fivenines logo
Log In
Sign up

Privacy Policy

TL;DR

We use your data only to run fivenines.io, support you, and comply with the law. We don't sell your data and share it only with essential service providers or when you ask us to. You can delete your account (and associated data) at any time. Backups and logs are pruned on a schedule.

Questions? Email: privacy@fivenines.io.

Who we are

fivenines.io (the “Service”) is an infrastructure monitoring platform operated from France, with users worldwide. This policy explains what we collect, why, how we use it, and your choices.

Data controller: fivenines.io (France).

For privacy inquiries: privacy@fivenines.io.

What we collect

We collect information only when we have a reason to do so—primarily to provide and improve the Services, to bill you, and to communicate with you. We collect information you provide directly, information we receive automatically when you use the Services, and information from integrations you enable.

Why we use your information (legal bases)

  • Provide, maintain, and improve the Services (GDPR: Art. 6(1)(b) contract).
  • Secure and troubleshoot (detect/prevent abuse, debug issues, and ensure reliability) (GDPR: Art. 6(1)(f) legitimate interests).
  • Billing and account management (invoicing, receipts, tax compliance) (GDPR: Art. 6(1)(b)/(c)).
  • Communications (account notices, incident updates, service changes).
  • We don't send marketing emails without your consent (GDPR: Art. 6(1)(a)).
  • Legal compliance (respond to lawful requests, enforce terms) (GDPR: Art. 6(1)(c)).

What we share and why

We never sell your personal information. We share only as needed to run the Service or when you ask us to:

  • Personnel and contractors. Access strictly limited and logged; bound by confidentiality obligations.
  • Sub‑processors (service providers). For hosting, payments, email delivery, and similar operations. See the current list below. We require appropriate data protection commitments.
  • Legal requests. If required by law or valid legal process, after careful review.
  • Protection of rights. When necessary to protect our rights, users, or the public (e.g., to prevent fraud or abuse).
  • Business transfers. If we are involved in a merger, acquisition, or asset sale, your information may be transferred under this policy’s protections.
  • With your consent/direction. For example, sending alerts to Slack/Telegram you configured.
  • Aggregated/de‑identified data. We may publish or share statistics that do not identify individuals or organizations.

Data retention & deletion

  • Account & configuration data. Kept while your account is active. If you delete your account, we delete associated data from our primary systems promptly.
  • Metrics & events. Retained while your account active. To manage storage, we may downsample high‑resolution metrics over time (e.g., per‑minute → hourly → daily aggregates) while preserving core availability history.
  • Non‑essential logs. Security/diagnostic logs that are not required for operations are typically retained ~30 days.
  • Backups. Encrypted backups are kept for a limited period for disaster recovery and then purged on a rolling schedule.
  • Inactive accounts. We may delete accounts and checks after prolonged inactivity (e.g., 24–36 months) after reasonable notice.
  • You can delete checks, agents, and integrations at any time. You can also request deletion of your account and associated data via privacy@fivenines.io. Some data may persist briefly in backups; when restored, deletion requests are re‑applied.

International data transfers

We operate from the EU and use globally distributed probes. When data is transferred or accessed outside the EEA/UK, we use appropriate safeguards (e.g., Standard Contractual Clauses) and limit access to what’s necessary to provide the Service.

Security

We take security seriously and employ administrative, technical, and physical measures designed to protect your information, including:

  • Encryption in transit; encryption at rest for sensitive secrets.
  • Role‑based access controls and least‑privilege practices.
  • Regular patching and hardening of servers and software.
  • Segregation of production networks and access logging.
  • Backups and disaster‑recovery procedures.
  • Responsible disclosure program for vulnerabilities (contact: security@fivenines.io).
  • No online service is 100% secure, but we work to reduce risk and respond quickly to issues.

Your rights

Depending on your location, you have rights including: access, rectification, erasure, restriction, portability, and objection. You can exercise many of these through your account settings. For other requests, email privacy@fivenines.io. You also have the right to lodge a complaint with your local supervisory authority (e.g., CNIL in France).

California (CCPA/CPRA)

We do not sell or share personal information as those terms are defined by the CCPA/CPRA. You may exercise rights of access, deletion, and correction by contacting us. We do not provide financial incentives for data.

Children’s privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from them.

Sub‑processors (service providers)

We use third‑party providers to run certain parts of the Service. We review them for security and data protection. Current key providers include:

  • Payments: Stripe (cards), NowPayments (cryptocurrency).
  • Email delivery: Sendgrid for sending account and alert emails.
  • Messaging integrations (at your direction): Slack and Telegram used only to deliver alerts to destinations you configure.
  • Infrastructure: Data center and network providers that host our servers and global probes (EU and international). Hetzner
We will update this section as providers change. For advance notice of material changes, we will post updates here and, when required, notify you by email.

Changes to this policy

We may update this policy from time to time. We will post the updated version here and update the “Last updated” date. If changes materially affect your rights, we’ll provide additional notice (e.g., email or in‑app message) and, where required, obtain your consent.

Contact us

Questions, requests, or concerns about privacy? Contact: privacy@fivenines.io.

Changelog

2025-09-06: Initial public draft.

Note: This document is provided for informational purposes and does not constitute legal advice. Consider having counsel review it for compliance with your specific operations and jurisdictions.

fivenines logo
About us Terms of service Privacy policy
Made with ❤️ in Montpellier, France