Privacy Policy
Last Updated: May 9, 2026
Effective Date: May 9, 2026
Global Privacy Standards
This Privacy Policy is designed to comply with major global privacy regulations including the General Data Protection Regulation (GDPR: European Union), the California Consumer Privacy Act (CCPA: United States), Brazil's Lei Geral de Proteção de Dados (LGPD), India's Digital Personal Data Protection Act 2023 (DPDPA), and other applicable data protection laws worldwide.
1. Who We Are
Pingzo ("we," "us," or "our") is a software-as-a-service platform operated by Aurexis Technologies Private Limited. Pingzo provides API and website monitoring services, including uptime alerts, status pages, and performance tracking, accessible at pingzoapp.com.
For the purposes of applicable data protection law, Pingzo acts as the Data Controller for personal data collected through the Pingzo platform.
| Service Name | Pingzo |
| Website | pingzoapp.com |
| Operated by | Aurexis Technologies Private Limited |
| Privacy Contact | admin@pingzoapp.com |
| Data Controller | Aurexis Technologies Private Limited |
2. What Data We Collect
We only collect data that is necessary to provide and improve the Pingzo service. We do not sell your personal data to third parties under any circumstances.
2.1 Account Data
When you create a Pingzo account, we collect:
- Full name: as provided by your Google account
- Email address: used for account identification and alert delivery
- Profile photo: from your Google account (display only)
- Google account identifier (UID): for secure authentication
- Account creation date and last login timestamp
2.2 Profile Data (Optional)
Data you optionally provide in your account settings:
- Company or business name
- Phone number: for future SMS or WhatsApp alert delivery
- Timezone preference: for localising alert timestamps
- Notification preferences: your chosen alert settings
2.3 Monitoring Configuration Data
Data you provide to configure your monitoring:
- URL endpoints you add for monitoring (e.g. https://yourapi.com/health)
- Monitor names and descriptions
- Check interval settings
- Alert channel configurations (email address, WhatsApp number, webhook URL)
- Maintenance window schedules
Important: Security of Your URLs
All URL endpoints and any associated authentication headers you provide are encrypted at rest using AES-256 encryption. We never log full URL strings in plaintext. Your API credentials embedded in monitored URLs are treated as secrets.
2.4 Monitoring Performance Data
Data generated automatically when we monitor your endpoints:
- HTTP response status codes (e.g. 200, 500, 404)
- Response time in milliseconds
- Check timestamps
- Error messages when a check fails
- SSL certificate details (expiry date, issuer) for HTTPS endpoints
- Uptime percentage calculations
2.5 Incident Data
When an outage is detected:
- Incident start and end timestamps
- Total downtime duration
- Whether the incident was manually resolved
- Alert delivery logs (when alerts were sent and to which channels)
2.6 Payment Data
When you subscribe to a paid plan:
- Subscription plan name and billing interval
- Payment gateway used (Razorpay for India, Lemon Squeezy for international)
- Transaction ID and payment status
- Currency and amount paid
We do NOT store credit card numbers, CVV codes, bank account details, or UPI credentials. All payment processing is handled directly by Razorpay (India) or Lemon Squeezy (global), both of which are PCI-DSS Level 1 certified.
2.7 Technical and Usage Data
Automatically collected when you use Pingzo:
- IP address (used for country detection and security logging)
- Browser type and version
- Device type (desktop or mobile)
- Pages visited within Pingzo and time spent
- Referring website or source
- Error logs for debugging and service improvement
2.8 Data We Do NOT Collect
Pingzo never collects:
- The content of your API responses or website pages
- Passwords (we use Google OAuth: no passwords stored)
- Financial account numbers or card details
- Government-issued identification numbers
- Biometric data
- Data from children under 16 years of age
3. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Provide the monitoring service | URLs, check results, incidents | Contract performance |
| Send uptime/downtime alerts | Email, phone, webhook config | Contract performance |
| User authentication and security | Google UID, email, IP address | Contract performance |
| Process subscription payments | Plan, payment gateway data | Contract performance |
| Display your status page publicly | Monitor names, uptime data | Contract performance |
| Enforce plan limits and quotas | User plan, monitor count | Contract performance |
| Improve and debug the service | Usage data, error logs | Legitimate interest |
| Detect and prevent fraud or abuse | IP address, usage patterns | Legitimate interest |
| Send product update emails | Email address | Legitimate interest / Consent |
| Comply with legal obligations | Any data required by law | Legal obligation |
| Respond to support enquiries | Email, account details | Legitimate interest |
We do not use your data for advertising purposes. Pingzo is completely ad-free and we do not allow third-party advertisers access to your data.
