Privacy statement and cookie policy.
Last updated: October 4, 2025
Please read this Privacy Policy carefully before using this Service.
This Privacy Policy explains how the Company, as the owner of the Website and Service, handles Personal Data and other information relating to visitors and users. It describes what information is collected, how it is used, and what rights You have under applicable data protection laws.
For the purposes of this Policy: Personal Data means information that can be used to identify You as an individual, such as Your name, email address, or payment details (if You choose to provide them when contacting us or using paid features). Usage Data means technical information that is collected automatically when You interact with the Service, such as IP addresses, browser type, device information, request paths, response codes, and timestamps.
For the purposes of data protection law, the Company acts as the data controller for Personal Data collected through the Service. Third-party providers such as Nadles (account and subscription management) and Paddle (payment processing) act as data processors on behalf of the Company, under their own privacy policies and in compliance with applicable data protection laws.
By accessing or using the Service, You agree to the practices described in this Privacy Policy. If You do not agree with this Policy, You should discontinue use of the Service.
This website and its owner take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience.
The Company takes the protection of Your privacy seriously. We apply appropriate technical and organizational measures to safeguard personal data and ensure that Your information is processed securely and in compliance with applicable data protection regulations.
The Website is hosted by a third-party provider, Netlify. When You access the Website, Netlify may temporarily collect Usage Data, which can include Your IP address, browser type, device information, and the date and time of access.
The Company does not have access to these logs (Enterprise features such as log drains are not in use). Netlify retains this Usage Data for less than 30 days for security, performance monitoring, and abuse prevention.
For further details, please refer to Netlify's Privacy Policy. Technical information about traffic log collection and handling is available in Netlify's log drains documentation.
The backend Application is hosted on Fly.io, which may generate Usage Data such as request paths, response status codes, IP addresses, timestamps, and other operational metadata. Log availability and retention are managed by Fly.io and may be searchable for up to ~30 days depending on configuration.
These logs are used solely for operational purposes such as monitoring, troubleshooting, performance optimization, abuse prevention, and security. The Company does not extend these periods and does not process these logs for tracking or marketing.
For more details, please refer to Fly.io's Privacy Policy and logging documentation.
The backend of the API is hosted on servers operated by Hetzner in Germany. No access logs are collected or stored at this level, as all API requests pass through the Nadles API gateway, which handles authentication, usage tracking, and logging. The Company does not maintain or process logs directly on Hetzner servers.
For more details, please refer to Hetzner's Privacy Policy.
When You create an account or subscribe to the API Service through our API gateway (Nadles) and payment processor (Paddle), You may be asked to provide certain Personal Data. This information is necessary to register Your account, process payments, and provide access to the Service.
The Service uses Nadles as an API gateway for account registration, subscription management, and usage tracking. Through Nadles, You may provide identification and contact information, billing information, and subscription-related usage data. This data is required to create and manage Your account and subscriptions.
For details on how Nadles collects, stores, and protects Personal Data, please refer to the Nadles Privacy Policy. Your use of Nadles as part of the Service is also subject to Nadles' terms and policies, and You agree to review and comply with those where applicable.
The Service uses Paddle as its payment processor and Merchant of Record. Paddle handles payment processing, subscription billing, and fraud prevention. Through Paddle, You may provide contact details, billing information, and payment details.
The Company does not receive or store sensitive payment information such as full credit card numbers. All financial data is securely processed by Paddle under PCI-compliant standards. For details on how Paddle collects, stores, and protects Personal Data, please refer to the Paddle Privacy Policy. Your use of Paddle as part of the Service is also subject to Paddle's terms and policies, and You agree to review and comply with those where applicable.
The Company itself only has access to limited Personal Data necessary to provide the Service (e.g., name, email, subscription status, and usage information, as provided via Nadles or Paddle). We do not sell or share this data with third parties for marketing purposes.
The Website may provide feedback forms to share suggestions, bug reports, or questions. To respond by email, You may be asked for Your name and email address. This information is used solely for communication and is not shared or sold to third parties. For retention details, see Data Retention and Deletion.
The Website uses Umami, a privacy-focused and open-source analytics platform, to analyze website usage. Umami does not collect any Personally Identifiable Information (PII), and all data is anonymized. Visitors cannot be identified, are never tracked across websites, and Umami does not use cookies in its tracking code.
Umami is operated as a self-hosted instance. No analytics data is shared with third parties. All data is stored on servers managed by the Company and located in the European Union (Germany).
Collected metrics are aggregated (e.g., page views, device type, referrer, approximate location). Retention periods are described in Data Retention and Deletion.
The Service uses Sentry for real-time error and exception tracking. This allows the Company to monitor, diagnose, and fix technical issues to maintain the stability and reliability of the Service.
