Privacy Policy

1. Data Controller

SiteAwake is the data controller responsible for your personal data. Our contact details are:

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: When you register for an account, we collect your name, email address, and password.
• Billing Information: If you subscribe to a paid plan, we collect payment information through our secure payment processor. We do not store complete credit card numbers on our servers.
• Monitor Configuration: URLs, endpoints, and settings you configure for monitoring.
• Communication: Information you provide when you contact our support team or respond to surveys.

2.2 Information Collected Automatically

When you use our service, we automatically collect:

• Usage Data: Information about how you use our service, including features accessed and actions taken.
• Device Information: Browser type, operating system, device type, and IP address.
• Log Data: Server logs that record your interactions with our service.
• Cookies: We use cookies and similar technologies to maintain sessions and remember your preferences. See Section 10 for more information about cookies.

2.3 Monitor Check Data

When our service performs monitoring checks, we collect:

• Response times and status codes from monitored endpoints
• SSL certificate information for HTTPS monitors
• Response content for keyword monitoring (processed but not permanently stored)

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following lawful bases:

• Contract: Processing necessary for the performance of a contract with you (e.g., providing the monitoring service, managing your account, processing payments).
• Legitimate Interests: Processing necessary for our legitimate interests or those of a third party, provided your rights do not override those interests (e.g., improving our services, preventing fraud, ensuring security).
• Legal Obligation: Processing necessary to comply with legal obligations (e.g., tax records, regulatory requirements).
• Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications). You may withdraw consent at any time.

4. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our monitoring services (Contract)
• Process transactions and send related information (Contract)
• Send notifications and alerts about your monitored services (Contract)
• Respond to your comments, questions, and support requests (Contract/Legitimate Interests)
• Send you technical notices, updates, and security alerts (Contract/Legitimate Interests)
• Monitor and analyse trends, usage, and activities (Legitimate Interests)
• Detect, investigate, and prevent fraudulent transactions and abuse (Legitimate Interests/Legal Obligation)
• Personalise and improve your experience (Legitimate Interests)
• Comply with legal obligations (Legal Obligation)
• Send marketing communications where you have consented (Consent)

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Payment processors for handling transactions
• Cloud hosting providers for infrastructure
• Email service providers for notifications
• Analytics providers to help us understand usage

These providers are contractually obligated to handle your data securely and only for the purposes we specify, in accordance with UK data protection law.

5.2 Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, including requests from UK authorities.

5.3 Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and ensure any successor organisation is bound by this Privacy Policy.

5.4 With Your Consent

We may share information with your consent or at your direction.

6. International Data Transfers

Your information may be transferred to and processed in countries outside the United Kingdom. When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:

• Transfers to countries that the UK has determined provide an adequate level of data protection
• Use of UK International Data Transfer Agreements (IDTAs) or EU Standard Contractual Clauses with the UK Addendum
• Other lawful transfer mechanisms recognised under UK data protection law

You may request further information about the safeguards we use by contacting us.

7. Data Security

We implement appropriate technical and organisational measures to protect your information in accordance with UK GDPR requirements, including:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest
• Regular security assessments and audits
• Access controls and authentication requirements
• Staff training on data protection
• Incident response procedures

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we will notify you and the Information Commissioner's Office of any personal data breach as required by law.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide services. We will not keep your personal data for longer than necessary for the purposes for which it was collected. Monitor check data is retained according to your plan:

• Free plan: 30 days
• Starter plan: 90 days
• Pro plan: 1 year
• Enterprise plan: Custom retention periods

After account deletion, we may retain certain information as required by law (e.g., financial records for HMRC compliance) or for legitimate business purposes (e.g., resolving disputes). We will securely delete or anonymise your data when it is no longer required.

9. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights regarding your personal data:

9.1 Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this within one month of your request, free of charge.

9.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data. You can update most information through your dashboard settings.

9.3 Right to Erasure

You have the right to request deletion of your personal data in certain circumstances (e.g., when data is no longer necessary, you withdraw consent, or you object to processing). You can delete your account at any time through your settings.

9.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances (e.g., while we verify accuracy of data you have contested).

9.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

9.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

9.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use such automated decision-making.

9.8 Right to Withdraw Consent

Where we rely on consent as the lawful basis for processing, you can withdraw consent at any time. This will not affect the lawfulness of processing before withdrawal.

9.9 Exercising Your Rights

To exercise any of these rights, please contact us at contact@siteawake.com. We will respond to your request within one month. We may need to verify your identity before processing your request.

10. Cookies and Similar Technologies

We use cookies and similar technologies in accordance with the Privacy and Electronic Communications Regulations 2003 (PECR) and UK GDPR.

10.1 Essential Cookies

These cookies are necessary for the website to function and cannot be switched off. They include session cookies for authentication and security cookies.

10.2 Analytics Cookies

These cookies help us understand how visitors use our website. We only use these with your consent.

10.3 Managing Cookies

You can manage your cookie preferences through our cookie banner when you first visit our site. Most browsers also allow you to control cookies through their settings. Note that disabling essential cookies may affect the functionality of our service.

11. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will take steps to delete it promptly. If you believe we have collected data from a child under 13, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes affecting how we process your data, we will provide additional notice via email and, where required by law, seek your consent.

13. Complaints

If you are unhappy with how we have handled your personal data, please contact us first so we can try to resolve your concerns.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

14. Contact Us

If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your rights, please contact us at: