🚀 SecureCheap is live — Start free →
Architecture & Security
Data & Privacy

Data & Privacy

What we collect

Server metrics (if you install the agent)

DataPurposeRetention
CPU, RAM, disk, network metricsMonitoring and alerting90 days (Pro)
Process list (name, PID, CPU%, RAM%)AI diagnostics72 hours
System info (OS, kernel, hostname)Resource inventoryDuration of account
Public IP addressAsset mappingDuration of account

We never collect:

  • File contents
  • Database contents
  • Application logs
  • Network payload data (only throughput stats)
  • Credentials or secrets

HTTP monitors

DataPurposeRetention
URL being monitoredCheck targetDuration of account
HTTP status codeUptime tracking90 days
Response timePerformance tracking90 days
Response body (for keyword checks)Keyword matchingNot stored — evaluated in memory only
SSL certificate metadataSSL grading90 days

Account data

  • Email address — account identification, notifications
  • Payment information — handled by Stripe, never stored on SecureCheap servers
  • API credentials for integrations — encrypted with AES-256 at rest

Where data is stored

ComponentProviderLocation
Primary databaseSelf-hosted PostgreSQLGermany (EU-Central)
Time-series metricsSelf-hosted TimescaleDBGermany (EU-Central)
Object storage (reports)Hetzner Storage BoxGermany (EU-Central)
Payment processingStripePCI DSS Level 1

All data is stored in the EU. No data is transferred to US-based third parties without explicit consent.

GDPR compliance

SecureCheap is operated by a company registered in the EU. Under GDPR, you have the right to:

  • Access — Request a copy of all data we hold about you
  • Rectification — Correct inaccurate personal data
  • Erasure — Request deletion of your account and all associated data
  • Portability — Export your data in machine-readable format (JSON)
  • Restriction — Restrict processing of your data

To exercise these rights, email [email protected].

Data deletion requests are processed within 30 days. All backups are purged within 90 days.