AtomPing
LoginStart Free

Privacy Policy

We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your data.

Last Updated: January 15, 2025

1. What This Policy Covers

This Privacy Policy explains how Atomix Apps, LLC ("AtomPing", "we", "us", "our") collects, uses, shares, and protects your personal information when you use our uptime monitoring services.

By using AtomPing, you consent to the data practices described in this policy. If you do not agree, please discontinue use of our services.

For EU/EEA users, this policy complies with GDPR (General Data Protection Regulation). See our GDPR Compliance page for detailed rights and procedures.

2. Information We Collect

We collect the following types of information:

1. Account Information

  • Email address (required for authentication and notifications)
  • Username and password (encrypted)
  • Account creation date and last login timestamp
  • Subscription plan type (Free, Pro, Business)

2. Payment Information

  • Payment processing is handled exclusively by Stripe, our PCI-DSS compliant payment processor
  • We do NOT store credit card numbers, CVV codes, or banking details on our servers
  • We receive from Stripe: payment status, billing email, last 4 digits of card, and transaction IDs
  • Stripe's privacy policy: https://stripe.com/privacy

3. Monitoring Data

  • Target URLs/IPs you configure for monitoring
  • Check results: HTTP response codes, response times, SSL certificate details, DNS records
  • Incident history: downtime events, recovery timestamps, affected regions
  • Alert configurations: email/Slack/webhook destinations
  • Note: We do NOT inspect or log the content of your monitored pages beyond configured keyword checks. Sensitive headers (e.g., Authorization) are encrypted at rest.

4. Usage Analytics

  • IP address and user agent (for rate limiting and security)
  • Page views, feature usage, dashboard interactions
  • Browser type, operating system, screen resolution
  • Performance metrics: API response times, error rates (aggregated for service improvement)
  • Google Analytics: We use Google Analytics on public marketing pages only (landing, features, tools, legal) to understand visitor behavior. Your IP address is anonymized for privacy. Dashboard and admin pages are NOT tracked. Google's privacy policy: https://policies.google.com/privacy

5. Cookies & Tracking

  • Essential cookies: Session cookies for authentication (required for service functionality)
  • Preference cookies: Theme, language, dashboard settings
  • Analytics cookies: Google Analytics cookies (_ga, _gid, _gat) set only on public pages after explicit consent. These cookies track anonymous usage statistics. You can opt-out via our cookie consent banner.
  • See our Cookie Policy for detailed information

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery

  • Execute uptime checks, performance monitoring, and incident detection
  • Send downtime alerts via email, Slack, webhooks, or Telegram
  • Generate status pages, reports, and performance charts
  • Provide customer support and troubleshooting assistance

Billing & Account Management

  • Process subscription payments via Stripe
  • Send billing invoices and payment receipts
  • Enforce plan limits (check frequency, monitor count, retention period)
  • Handle subscription upgrades, downgrades, and cancellations

Service Improvement

  • Analyze usage patterns to optimize performance and reliability
  • Identify bugs, errors, and infrastructure bottlenecks
  • Develop new features based on user needs
  • Conduct A/B testing for UI/UX improvements (anonymized data)

Security & Compliance

  • Prevent fraud, abuse, and unauthorized access
  • Enforce rate limiting and Terms of Service violations
  • Comply with legal obligations (GDPR, CCPA, law enforcement requests)
  • Detect and mitigate DDoS attacks or malicious activity

Communications

  • Service announcements (maintenance, outages, new features)
  • Security alerts (unauthorized login attempts, password resets)
  • Marketing emails (product updates, tips) – opt-out available

4. Data Sharing & Third Parties

We do NOT sell your personal data to third parties. We share data only in the following limited circumstances:

Service Providers

  • Stripe: Payment processing (PCI-DSS compliant)
  • Cloud Infrastructure: AWS/GCP/Azure for hosting (data encrypted at rest and in transit)
  • Email Delivery: Transactional email service for alerts and notifications
  • All providers are contractually bound to protect your data (DPA agreements in place)

Legal Requirements

  • Compliance with court orders, subpoenas, or legal processes
  • Protection of our rights, property, or safety
  • Investigation of fraud or Terms of Service violations

Business Transfers

  • In the event of a merger, acquisition, or asset sale, your data may be transferred to the new entity (you will be notified via email)

User-Directed Sharing

  • Public status pages (you control what monitoring data is publicly visible)
  • Webhook integrations (data sent to endpoints you configure)
  • Team members you invite to your account

5. Data Security Measures

We implement industry-standard security practices to protect your data:

Encryption

  • TLS 1.3 for all data in transit (HTTPS enforced)
  • AES-256 encryption for sensitive data at rest (passwords, API keys, auth tokens)
  • Database encryption for backup storage

Access Controls

  • Role-based access control (RBAC) for internal systems
  • Multi-factor authentication (MFA) available for user accounts
  • Principle of least privilege for employee access
  • Regular access audits and permission reviews

Infrastructure Security

  • Regular security patches and vulnerability scanning
  • DDoS protection and rate limiting
  • Intrusion detection and monitoring systems
  • Isolated environments for production vs. development

Incident Response

  • Security breach notification within 72 hours (GDPR requirement)
  • Dedicated incident response team
  • Report vulnerabilities to: support@atomping.com

For detailed security practices, see our Security Page.

