Back to homepage

Privacy Policy

How StackEye handles account, monitoring, billing, and operational data.

Last updated: July 11, 2026

This Privacy Policy explains how Mattox Engineering LLC, doing business as StackEye ("StackEye," "we," "us," or "our"), collects, uses, shares, and protects personal information when you use StackEye websites, applications, APIs, command-line tools, status pages, private relay components, and related services (the "Services").

1. Scope

This policy applies to:

  • visitors to stackeye.io and other StackEye websites that link to this policy;
  • users who create or access StackEye accounts;
  • organization administrators, team members, and invitees;
  • people who interact with StackEye support, sales, billing, or security channels;
  • status page subscribers, where that feature is enabled.

This policy does not apply to third-party websites or services that we do not control.

2. Information We Collect

Information You Provide

We collect information you choose to provide, such as:

  • account details, including name, email address, password or authentication credentials, role, organization, and contact preferences;
  • billing details, including billing address, plan selection, tax information, and payment-related metadata;
  • team and access information, including invitations, organization membership, permissions, API keys, and audit-log activity;
  • monitoring configuration, including probe names, target URLs or hostnames, regions, check settings, labels, notification rules, and status page settings;
  • notification integrations, including email addresses, webhook URLs, Slack or other channel metadata, and related configuration;
  • support and communications, including messages, attachments, diagnostics, and feedback you send to us.

Do not submit sensitive personal information, protected health information, payment card numbers outside the Stripe-hosted payment flow, or regulated data unless we have expressly agreed in writing.

Information Collected Automatically

When you use the Services, we may collect:

  • log and usage data, including IP address, request metadata, browser or device type, operating system, timestamps, pages or features used, API endpoints called, and diagnostic events;
  • security and authentication data, including session identifiers, login events, MFA status, failed login attempts, token metadata, and audit-log events;
  • service telemetry, including probe execution results, status changes, response timing, error messages, certificate metadata, DNS results, and related operational measurements;
  • cookie and local storage data, as described in the Cookie Policy.

Information From Third Parties

We may receive information from third-party services you choose to use with StackEye, including:

  • identity providers, such as Google or other OAuth providers, when you sign in with that provider;
  • payment processors, such as Stripe, for subscription, invoice, and payment status;
  • notification and collaboration tools, such as Slack or webhook destinations, when you connect them to StackEye;
  • infrastructure, security, and website performance providers used to operate, protect, measure, and deliver the Services.

Our use of information received from Google APIs, if any, is limited to providing the requested authentication or integration functionality and is intended to comply with the Google API Services User Data Policy, including the Limited Use requirements.

3. How We Use Information

We use personal information to:

  • provide, operate, monitor, secure, and improve the Services;
  • create and manage accounts, organizations, roles, permissions, sessions, and API access;
  • run uptime, DNS, SSL, TCP, ping, status page, alerting, and related monitoring workflows;
  • send service notices, alerts, recovery notices, invoices, product updates, and support responses;
  • process subscriptions, trials, invoices, taxes, and billing administration;
  • detect, investigate, and prevent abuse, security incidents, fraud, unauthorized access, and policy violations;
  • comply with legal, accounting, tax, audit, and regulatory obligations;
  • enforce our Terms of Service and other agreements;
  • analyze service reliability, website performance, feature usage, and business performance.

4. Legal Bases

Where a legal basis is required, we process personal information because:

  • processing is necessary to perform a contract with you or your organization;
  • processing is necessary for our legitimate interests, such as securing and improving the Services, preventing abuse, and communicating with users;
  • processing is necessary to comply with legal obligations;
  • you have given consent, such as for optional cookies or optional communications, where consent is required.

You may withdraw consent where consent is the basis for processing, but withdrawal does not affect processing that occurred before withdrawal.

5. How We Share Information

We may share personal information with:

  • service providers and subprocessors that help us host, secure, deliver, bill for, support, and operate the Services;
  • payment processors, including Stripe, for payment and subscription management;
  • connected integrations you configure, such as Slack, webhooks, PagerDuty, Discord, Microsoft Teams, or email channels;
  • organization administrators, when your account belongs to an organization that manages access to the Services;
  • professional advisers, auditors, insurers, and legal representatives;
  • government, law enforcement, or regulatory authorities if required by law or necessary to protect rights, safety, or security;
  • a successor entity in connection with a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising unless a future approved version of this policy says otherwise and any required consent controls are in place.

