About This Policy
This Privacy Policy explains how StatusFox collects, uses, stores, and protects your personal data when you visit statusfox.app or use any related StatusFox services.
This policy applies to all visitors to statusfox.app, newsletter subscribers, and users of the StatusFox monitoring service. It is effective as of April 15, 2026.
We are committed to processing personal data lawfully, fairly, and transparently in accordance with the General Data Protection Regulation (GDPR) and applicable Czech Republic data protection law.
Data Controller
The data controller for personal data collected through statusfox.app is StatusFox, contactable at privacy@statusfox.app.
If you have any questions about how your personal data is processed, or wish to exercise your rights under GDPR, you can contact us at:
Email: privacy@statusfox.app
Data We Collect
Current: Newsletter and Website
Email address
When you subscribe to the StatusFox waitlist or newsletter, we collect your email address. Your email address is transmitted to Sender.net, our email delivery provider, for the purpose of sending product updates and announcements. We do not store your email address on our own servers.
- Legal basis: Legitimate interest. You actively signed up to receive product updates. You can unsubscribe at any time using the link in any newsletter email.
- Retention: Until you unsubscribe, plus up to 30 days for deletion to process through Sender.net systems.
IP address
Your IP address is processed in memory by our server for the purpose of rate limiting and security. This helps us prevent abuse and protect the service. Your IP address is not written to any database or log file and is discarded when the server process ends or when the rate limiter entry expires (typically within minutes).
- Legal basis: Legitimate interest (security and service protection).
- Retention: In-memory only; cleared automatically. Not persisted to disk.
When You Use the StatusFox Monitoring Service
The following data is collected when you create an account and use the StatusFox uptime monitoring service. This section applies to registered users of the monitoring product; it does not apply to visitors who have only subscribed to the newsletter.
Monitoring configuration
URLs, check intervals, alert thresholds, and other monitoring settings you configure.
- Legal basis: Contract performance (required to provide the monitoring service you subscribed to).
- Retention: Duration of your active subscription, plus 30 days after cancellation.
Uptime and response time measurements
Measurement results from monitoring checks performed against your configured endpoints, including response times, HTTP status codes, and availability data.
- Legal basis: Contract performance.
- Retention: Duration of your active subscription, plus 30 days after cancellation.
Dashboard settings and preferences
Your account preferences and dashboard configuration options.
- Legal basis: Contract performance.
- Retention: Duration of your active subscription, plus 30 days after cancellation.
Incident history and alert logs
Records of detected incidents, downtime events, and notifications sent to your configured alert channels.
- Legal basis: Contract performance.
- Retention: 12 months from the date of each incident.
Notification channel data
Email addresses, webhook URLs, and other notification channel details you provide for receiving alerts.
- Legal basis: Contract performance.
- Retention: Duration of your active subscription, plus 30 days after cancellation.
Cookies and Browser Storage
We use cookies and browser local storage for essential website functionality. We do not use any third-party tracking cookies, analytics cookies, or advertising cookies.
| Name | Type | Purpose | Duration | Legal Basis |
|---|---|---|---|---|
csrf_token |
Cookie | Prevents cross-site request forgery attacks by verifying that form submissions originate from this website | 30 days | Legitimate interest (security) |
tsf-theme |
Local Storage | Remembers your theme preference (dark or light mode) between visits | Until cleared by you | Legitimate interest (UI functionality) |
tsf-billing |
Local Storage | Remembers your billing display preference (monthly or annual pricing) between visits | Until cleared by you | Legitimate interest (UI functionality) |
Local Storage items (tsf-theme and tsf-billing) are
stored entirely within your browser and are never transmitted to our servers.
They exist only to improve your experience on the site.
The csrf_token cookie is a security cookie required for the newsletter
subscription form to function correctly. It does not track you across sites.
Sub-Processors
We use the following third-party providers (sub-processors) who may process personal data on our behalf. We maintain Data Processing Agreements with our sub-processors as required by GDPR Article 28.
| Provider | Role | Data Processed | Privacy Policy |
|---|---|---|---|
| Sender.net | Email delivery and marketing automation | Email addresses of newsletter and waitlist subscribers | sender.net/privacy-policy |
| Hetzner Online GmbH | Infrastructure and server hosting | IP addresses (processed in memory for rate limiting; not persisted) | hetzner.com/legal/privacy-policy |
We have entered into, or are in the process of entering into, a Data Processing Agreement with Sender.net as required by GDPR Article 28.
Data Retention
We retain personal data only for as long as necessary for the stated purpose or as required by law. The following table summarises retention periods by data type.
| Data Type | Retention Period | After Retention |
|---|---|---|
| Email addresses (newsletter/waitlist) | Until you unsubscribe, plus 30 days for deletion to process | Deleted from Sender.net systems |
| IP addresses (server rate limiting) | In memory only; cleared on server restart or automatic expiry (minutes) | Not applicable (never persisted to disk) |
| CSRF security cookie | 30 days (browser-managed expiry) | Automatically expired by browser |
| Monitoring configuration and data (future) | Duration of active subscription, plus 30 days after cancellation | Permanently deleted |
| Incident history (future) | 12 months from the date of each incident | Permanently deleted |
International Data Transfers
Sender.net may process email subscriber data outside the European Economic Area (EEA). Where such transfers occur, they are protected by Standard Contractual Clauses or equivalent safeguards as permitted under GDPR Chapter V.
We do not knowingly transfer personal data to countries outside the EEA without ensuring appropriate protections are in place.
Your Rights
Under GDPR, you have the following rights in relation to your personal data:
- Right of access: You have the right to request a copy of the personal data we hold about you, along with information about how we process it.
- Right to rectification: You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
- Right to erasure (right to be forgotten): You have the right to request deletion of your personal data where there is no compelling reason for us to continue processing it.
- Right to restrict processing: You have the right to request that we limit how we use your personal data in certain circumstances.
- Right to data portability: Where processing is based on consent or contract, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
- Right to object: You have the right to object to processing of your personal data where we rely on legitimate interest as the legal basis.
- Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please contact us at privacy@statusfox.app. We will respond to your request within 30 days.
Contact and Complaints
For any questions or concerns about how we handle your personal data, please contact our privacy team at: privacy@statusfox.app
If you are not satisfied with our response or believe we are processing your personal data in violation of the GDPR, you have the right to lodge a complaint with the relevant supervisory authority.
The supervisory authority in the Czech Republic is the Office for Personal Data Protection (Úřad pro ochranu osobních dat, UOOU):
- Address: Pplk. Sochora 27, 170 00 Prague 7, Czech Republic
- Website: www.uoou.cz
You may also contact the supervisory authority in your country of residence within the European Union.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law.
When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Continued use of statusfox.app or the StatusFox monitoring service after any changes to this policy constitutes your acceptance of the updated terms.