Information we collect
We collect account details (name, email, workspace), billing metadata via Stripe, technical usage data (IP, request logs), and monitor configuration including URLs and webhook settings. Webhook payloads may contain content from monitored URLs.
How we use information
We use data to provide and secure the Service, process payments, send transactional notices, and (with your opt-in) marketing. We do not sell your personal information or use it for automated decisions with legal effect.
Sharing
We share data only with subprocessors (hosting, payment, email, analytics) under appropriate agreements. A full subprocessor list is published at diffhook.com/subprocessors. We do not sell personal information.
Retention and security
Data is retained while your account is active. After termination, a 30-day export window is followed by deletion within 60 days, except where law requires longer retention. We use encryption in transit and at rest.
Your choices
Depending on your location you may access, correct, delete, export, or restrict your data. Requests are responded to within 30 days (45 days for CCPA). California residents have additional rights under CCPA/CPRA.
Contact
For privacy requests or questions, email support@diffhook.com. EU/UK residents may also contact their local data protection supervisory authority.
This page is a general summary and does not replace legal advice. We may update this policy from time to time; the effective date at the top will change when we do. Read the complete policy.