Legal

Privacy Policy

Upscanr ("we", "our", "us") operates upscanr.com. This policy explains what data we collect, why we collect it, and how you can control it.

Last updated June 2025

Data we collect

  • Account data – your name, email address, and hashed password when you register.
  • Monitor configuration – the URLs, keyword rules, and alert settings you save.
  • Check results – HTTP status codes, response times, and keyword match outcomes for every check we run on your URLs.
  • Billing data – your subscription tier and billing period. Payment card details are held exclusively by Stripe; we never see or store them.
  • Email logs – timestamps and delivery status of alert emails we send on your behalf.
  • Usage counters – aggregated counts of checks run and alert emails sent per billing period, used for plan enforcement.

What we do not collect

  • We do not use third-party analytics cookies or advertising trackers.
  • We do not sell or rent your data to any third party.
  • We do not store the full HTML content of the URLs we check — only the check outcome (status, response time, keyword match).

How we use your data

  • To run your uptime monitors and send you alerts when a URL goes down or recovers.
  • To enforce plan limits (monitor count, check frequency, alert recipients).
  • To send transactional emails: email verification, password reset, and alert notifications.
  • To manage your subscription via Stripe.

Data retention

Check results are retained while your account is active. If you delete your account, all associated data (monitors, check results, email logs, billing records) is permanently deleted within 30 days.

Your rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account at any time by emailing support@upscanr.com. Deletion is available directly from your account settings.

Third-party processors

  • Stripe – payment processing. Subject to Stripe’s Privacy Policy.
  • Resend – transactional email delivery.
  • Neon – managed PostgreSQL database hosting.
  • Vercel – application hosting and serverless compute.

Cookies

We set one first-party session cookie after you log in. This cookie is strictly necessary for authentication and expires when you log out or after an inactivity period. We do not use advertising or analytics cookies.

Security

Passwords are hashed with bcrypt before storage. All data is transmitted over HTTPS. We use environment-based secrets for session signing and cron authentication.