Back to Home

Privacy Policy

Last updated: January 20, 2026

1. Introduction

PatchWatch ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security patch monitoring service.

2. Information We Collect

2.1 Account Information

  • Email address
  • Name (optional)
  • Password (encrypted)
  • Organization name (optional)

2.2 Usage Information

  • Products and applications you choose to monitor
  • Notification preferences
  • Feature usage patterns
  • Log data (IP address, browser type, access times)

2.3 Payment Information

Payment processing is handled by our third-party payment provider (DodoPayments). We do not store your credit card details on our servers.

3. How We Use Your Information

  • Provide and maintain the PatchWatch service
  • Send security patch alerts and notifications
  • Process transactions and billing
  • Respond to customer support requests
  • Improve our service and develop new features
  • Comply with legal obligations

4. Data Sharing

We do not sell your personal information. We use trusted third-party sub-processors to deliver our service. These include hosting providers (e.g., Vercel, Railway), payment processors (DodoPayments), email deliverability services (Resend), and AI infrastructure providers (OpenAI). All sub-processors are strictly bound by confidentiality and data processing agreements. We may also share data with:

  • Legal authorities when requested under lawful subpoena or court order
  • Business partners only with your explicit opt-in consent

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS/HTTPS), encrypted password storage (bcrypt), secure database access, and regular security audits. However, no method of transmission over the Internet is 100% secure.

Data Breach Response: In the event of a confirmed security incident that compromises your personal data, we will notify affected users and relevant regulatory authorities within 72 hours of discovery, in compliance with GDPR and applicable laws.

6. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your data at any time by contacting us. Some data may be retained for legal or compliance purposes.

7. Your Rights

Depending on your location (including under GDPR and CCPA frameworks), you may have the right to:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data
  • Right to Data Portability: Export your data in a structured, machine-readable format
  • Right to Object: Opt out of marketing communications and certain data processing

8. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies (Google Analytics) to understand usage patterns. You can disable cookies in your browser settings.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the service. Your continued use of PatchWatch after changes constitutes acceptance.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at support@patchwatch.app