DDDownDetector Monitor

Data Compliance

Last updated: February 25, 2026

Overview

downdetectordowndetectordowndetector.com is owned and operated by Hasher Technologies LLC and is committed to protecting your privacy and complying with applicable data protection regulations. This page outlines our compliance with major data protection frameworks.

This website and all features offered through it are products/services of Hasher Technologies LLC. We do not operate under any DBA names for this service.

GDPR Compliance

For users in the European Economic Area (EEA), our practices are designed to align with key General Data Protection Regulation (GDPR) requirements where applicable:

  • Lawful bases: legitimate interests (service operations/security), performance of a contract (account and billing features), and consent where applicable
  • Data minimization: we collect only data needed to provide and protect the service
  • Access and correction: you may request access to and correction of your personal data
  • Erasure: you may request deletion, subject to legal/operational exceptions
  • Objection/restriction: you may object to or request restriction of certain processing where applicable

CCPA/CPRA Compliance

For California residents, our practices are designed to align with the California Consumer Privacy Act as amended by CPRA:

  • Right to know/access: you may request disclosure of personal information categories and sources
  • Right to delete: you may request deletion of personal information, subject to exceptions
  • Right to correct: you may request correction of inaccurate personal information
  • Right to opt out of sale/share: we do not sell personal information or share it for cross-context behavioral advertising
  • Non-discrimination: We will not discriminate against you for exercising your rights

We do not sell your personal information. This site has no advertising and does not participate in data broker networks.

Data Processing

Categories of data processed:

  • Server logs (IP addresses, browser information, timestamps)
  • Contact form submissions (name, email, message content)
  • Account data (email address, password hash, verification state)
  • Authentication data (an httpOnly cookie used to refresh sessions)
  • Account preferences (for example, whether incident email alerts are enabled)
  • Billing metadata (Stripe customer/subscription identifiers, selected plan, subscription status)
  • Webhook processing metadata (event IDs, payload hashes, processing status, and related Stripe IDs)
  • Administrative/audit data for privileged actions (actor email, request ID, and IP where available)
  • Operational monitoring history (status snapshots and incident records about our checks of downdetector.com)

Purposes of processing:

  • Providing and maintaining the service
  • Responding to inquiries
  • Providing login and account-related features
  • Managing subscriptions and billing workflows
  • Sending operational incident notifications to users who explicitly opt in
  • Security and abuse prevention

Data Transfers

This site is hosted on infrastructure that may transfer data internationally. Where personal data crosses borders, we rely on provider safeguards made available for those services (for example, contractual protections published by providers).

Data Retention

  • Server logs: retained for a limited period for operational and security purposes
  • Account records: retained until you request deletion
  • Email verification tokens: expire automatically after 24 hours
  • Password reset tokens: expire automatically after 1 hour
  • Status snapshots: retained for up to 90 days (tier-dependent API access window with automatic expiry). Incident records: may be retained longer for transparency/history.
  • Contact form messages: delivered by email; not stored in a database (email retention depends on provider policies)
  • Billing/customer/subscription and webhook-event metadata: retained for operational, accounting, fraud-prevention, and legal-compliance purposes
  • Administrative audit entries: retained for security, abuse prevention, and accountability

Exercising Your Rights

To exercise any of your data protection rights, please use our contact form or email contact@downdetectordowndetectordowndetector.com. We respond to verified requests within timelines required by applicable law.

Given the minimal data we collect, most requests can be fulfilled quickly.

This page provides operational information about our current practices and is not legal advice.

Updates

This compliance information may be updated to reflect changes in law or our practices. Check this page periodically for updates.