (note: we do not sell your data)
• Right to Non-Discrimination: Equal service regardless of privacy rights exercised

To exercise any of these rights, please contact us at privacy@amiup.com. We will respond within 30 days.

9. International Data Transfers

AmIUp is based in the United States. If you access the Service from outside the US, your data may be transferred to, stored, and processed in the US or other countries where our service providers operate.

For EU/EEA/UK users: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection for international transfers. We also comply with the EU-US Data Privacy Framework where applicable.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our website or dashboard

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For EU/EEA/UK users, you also have the right to lodge a complaint with your local supervisory authority.