← Watchby TinyKomainu

Privacy Policy

Last updated: April 29, 2026

Short version:We collect your email and which APIs you're watching. We don't sell your data. We don't track you beyond what's needed to run the service.

1. What we collect

Account data: Your email address, collected when you sign up via Google OAuth or email magic link.

Service data:Which APIs you're watching, which notification channels you've configured, and your billing plan.

Usage data:Basic feature events (e.g., "API added") for debugging and improving the service. We don't build behavioral profiles.

We don't collect:Payment card details (Stripe handles those and we never see them), location data, device fingerprints, or anything we wouldn't want collected from us.

2. How we use it

  • To deliver the service: poll API status pages, send notifications
  • To send billing emails: invoices, subscription changes, payment failures
  • To debug issues and improve reliability
  • To contact you about material changes to these policies

We don't use your data for advertising. We don't sell it to anyone. We don't share it except with the vendors listed below.

3. Third-party services we use

We rely on a small number of trusted vendors to run the service. Each processes your data only as needed to provide their service.

SupabaseDatabase and authentication

Stores your account data, API selections, and notification settings.

Privacy policy →
StripePayment processing

Handles all payments. We never see your card number — Stripe manages that entirely.

Privacy policy →
ResendTransactional email

Delivers incident notifications and billing emails to your address.

Privacy policy →
VercelHosting

Hosts the web application. May log IP addresses for security and performance.

Privacy policy →

4. Cookies

We use one cookie: a Supabase session cookie that keeps you logged in. It's set when you sign in and cleared when you sign out.

No analytics cookies. No advertising cookies. No third-party tracking pixels. No Google Analytics. No Facebook Pixel.

5. Data retention

We keep your data for as long as your account is active. If you delete your account, we delete your data within 30 days.

Exception: Stripe may retain billing records for up to 7 years to comply with payment regulations. We don't control this — it's a legal requirement on their end.

6. Your rights

You can:

  • Export your data— email us at mk@natrium.co.jp and we'll send you everything we have within 72 hours.
  • Delete your account— email us at mk@natrium.co.jp. We'll confirm and process within 7 days.
  • Opt out of non-essential emails — Settings → Notifications in the app.

If you're in the EU or UK, you also have rights under GDPR / UK GDPR: access, rectification, erasure, portability, and the right to object to processing. Email us to exercise them. We'll respond within 30 days.

7. Security

Data is stored on Supabase, which encrypts data at rest and in transit. Access to production data is restricted to the minimum necessary.

No system is perfectly secure. If you discover a security issue, please email mk@natrium.co.jp and we'll respond promptly.

8. Changes to this policy

We'll email you and post a notice in the app before making material changes. We won't sneak in changes that weaken your privacy without telling you.