Information collected through Sentry may include browser type, operating system, date and time of the error, and related URLs. This information does not include IP addresses or Personally Identifiable Information (PII).
The Company has configured Sentry to be privacy-friendly and GDPR compliant:
Error data is processed solely for operational purposes such as monitoring and troubleshooting. Retention of this data follows the principles described in the Data Retention and Deletion section.
The Company does not sell Personal Data. We only share Personal Data in limited circumstances:
We ensure that third parties receiving Personal Data provide appropriate safeguards to protect it.
The Company retains Personal Data only for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, including account management, payment processing, tax compliance, security, and legal obligations.
Information You provide when creating an account or subscribing via Nadles is retained for the duration of Your active account. If You cancel Your account, Nadles may retain certain records for a limited period as required by law or for billing reconciliation, after which the data will be deleted or anonymized. For further details, please refer to the Nadles Privacy Policy.
Paddle retains transaction records (such as customer name, email, purchase details, and payment method) for the period necessary to comply with financial, tax, and anti-fraud regulations. This retention period is typically at least 6 years under applicable tax law. The Company does not control Paddle’s retention periods and does not store Your full payment details. For further information, please see the Paddle Privacy Policy.
Netlify website traffic logs are retained for less than 30 days. Fly.io application logs may be available for up to ~30 days depending on configuration. These logs are used solely for operations (troubleshooting, monitoring, performance optimization, abuse prevention). The Company does not extend these periods or use these logs for tracking/marketing.
Sentry retains error logs only as long as necessary for debugging purposes, generally no longer than 30 days, after which the data is automatically deleted. The Company does not use this data for analytics, marketing, or profiling.
Aggregated usage data collected via the self-hosted Umami instance is retained for up to 12 months; thereafter it is deleted or anonymized. Aggregated, non-identifiable reports may be kept longer for statistical and service improvement purposes.
Emails, feedback forms, and other support-related communications are retained for as long as necessary to handle the request and up to 2 years for service quality and legal purposes.
If You request deletion of Your account or Personal Data, the Company will remove or anonymize the data within a reasonable period, unless retention is required by law (for example, under Dutch tax regulations). Where deletion is not technically feasible (for example, archived backups), data will be isolated and protected from further processing.
The Company applies appropriate technical and organizational measures to safeguard Personal Data, including encryption, access controls, and data minimization. However, no system can be guaranteed 100% secure. While we strive to protect Your information, we cannot guarantee absolute security against unauthorized access or data breaches.
In the event of a personal data breach, the Company will comply with applicable legal obligations regarding notification to supervisory authorities and, where required, to affected individuals.
The Company processes Personal Data only where a valid legal basis exists under applicable data protection laws, including Article 6 of the GDPR. These bases include:
Personal Data may be transferred outside the European Economic Area (EEA):
No other international transfers of Personal Data are made by the Company outside the EEA, the United Kingdom, or the United States, unless such transfers are required to provide the Service or to comply with legal obligations. In such cases, appropriate safeguards will be applied in accordance with applicable data protection laws.
The Service is not directed at children under 18 years of age. We do not knowingly collect Personal Data from minors. If we become aware that Personal Data has been collected from a minor without parental consent, we will delete such information promptly.
Depending on where You are located, You may have certain rights under data protection laws such as the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
To exercise any of these rights, please contact us at support@httpstatus.io. We may need to verify Your identity before processing Your request. We will respond within the time period required by applicable law.
The Website uses a limited number of functional cookies and local storage objects to ensure proper operation and a user-friendly experience.
A cookie is stored to record that You have accepted the cookie notice. This prevents You from being asked repeatedly on future visits. This cookie does not track or profile You and is only used to remember Your choice.
The Application may store certain preferences in Your browser's local storage, such as default settings for using the Service. These preferences are not shared with the Company and remain only in Your browser. You can reset them at any time by restoring the default settings within the Application.
You can manage or disable cookies through Your browser settings. Please note that if You refuse the functional cookie used for consent, the cookie notice may continue to appear.
The Website and Service may contain links to third-party websites or services that are not operated or controlled by the Company. These third parties may collect information about You in accordance with their own privacy policies and terms of service. The Company is not responsible for the privacy practices, content, or security of such external websites or services.
You access third-party links at Your own risk, and We recommend that You review the privacy policies and terms of any external websites You visit. The Service does not currently display sponsored links or advertising. If this changes in the future, such links or advertisements will be clearly identified, and any data collection by advertising partners will be governed by their own policies.
We may update this Privacy Policy from time to time. Any changes will be posted on this page and indicated by an updated “Last updated” date at the top of the Policy. We encourage You to review this page periodically to stay informed about how we process Personal Data.
If You have any questions about this Privacy Policy or our data practices, or if You wish to exercise Your data protection rights, please contact our Data Subject Contact Point at: