1. Introduction
Checkmate explains how it gathers, handles, and safeguards personal information through two deployment models: our SaaS platform and self-hosted editions. Data handling differs substantially between offerings. We are committed to protecting your privacy based on your chosen deployment method.
2. Service offerings and data handling
Hosted platform
- Hosted on secure infrastructure
- Collects: account/organization info, platform usage data, technical data (IP addresses, browser info), and support communications
- Your monitoring data (uptime metrics, server stats, incidents) is stored securely and accessible only to your team
Self-hosted edition
- Operates entirely within your own infrastructure
- Zero data leaves your infrastructure
- No telemetry, usage analytics, or automatic updates sent to Checkmate
- Checkmate has no access to your monitoring data or server metrics
3. Information collected
Website and general business
- Contact form submissions
- Marketing preferences
- Website analytics
- Technical website data
SaaS platform specific
- Registration and authentication information
- Billing and payment data (processed by third-party processors)
- Platform configuration and usage patterns
- Monitoring data (uptime, server metrics, incidents)
- Support tickets and customer service interactions
4. Data usage
Information is used to:
- Provide infrastructure monitoring services
- Process payments (SaaS only)
- Deliver customer support
- Send product updates and marketing communications
- Improve platform and develop features
5. Data security and encryption
Security measures include: encryption in transit and at rest, multi-tenant data isolation, access controls, authentication mechanisms, and regular security monitoring with incident response procedures.
6. Cookies and tracking technologies
We use the following types of cookies:
- Functional: Website operation and authentication
- Analytics: Performance analysis and usage patterns
- Marketing: Campaign effectiveness and user preference tracking
Users can manage preferences through browser settings.
7. Third-party services and subprocessors
SaaS platform integrations
- Stripe for payment processing
- Analytics services for platform improvement
- Infrastructure providers
Self-hosted deployments use no third-party services for data processing.
8. Data retention
- Monitoring data: Retained according to your plan (30 days Free, 90 days Pro, 180 days Business, 1 year Enterprise)
- Account data: Retained for 3 years from account creation or last activity
- Marketing communications: Until unsubscribe or removal request
- Contact submissions: Up to 3 years for business communication
9. Your rights and data control
You have the right to:
- Access your organization account and usage data
- Correct inaccurate information
- Request account and data deletion
- Object to marketing communications
- Request data export for migration
10. Legal basis for processing and compliance
Processing grounds:
- Contract performance: Service delivery
- Legitimate interest: Platform improvement, security, business communications
- Consent: Marketing and non-essential cookies
We comply with GDPR (European customers) and CCPA (California customers).
11. Data breach notification
In security incidents: assessment within 24 hours, customer notification within 72 hours for high-risk breaches, and authority notification as required by law.
12. Policy changes
Material changes will trigger: date updates, email notification to active customers, and website posting.