Legal

Privacy Policy

How we handle your data when you use Fivenines.

Last updated · September 2025

TL;DR

  • We use your data only to run fivenines.io, support you, and comply with the law.
  • We don't sell your data and share it only with essential service providers.
  • You can delete your account and associated data at any time.
  • Questions? Email: privacy@fivenines.io
On this page
Who we are What we collect Why we use your information What we share and why Data retention & deletion Security Your rights Sub-processors Changelog

1 Who we are

fivenines.io (the "Service") is an infrastructure monitoring platform operated from France, with users worldwide. This policy explains what we collect, why, how we use it, and your choices.

Data Controller

fivenines.io (France)

Privacy Inquiries

privacy@fivenines.io

2 What we collect

We collect information only when we have a reason to do so-primarily to provide and improve the Services, to bill you, and to communicate with you. We collect information you provide directly, information we receive automatically when you use the Services, and information from integrations you enable.

3 Why we use your information

  • Provide, maintain, and improve the Services (GDPR: Art. 6(1)(b) contract)
  • Secure and troubleshoot - detect/prevent abuse, debug issues (GDPR: Art. 6(1)(f) legitimate interests)
  • Billing and account management - invoicing, receipts, tax compliance (GDPR: Art. 6(1)(b)/(c))
  • Communications - account notices, incident updates, service changes
  • Legal compliance - respond to lawful requests, enforce terms (GDPR: Art. 6(1)(c))

We don't send marketing emails without your consent (GDPR: Art. 6(1)(a)).

4 What we share and why

We never sell your personal information.

  • Personnel and contractors - Access strictly limited and logged; bound by confidentiality obligations.
  • Sub-processors - For hosting, payments, email delivery. We require appropriate data protection commitments.
  • Legal requests - If required by law or valid legal process, after careful review.
  • With your consent - For example, sending alerts to Slack/Telegram you configured.

5 Data retention & deletion

  • Account data - Kept while your account is active. Deleted promptly when you delete your account.
  • Metrics & events - Retained while your account is active. May be downsampled over time.
  • Logs - Security/diagnostic logs typically retained ~30 days.
  • Backups - Encrypted backups kept for limited period then purged on rolling schedule.
  • Inactive accounts - May be deleted after 24–36 months of inactivity with reasonable notice.

6 Security

We take security seriously and employ administrative, technical, and physical measures:

Encryption in transit and at rest
Role-based access controls
Regular patching and hardening
Network segregation
Encrypted backups
Responsible disclosure program

Security vulnerabilities? Contact: security@fivenines.io

7 Your rights

Depending on your location, you have rights including: access, rectification, erasure, restriction, portability, and objection. You can exercise many of these through your account settings. For other requests, email privacy@fivenines.io. You also have the right to lodge a complaint with your local supervisory authority (e.g., CNIL in France).

8 Sub-processors

We use third-party providers to run certain parts of the Service:

Fivenines sub-processors
Service Provider Purpose
Payments Stripe Card processing
Email Delivery Brevo Transactional emails
Messaging Slack, Telegram Alert delivery
Infrastructure Hetzner EU-based hosting

9 Changelog

2025-09-06

Initial public draft.

Note: This document is provided for informational purposes and does not constitute legal advice.

Questions about privacy?

Contact us at

privacy@fivenines.io

See also our Terms of Service