Privacy Policy

Effective Date: 23.04.2026

1. Introduction

This Privacy Policy explains how System Stats ("we," "us," or "our") collects, stores, uses, and shares user data in connection with our web application and monitoring agents (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

The Service is operated by Szerhij Mitrovcij, with registered address at ul. Instalatorów 7/33, 02-237 Warszawa, Poland, acting as the data controller for personal data processed through the Service.

2. Data We Collect

2.1 Account data

When you register and use your account, we collect:

  • Email address (required for authentication and account recovery).
  • Password (stored as a one-way cryptographic hash; we never see your plaintext password).
  • Account activity (login timestamps, IP address and approximate location, basic audit events).

2.2 Billing data (paid plans only)

When you subscribe to a paid plan, the following billing information is collected - primarily by our payment processor, Paddle (see Section 4), and synced back to us for account administration:

  • First and last name.
  • Company name and tax identifier (VAT / tax ID), when you provide them at checkout.
  • Billing address (country, state / region, city, address lines, postal code).
  • Paddle customer ID and subscription ID.
  • Invoice metadata (plan, amount, currency, billing cycle, transaction status).

We do not receive or store full payment card numbers. Card details are entered directly into Paddle's checkout and handled solely by Paddle.

2.3 Device and system data (via the monitoring agent)

The local daemon you install on a device transmits monitoring data to our servers, which may include:

  • System performance metrics (CPU, memory, disk, temperature, processes, etc.).
  • Network information (IP address, connection status, interface statistics).
  • Container information (container names, images, resource usage, container logs for Pro and Team plans).
  • Device identifiers chosen or generated during agent setup (hostname, agent ID).

2.4 Website data

Our public websites may use cookies and similar technologies for session management, security, and basic analytics. Where required by law, you will be asked to consent to non-essential cookies.

3. How We Use Your Data

We process your data for the following purposes:

  • Providing the Service. Displaying system statistics, delivering alerts, and making the product work.
  • Account management. Authentication, communication about your account, and support.
  • Billing and taxation. Processing payments via Paddle, issuing invoices, handling refunds, complying with tax and accounting obligations.
  • Service improvement. Troubleshooting, debugging, and improving performance and functionality.
  • Security. Detecting and preventing fraud, abuse, and unauthorized access.
  • Legal compliance. Meeting obligations under applicable law.

We do not sell your personal data, and we do not share it with third parties for their own marketing purposes.

4. Third Parties and Sub-processors

To operate the Service, we rely on a limited number of third-party processors. Each receives only the data required to perform its function and is bound by contractual confidentiality and data protection obligations.

  • Paddle.com Market Ltd ("Paddle") - Merchant of Record and payment processor for paid plans. Paddle processes your payment method, billing address, tax identifier, and transaction history. See Paddle's Privacy Policy.
  • Email delivery provider - sends transactional emails (account verification, password reset, billing notifications, alerts).
  • Alerting integrations (Pro and Team). If you enable an integration such as Slack (or, for Team, additional channels), alert content is transmitted to that service at your direction. You are responsible for the configuration of those destinations.
  • Hosting and infrastructure providers - host our servers and store operational data.

A current list of sub-processors is available on request by writing to contact@system-stats.com.

5. Legal Basis for Processing (EEA / UK users)

Where GDPR or UK GDPR applies, we rely on the following legal bases:

  • Performance of a contract - to create and maintain your account, deliver the Service, and process payments.
  • Legal obligation - to retain billing and tax records as required by law.
  • Legitimate interests - for security, fraud prevention, troubleshooting, and improving the Service, balanced against your rights and interests.
  • Consent - for non-essential cookies and optional communications, where required.

6. Data Storage, Security, and Location

Your data is stored on our servers, hosted with reputable infrastructure providers, and protected with industry-standard security measures, including encryption in transit. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Some of our processors (including Paddle and certain infrastructure providers) may process data outside your country of residence. Where data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.

7. Data Retention

We retain different categories of data for different periods:

  • Operational monitoring data (metrics, logs) is retained according to the retention of the plan associated with your account - currently 14 days for Free, 1 year for Pro, and a custom period for Team. When the retention window passes, older data is deleted automatically.
  • Account data is retained while your account is active and for a short administrative period afterwards.
  • Billing and tax records (invoices, transaction history) are retained for the period required by applicable tax and accounting law (typically up to 10 years), even after your account is deleted. These records are held by us and/or by Paddle.
  • Support communications are retained for as long as necessary to provide support and maintain a history of the interaction.

8. User Data Deletion

  • You can delete data collected from your devices from within the web application. When you remove a device from System Stats, all monitoring data associated with that device is permanently deleted and cannot be restored.
  • If you delete your account, all stored operational data (monitoring data, account profile, integrations) is permanently erased.
  • Billing and tax records required by law are retained as described in Section 7.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
  • Restrict or object to certain processing.
  • Receive a copy of your data in a portable format.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at contact@system-stats.com. We may need to verify your identity before acting on a request.

10. Children

The Service is not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes (such as modifying how we collect, use, store, or share your data), we will notify users through:

  • A notice on our website or in the web application.
  • An email notification (where applicable).

The latest version of this Privacy Policy will always be available on this page.

12. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at contact@system-stats.com.