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions requiring a legal basis for data processing, we process your personal data under the following bases:
4.1 Contract Performance
The majority of our data processing is necessary to fulfil our contract with you, specifically to provide the monitoring, alerting, and status page services you signed up for. Without this processing, we cannot provide the service.
4.2 Legitimate Interest
We process certain data based on our legitimate business interests, including improving the service, detecting security threats, and preventing abuse. We have assessed that these interests do not override your fundamental rights and freedoms.
4.3 Legal Obligation
We may process and retain data when required to do so by applicable law, including tax and financial regulations, court orders, or regulatory requirements.
4.4 Consent
For optional communications such as product update newsletters, we rely on your consent. You can withdraw consent at any time through your notification preferences in Settings or by contacting admin@pingzoapp.com.
5. Third-Party Services & Data Sharing
We use a carefully selected set of trusted third-party providers to operate Pingzo. Each provider is subject to a Data Processing Agreement and is only permitted to process your data as instructed by us.
| Provider | Purpose | Location |
|---|---|---|
| Firebase (Google) | Auth and session management | Global |
| Neon | Database hosting | Global (AWS) |
| Vercel | App hosting and CDN | Global |
| Razorpay | Payments (India) | India |
| Lemon Squeezy | Payments (Global) | United States |
| Twilio | WhatsApp and SMS alerts | United States |
| Resend | Email delivery | United States |
| Upstash | Job queue and caching | Global |
| Cloudflare | Widget CDN | Global |
We Never Sell Your Data
Pingzo does not sell, rent, lease, or trade your personal data to any third party for marketing, advertising, or commercial purposes. This applies to all users globally, regardless of jurisdiction.
6. Data Retention
We retain your data only for as long as necessary to provide the service and comply with our legal obligations. The following retention schedule applies:
| Data Type | Retention Window |
|---|---|
| Monitor check results | 7 - 365 days (by plan) |
| Incident records | 7 - 365 days (by plan) |
| Account data | While account is active |
| Payment records | 7 years (legal obligation) |
7. Your Rights
Depending on your location, you have specific rights regarding your personal data. We honour these rights regardless of where you are based.
Access
Request a copy of all data we hold about you.
Rectification
Correct inaccurate or incomplete data.
Erasure
Request deletion of your data.
Portability
Receive your data in a machine-readable format.
Object
Object to processing based on legitimate interest.
Withdraw
Withdraw consent for optional communications.
To exercise any of these rights, please email admin@pingzoapp.com. We will acknowledge your request within 3 business days and fulfil it within 30 days.
8. Cookies & Tracking
Pingzo uses a minimal set of cookies: strictly what is necessary to operate the service. We do NOT use third-party advertising cookies, cross-site tracking, or analytics pixels.
- Firebase Auth:Keeps you logged in between sessions.
- Zustand:Stores your UI preferences and local state.
9. International Data Transfers
Pingzo operates globally and your data may be transferred to countries other than your own. We ensure these transfers are protected by Standard Contractual Clauses (SCCs) and other approved safeguards.
10. Data Security
We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 in transit, and regular security audits. Access to production data is strictly limited to authorised personnel.
11. Children's Privacy
Pingzo is intended for adults and businesses. We do not knowingly collect data from children under 16. If we discover such data, we will delete it immediately.
12. The Pingzo Embed Widget
If you use our widget, visitors to your site will make requests to our CDN. We log visitor IP addresses temporarily for security and rate limiting but do not track individuals across websites.
13. Public Status Pages
Status pages are publicly accessible by default. You can make them private at any time in your dashboard settings. Subscriber emails are used only for status notifications.
14. Changes to This Policy
We may update this policy periodically. Significant changes will be notified via email 30 days in advance. Continued use after changes constitutes acceptance.
15. Contact Us
Aurexis Technologies Pvt Ltd
Email: admin@pingzoapp.com