6. Customer Content and Monitoring Data

StackEye processes monitoring targets, probe results, alert content, incident data, status page data, and related telemetry to provide the Services. Customers are responsible for ensuring they have rights and authorization to submit monitored targets and related content to StackEye.

If you include personal information in monitored URLs, request headers, payloads, alert names, status page content, webhook URLs, or support messages, that information may be processed as part of the Services.

7. Cookies, Analytics, and Similar Technologies

We use cookies, local storage, and similar technologies for authentication, security, preferences, service operation, and website performance measurement. StackEye uses Cloudflare Pages Analytics / Cloudflare Web Analytics on the public marketing website to understand page views and performance. StackEye does not use advertising cookies or cross-site tracking. Product-usage measurement is performed using first-party event records that contain no advertising identifiers and no cross-site tracking. For more information, see the Cookie Policy.

8. Data Retention

We keep personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, protect security, and maintain business records.

Retention periods vary by data type:

  • account and organization records are generally kept while the account or organization is active and for a reasonable period afterward;
  • organization membership, access, and audit records are retained for approximately seven (7) years to meet legal, accounting, and compliance obligations (including SOX, HIPAA, and SOC 2), using soft deletes or anonymized retained references so that audit history is preserved;
  • billing and payment records are retained as required for accounting, tax, and compliance purposes; payment and subscription records processed through Stripe are retained by Stripe in accordance with its own retention practices (generally a multi-year period for financial-record compliance);
  • security logs, audit logs, and abuse-prevention records may be kept for security and compliance purposes;
  • probe results, status history, and agent telemetry are retained according to the customer's plan, as set out in the schedule below;
  • backup copies are retained for disaster recovery and deleted according to backup lifecycle schedules.

Agent and Telemetry Retention by Plan

Agent telemetry and related monitoring data are retained based on the customer's subscription plan:

PlanAgent telemetry retention
Free7 days
Starter14 days
Pro30 days
Team90 days
Enterprise365 days

These retention periods apply to agent and probe telemetry. Account, membership, audit, billing, and security records follow the longer retention periods described above because they are required for legal and compliance purposes. If an account is erased, StackEye anonymizes the user record and removes or revokes active credentials and direct personal-data child records, while retaining required audit, membership, billing, and security evidence for the applicable retention period.

9. Security

We use administrative, technical, and organizational safeguards designed to protect personal information, including access controls, encryption in transit, logging, monitoring, and least-privilege operational practices. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

You are responsible for protecting account credentials, API keys, tokens, webhooks, and devices used to access the Services.

10. International Transfers

StackEye is operated from the United States, and personal information may be processed in the United States and other countries where we or our service providers operate. Where required, we use appropriate transfer mechanisms for international data transfers.

11. Children

The Services are not intended for children under 18, and we do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to StackEye, contact us so we can take appropriate action.

12. Privacy Rights

Depending on your location, you may have rights to:

  • access personal information we hold about you;
  • correct inaccurate personal information;
  • delete personal information;
  • restrict or object to certain processing;
  • obtain a portable copy of certain personal information;
  • withdraw consent where processing is based on consent;
  • appeal a denied privacy request where applicable law provides that right.

To exercise these rights, contact privacy@stackeye.io or legal@stackeye.io. We may need to verify your identity and authority before completing a request.

If your account is managed by an organization customer, we may direct certain requests to that organization because it controls the account or customer content.

13. United States State Privacy Notices

Some U.S. state privacy laws require additional disclosures. In the last 12 months, StackEye may have collected the categories described in this policy, including identifiers, commercial information, internet or electronic network activity, professional or employment-related information, and inferences drawn from service usage.

We use and disclose these categories for the purposes described in this policy. We do not sell personal information. We do not knowingly sell or share personal information of consumers under 16.

14. Do Not Track and Global Privacy Control

Some browsers offer "Do Not Track" signals. There is not a uniform industry standard for responding to those signals. Where required by law and technically feasible, we will honor legally recognized opt-out preference signals.

15. Changes

We may update this policy from time to time. The updated version will be posted with a revised "Last updated" date. If changes are material, we will provide additional notice where required by law or contract.

16. Contact

Privacy requests: privacy@stackeye.io

Legal notices: legal@stackeye.io

Mailing address:

Mattox Engineering LLC d/b/a StackEye 1812 33rd Ave Sterling, IL 61081 United States