We care deeply about your privacy and have built our platform from the ground up with privacy-first principles.
Designed around GDPR, CCPA, and PECR privacy principles.
This page is a human-readable summary of how we handle privacy. For the full legal version, see our Privacy Policy.
We avoid storing raw IP addresses in our application database and logs.
IP addresses are hashed using SHA256 (a one-way cryptographic hash function) before being stored. This means:
When you access our service:
a3c5f...) is stored in our databaseWhen you close your account, we don't just mark it as "deleted" and forget about it. We have automated systems that ensure your data is completely purged:
All your account data (status pages, monitors, incidents, settings) is automatically and permanently deleted 60 days after account closure.
Security audit logs containing hashed IP addresses are automatically deleted 90 days after account closure.
Only billing transaction records (transaction IDs, amounts, dates) as required by tax and accounting laws. These contain no personal tracking data.
We avoid cross-site tracking and identification technologies.
No Google Analytics
No Facebook Pixel
No Ad Networks
We host fonts on our own servers - no connection to Google Fonts or other third-party font services.
We avoid technologies that follow you across different sites and do not build cross-site profiles based on your browsing.
We disable cohort-based tracking features such as Google FLoC via the Permissions-Policy header.
We use Plausible Analytics - a lightweight, open-source, privacy-first alternative to Google Analytics.
We believe in transparency. View our public analytics at:
Following GDPR's principle of data minimization, we collect the bare minimum:
Exercise your GDPR right to data portability. You can download a complete copy of all your data at any time from your account settings.
Data is exported as a ZIP archive containing structured JSON/JSONL files that you can import into other systems.
Your credit card information never touches our servers.
All payments are handled by our payment processor, DodoPayments, which acts as the Merchant of Record. Your card data:
We only store: Transaction ID, timestamp, and amount (for billing records and tax compliance).
We use TLS for data in transit and strong encryption (such as AES-256) for data at rest, similar to what banks and major cloud providers use.
All data transmitted to/from our servers is encrypted using TLS (Transport Layer Security).
Data stored in our database is encrypted at rest using industry-standard AES-256 encryption.
Your password is hashed using bcrypt (a one-way encryption algorithm). We cannot recover your password - if you forget it, you'll need to reset it.
Access to your data is restricted to authorized personnel only and logged for security auditing.
We don't use advertising or ad-revenue services. Any links to partner services are simple hyperlinks with no tracking.
Social media sharing buttons on our blog are hard-coded links - no 3rd-party scripts or tracking pixels.
We use Sapat.chat for live chat support - a privacy-first, GDPR-compliant chat service that only uses essential cookies for functionality. Live chat is opt-in only and not enabled by default. Learn more in Sapat.chat's Privacy Policy.
We operate from Serbia π·πΈ. Our main server is located in Germany π©πͺ (European Union). All customer data is stored and processed within the European Economic Area (EEA) on EU-owned infrastructure.
If you have questions about privacy or want to exercise your data rights (such as access or deletion), contact us at hey@statuspage.me.
StatusPage.me is operated by Nikola StojkoviΔ PR BorΔa, a small team based in Serbia, with servers hosted in the EU (Germany).
For complete details about data processing, your rights, and legal information, please read our full Privacy Policy. For details on how the service is used, please refer to our Terms of Service.
We're happy to answer any questions you have about how we protect your data.
Contact Us