Privacy Policy
Last updated: 2026-06-26
This policy describes how Diffspark processes personal data when you use our website monitoring service. The service operator is a Polish sole proprietorship (JDG); international card payments are processed by Paddle as Merchant of Record. Fill operator details in LEGAL_* environment variables before going live.
Template text for launch preparation — replace operator details and have a lawyer review before commercial use.
Who we are
The data controller is the legal entity operating Diffspark. Contact: support@diffspark.com.
What we collect
Account data: email address, password hash, language preference.
Service data: monitored URLs, alert settings, change history, API keys.
Payment data: subscription plan and payment status. Card numbers are processed by the payment provider (Stripe / Paddle); we store only tokens required for recurring billing where applicable.
Technical data: IP address, cookies (session, CSRF, language), server logs.
Why we process data
To provide the monitoring service and send alerts you configure.
To bill subscriptions and comply with accounting rules.
To secure the platform and prevent abuse.
Your rights
You may request access, correction, or deletion of your personal data, and withdraw consent where processing is consent-based. Contact us at support@diffspark.com. You may also lodge a complaint with your local data protection authority.
Retention
We keep account data while your account is active and for a reasonable period after deletion for backups and legal obligations.