6. GDPR Rights (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights under GDPR:

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Delete your account and associated data
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Export your data in machine-readable format (JSON/CSV)
  • Right to Object: Opt-out of marketing communications or analytics
  • Right to Withdraw Consent: Revoke previously given consent anytime
  • Right to Lodge a Complaint: Contact your local data protection authority

To exercise your rights, email support@atomping.com with subject "GDPR Request". We will respond within 30 days.

See our GDPR Compliance page for detailed information on legal basis, data processing agreements, and EU representative contact.

7. Data Retention

We retain your data for the following periods:

Active Accounts

  • Account data: Retained while account is active
  • Monitoring data: Varies by plan (Free: 30 days, Pro: 90 days, Business: 1 year)
  • Incident history: Retained for compliance and historical reporting

Deleted Accounts

  • Account data: Deleted within 30 days of account deletion
  • Backup retention: Up to 30 days for disaster recovery purposes
  • Legal/financial records: Retained for 7 years (IRS and Delaware law requirements for tax records)

Marketing Data

  • Unsubscribed emails: Retained indefinitely to honor opt-out preferences

Automated Deletion

  • Free accounts inactive for 180 days may be automatically deleted (with 30-day notice)
  • Expired monitoring data is automatically purged based on your plan's retention period

8. Cookies & Tracking Technologies

We use cookies and similar technologies to provide and improve our service:

Essential Cookies (Required)

  • Session authentication tokens (JWT)
  • CSRF protection tokens
  • Load balancing and routing

Preference Cookies

  • UI theme (light/dark mode)
  • Language selection
  • Dashboard layout preferences

Analytics Cookies

  • Anonymized usage metrics
  • Performance monitoring
  • Feature adoption tracking

You can disable non-essential cookies via your browser settings. Note that disabling cookies may limit service functionality.

For detailed information, see our Cookie Policy.

9. Children's Privacy

AtomPing is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@atomping.com and we will delete the information immediately.

10. International Data Transfers

AtomPing is operated from the United States. If you are accessing our service from outside the US, your data may be transferred to and processed in the United States or other countries where our infrastructure is located.

EU-US Data Transfers

  • We comply with GDPR requirements for international data transfers via Standard Contractual Clauses (SCCs)
  • EU data is processed in GDPR-compliant data centers with appropriate safeguards
  • You have the right to request details about data transfer mechanisms

Multi-Region Monitoring

  • Our monitoring agents operate in 25+ global regions to perform checks from locations closest to your users
  • Check results are transmitted back to our control plane infrastructure using encrypted channels
  • You can restrict monitoring to specific regions via your target configuration

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of personal information collected in the past 12 months
  • Right to Delete: Request deletion of your personal information (with legal exceptions)
  • Right to Opt-Out: Opt-out of sale of personal information (Note: We do NOT sell personal information)
  • Right to Non-Discrimination: Exercise CCPA rights without discriminatory treatment

To exercise your CCPA rights, email support@atomping.com with subject "CCPA Request". We will verify your identity and respond within 45 days.

12. Policy Changes & Updates

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service features.

Notification Process:

  • Minor updates: Posted on this page with updated "Last Modified" date
  • Material changes: Email notification to all users 30 days before changes take effect
  • Continued use after notification constitutes acceptance of updated policy

Version History:

  • You can request previous versions of this policy by emailing support@atomping.com

13. Contact Information

For privacy-related questions, requests, or concerns, please contact us:

  • Company: Atomix Apps, LLC
  • Jurisdiction: Delaware, United States
  • Email: support@atomping.com
  • Website: https://atomping.com
  • GDPR Requests: Subject line "GDPR Request"
  • CCPA Requests: Subject line "CCPA Request"
  • Security Vulnerabilities: Subject line "Security Report"

Response Time: We aim to respond to privacy requests within 30 days (GDPR) or 45 days (CCPA).

Questions?

If you have any questions about this document, please contact us.

support@atomping.com

We use cookies

We use Google Analytics to understand how visitors interact with our website. Your IP address is anonymized for privacy. By clicking "Accept", you consent to our use of cookies for analytics purposes.

Privacy PolicyCookie Policy