Privacy Policy
Last updated: 3/7/2026
Introduction
This Privacy Policy describes how Probecast ("we", "our" or "Platform") collects, uses, shares, and protects your personal information when you use our API monitoring service.
We are committed to protecting your privacy and comply with applicable data protection laws, including GDPR (Europe), LGPD (Brazil), and CCPA (California,USA).
1. Information We Collect
1.1 Information You Provide
- Account Data: Name, email, password (encrypted), phone number (optional)
- Payment Data: Credit card information (processed by Stripe, not stored by us)
- Configuration Data: Monitored API URLs, authentication headers (encrypted), webhooks, alert preferences
- Communications: Messages sent to our support, feedback, comments
1.2 Automatically Collected Information
- Usage Data: Pages visited, features used, access time
- Technical Data: IP address, browser type, operating system, device
- Monitoring Data: Timestamps, status codes, latencies, check regions (metadata only, we don't store complete requests/responses)
- Cookies: Session identifiers, user preferences (see Cookies section)
1.3 Third-Party Information
- Social Authentication: If you log in via Google, we collect name, email, and profile photo
- Payment Providers: Stripe sends us information about transactions and subscription status
2. How We Use Your Information
We use your personal information for the following purposes:
Provide the Service
Create and manage your account, process payments, monitor your APIs, send alerts, generate reports
Communication
Send notifications about incidents, service updates, changes to terms, newsletters (with opt-out)
Improve the Service
Analyze usage, identify bugs, develop new features, optimize performance
Security
Detect and prevent fraud, abuse, malicious activities, terms violations
Legal Compliance
Fulfill legal obligations, respond to court orders, protect rights and property
3. Legal Basis for Processing (GDPR/LGPD)
We process your personal data based on the following legal bases:
- Contract Performance: Necessary to provide the service you contracted
- Consent: For marketing, non-essential cookies, and sensitive data processing
- Legitimate Interest: To improve the service, security, and fraud prevention
- Legal Obligation: To comply with applicable laws and court orders
4. Information Sharing
We do not sell your personal information. We share data only in the following situations:
4.1 Service Providers
We share with third parties that help us operate the Service:
- Stripe: Payment processing
- AWS: Infrastructure hosting and storage
- Twilio/SendGrid: SMS and email delivery
- Analytics: Usage analysis tools (anonymized data)
All providers are contractually obligated to protect your data and use it only for specified purposes.
4.2 Legal Requirements
We may disclose information if required by law, court order, or government legal process, or to protect our rights, property, and security.
4.3 Corporate Transactions
In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified via email about any change in ownership or use of your personal information.
5. Data Security and Protection
We implement appropriate technical and organizational measures to protect your data:
- Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
- Credentials: Bcrypt hashed passwords, encrypted API headers, never logged
- Access: Principle of least privilege, mandatory 2FA for administrators
- Backups: Daily encrypted backups, retained for 30 days
- Monitoring: Audit logs, anomaly detection, security alerts
- Testing: Regular security audits, penetration testing
Note: No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Cookies and Similar Technologies
We use cookies and similar technologies to improve your experience:
Essential Cookies
Required for site functionality (authentication, session, security). Cannot be disabled.
Functionality Cookies
Remember your preferences (language, timezone, display settings).
Analytics Cookies
Collect anonymous information about how you use the site to help us improve the service.
You can configure your browser to refuse cookies, but this may limit site functionality. Manage your preferences in Settings β Privacy.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes described in this policy:
| Data Type | Retention Period |
|---|---|
| Account data | While account is active + 30 days after deletion |
| Monitoring data (Indie/Startup) | 30 days |
| Monitoring data (Scale) | 90 days |
| Payment data | 7 years (tax requirement) |
| Audit logs | 1 year |
| Backups | 30 days after deletion |
8. Your Rights (GDPR - Europe)
If you are in the European Union or European Economic Area, you have the following rights:
Right of Access
Obtain confirmation about whether we process your data and access a copy of it
Right to Rectification
Correct inaccurate or incomplete personal data
Right to Erasure
Request deletion of your personal data (subject to legal exceptions)
Right to Data Portability
Receive your data in a structured, machine-readable format (JSON)
Right to Restriction
Limit the processing of your data under certain circumstances
Right to Object
Object to processing based on legitimate interest or for direct marketing
Withdrawal of Consent
Withdraw consent at any time (when processing is based on consent)
Right to Complain
Lodge a complaint with the competent data protection authority
To exercise these rights, contact our DPO at privacy@probecast.io
9. Your Rights (LGPD - Brazil)
According to the General Data Protection Law (LGPD - Law 13.709/2018), you have the following rights:
- Confirmation of the existence of data processing
- Access to your personal data
- Correction of incomplete, inaccurate, or outdated data
- Anonymization, blocking, or deletion of unnecessary data or data processed improperly
- Data portability to another service provider
- Deletion of personal data processed with consent
- Information about data sharing with public and private entities
- Information about the possibility of not providing consent and consequences of refusal
- Revocation of consent
Data Protection Officer (DPO): To exercise your rights or clarify questions about data processing, contact our Data Protection Officer at privacy@probecast.io
10. Your Rights (CCPA - California, USA)
If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:
Right to Know
You have the right to request that we disclose the categories and specific pieces of personal information we collect, use, disclose, and sell about you.
Right to Delete
You have the right to request that we delete your personal information that we collected from you, subject to certain exceptions.
Right to Opt-Out
You have the right to opt out of the sale of your personal information.
Note: We do NOT sell personal information.
Right to Non-Discrimination
You have the right not to be discriminated against for exercising any of your rights under the CCPA.
To exercise these rights, send a verifiable request to privacy@probecast.io. We will respond within 45 days.
11. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence, including the United States and Brazil. These countries may have different data protection laws.
When we transfer personal data outside the EEA, we use approved mechanisms such as:
- European Commission Standard Contractual Clauses (SCCs)
- Privacy Shield certification (when applicable)
- European Commission adequacy decisions
12. Children's Privacy
Our Service is not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and are aware that your child has provided us with personal data, please contact us. If we discover that we have collected data from children without verification of parental consent, we will take steps to remove that information.
13. Changes to this Policy
We may update this Privacy Policy periodically. We will notify you about material changes by email or through a prominent notice on the Service.
We recommend that you review this Policy periodically. The "Last updated" date at the top indicates when this Policy was last revised.
14. Contact and DPO
For questions about this Privacy Policy or to exercise your rights:
Data Protection Officer (DPO)
- Email: privacy@probecast.io
- General Email: legal@probecast.io
- Support: support@probecast.io
Data Protection Authorities: You also have the right to lodge a complaint with the data protection authority of your country:
- πͺπΊ Europe: Your national data protection authority
- π§π· Brazil: ANPD (National Data Protection Authority)
- πΊπΈ USA (CA): California Attorney General's Office