Privacy Policy
Last Updated: March 31, 2026
This Privacy Policy describes how DNA SAAS Labs, LLC ("Company", "we", "us", or "our") collects, uses, and discloses your personal information when you use the UptimeBot service (the "Service"), and your rights regarding that information. We are committed to protecting your privacy in accordance with the Protection of Personal Information Act (POPIA) of South Africa, the General Data Protection Regulation (GDPR), and other applicable data protection laws.
1. INFORMATION WE COLLECT
We collect information that identifies, relates to, or could reasonably be linked to you.
A. Information You Provide Directly:
- Account Information: When you register, we collect your full name, email address, and account credentials.
- Notification Data: To provide alerts, we collect the contact details of your designated recipients, including email addresses, phone numbers (for SMS), and Slack webhook URLs.
- Billing Information: For paid subscriptions, we collect billing addresses and transaction details. Full credit card numbers are processed by our secure third-party payment processor (e.g., Stripe) and are not stored on our servers.
B. Service & Monitoring Data:
- Monitored Assets: URLs, IP addresses, and port numbers you wish to track.
- SSL Certificate Metadata: Publicly available certificate data, expiration dates, and configuration details.
- Log Data: Performance metrics, response times, and incident history for your monitored assets.
C. Information Collected Automatically:
- Usage Data: IP addresses, browser types, device identifiers, and pages visited when you interact with our Site.
- Cookies: Small data files used for session management and performance analytics.
2. HOW WE USE YOUR INFORMATION
We use your information strictly for the following legal and functional purposes:
- Provision of Service: To monitor your websites/servers and deliver near-real-time alerts via Email, SMS, and Slack.
- Billing & Account Management: To process recurring monthly payments and manage your 30-day refund eligibility.
- Service Improvement: To diagnose technical issues, optimize our monitoring nodes, and improve dashboard performance.
- Compliance: To meet legal obligations, such as tax record-keeping or responding to lawful government requests.
3. LEGAL BASIS FOR PROCESSING
We process your data based on:
- Contractual Necessity: To provide the monitoring services you signed up for.
- Consent: When you opt-in to SMS alerts or marketing communications.
- Legitimate Interest: To ensure the security of our Service and prevent fraudulent use.
- Legal Obligation: To comply with South African or international law.
4. DATA SHARING & THIRD-PARTY DISCLOSURES
We do not sell your personal information. We only share data with trusted third parties necessary for the Service:
- Alerting Partners: SMS providers (e.g., Twilio) and integration platforms (e.g., Slack) to deliver your notifications.
- Payment Processors: To securely handle your monthly subscription and any applicable refunds.
- Hosting Providers: Infrastructure partners (currently Digital Ocean) where our databases and monitoring nodes are located.
Detailed Business Partner & Tool Integration
To provide specialized technical auditing, authentication, and notification features, we leverage the following partners:
| Partner / Tool | Purpose | Privacy Link |
|---|---|---|
| Mandrill (Mailchimp) | Delivery of transactional system emails and downtime alerts. | Privacy Policy |
| SEO Review Tools | Technical SEO auditing and domain performance analysis. | Privacy Policy |
| PageSpeed Insights | Measuring website loading performance and speed metrics. | Privacy Policy |
| NeutrinoAPI.net | IP lookup, data validation, and technical security intelligence. | Privacy Policy |
| APIVerve | Automated checking of DNS security records (DMARC, DKIM, SPF). | Privacy Policy |
| Keycloak (Google/FB Auth) | Secure user SSO and authentication via our Keycloak domain. | Google / Meta |
| Google reCAPTCHA | Protection of our platform from spam and automated bot abuse. | Privacy Policy |
| Twilio | Delivering downtime alerts via SMS and automated Voice calls. | Privacy Policy |
| Slack Apps | Integrating monitoring alerts directly into user Slack channels. | Privacy Policy |
| Tawk.to | Real-time customer support chat services. | Privacy Policy |
| Stripe | Real-time customer support chat services. | Privacy Policy |
| Digital Ocean | Infrastructure hosting for databases and monitoring nodes in London (UK) and Frankfurt (EU). | Privacy Policy |
5. INTERNATIONAL DATA TRANSFERS
DNA SAAS Labs, LLC is based in the USA and operated from South Africa. Our primary infrastructure is located in the UK and EU. To protect your information, we do not rely on general consent for routine commercial transfers. Instead, we ensure all transfers of personal data to countries without an adequacy decision (such as the USA or South Africa) are protected by Standard Contractual Clauses (SCCs) or the UK International Data Transfer Agreement (IDTA). We conduct Transfer Risk Assessments to ensure your data receives a level of protection essentially equivalent to that guaranteed under UK and EU GDPR.
6. DATA RETENTION & SECURITY
Retention: We apply the following retention criteria to your data:
- Account Data: Retained for as long as your account is active.
- Billing Records: Retained for a minimum of 7 years to meet tax and legal obligations.
- Incident Logs: Typically retained for 90 days before being archived or deleted.
- Technical & Usage Data: Retained for as long as necessary for the purpose of service optimization and security.
- Support Correspondence: Retained for the duration of our relationship with you to assist with future inquiries.
Security: We implement robust administrative, technical, and physical safeguards. This includes SSL/TLS encryption for all data in transit, restricted access protocols for internal databases, and the implementation of Multi-Factor Authentication (MFA) for staff accessing production systems.
7. YOUR RIGHTS (POPIA/GDPR)
Under POPIA and GDPR, you have the following rights:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request the update or correction of inaccurate data.
- Deletion: Request the deletion of your data. Note that while we work to automate this, account deletion requests are currently processed manually by our team.
- Objection: Object to processing based on legitimate interests or direct marketing.
- Portability: Request the transfer of your data to another service provider.
- Withdrawal of Consent: You may withdraw consent at any time, including via our cookie banner.
Right to Complain: You have the right to lodge a complaint with a supervisory authority. Relevant authorities include:
- United Kingdom: Information Commissioner’s Office (ICO).
- European Union: The Data Protection Authority in your specific member state.
- South Africa: The Information Regulator (POPIA).
To exercise these rights, please contact us at [email protected].
8. CHILDREN'S PRIVACY
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware of such collection, we will take immediate steps to delete the data.
9. COOKIE POLICY
We use cookies for session management and performance analytics. For a full breakdown of specific cookie names, durations, and purposes (including those used by Tawk.to and Google reCAPTCHA), please refer to our dedicated Cookie Policy. You can withdraw or amend your consent at any time via the settings in our cookie banner.
10. CONTACT INFORMATION
If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer:
DNA SAAS Labs, LLC
D'Urban Square Tygervalley,
26 Bella Rosa Street, Rosenpark,
Cape Town, 7550, South Africa
Email: [email protected]