Privacy Policy

Last updated: September 11, 2025

1. Introduction

Welcome to ChangeWatch ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website change monitoring service.

ChangeWatch is a service that monitors websites for changes and sends notifications to users when changes are detected. This policy applies to all users of our service, whether accessed through our website, API, or any other means.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you use our service:

  • Account Information: Name, email address, and password when you create an account
  • Profile Information: Any additional information you provide in your profile settings
  • Payment Information: Billing details and payment method information (processed securely through Stripe)
  • Communication Data: Information you provide when contacting our support team

2.2 Service Usage Information

We automatically collect information about how you use our service:

  • Watch Data: URLs you monitor, CSS selectors, regex patterns, monitoring frequency, and notification preferences
  • Monitoring Results: Content snapshots, change detection data, and monitoring history
  • Notification Data: Email addresses, Slack webhook URLs, Discord webhook URLs, Teams webhook URLs, and other notification channel information you configure
  • Technical Data: IP addresses, browser type, device information, and usage patterns
  • Log Data: Server logs, error reports, and performance metrics

2.3 Third-Party Website Data

When monitoring websites on your behalf, we may collect and process content from those websites. This data is:

  • Used solely for change detection purposes
  • Stored securely and encrypted
  • Not shared with third parties except as described in this policy
  • Retained only for the duration necessary to provide our service

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

  • To provide and maintain our website monitoring service
  • To process your monitoring requests and detect changes
  • To send notifications when changes are detected
  • To manage your account and subscription

3.2 Communication

  • To send you service-related emails (notifications, updates, security alerts)
  • To respond to your support requests and inquiries
  • To send marketing communications (with your consent)

3.3 Service Improvement

  • To analyze usage patterns and improve our service
  • To develop new features and functionality
  • To ensure the security and reliability of our service

3.4 Legal Compliance

  • To comply with applicable laws and regulations
  • To enforce our Terms of Service
  • To protect our rights and the rights of our users

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: To provide our monitoring service as agreed
  • Legitimate Interest: To improve our service, ensure security, and prevent fraud
  • Consent: For marketing communications and optional features
  • Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our service:

  • Payment Processors: Stripe for payment processing
  • Email Services: For sending notifications and communications
  • Cloud Hosting: For data storage and processing
  • Analytics Services: For service improvement (anonymized data only)

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders or legal proceedings
  • Government requests or investigations
  • Protection of our rights, property, or safety

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data is encrypted in transit and at rest
  • Access Controls: Strict access controls and authentication measures
  • Regular Security Audits: Ongoing security assessments and updates
  • Employee Training: Regular training on data protection and security

7. Data Retention

We retain your personal information for as long as necessary to provide our service and comply with legal obligations:

  • Account Data: Retained while your account is active and for a reasonable period after deletion
  • Monitoring Data: Retained for the duration of your subscription and for a limited period after cancellation
  • Payment Data: Retained as required by financial regulations
  • Log Data: Retained for security and troubleshooting purposes

8. Your Rights (UK GDPR)

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing based on consent

To exercise these rights, please contact us at [email protected].

9. International Data Transfers

Your data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place:

  • Adequacy Decisions: Where the UK has determined adequate protection
  • Standard Contractual Clauses: For transfers to countries without adequacy decisions
  • Certification Schemes: Where applicable and appropriate

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze service usage and performance
  • Provide personalized content and features

You can control cookie settings through your browser preferences.

11. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing any personal information.

12. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Displaying a notice on our service

14. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Controller: ChangeWatch
Email: [email protected]

15. Complaints

If you have concerns about our data processing practices, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom

Website: https://ico.org.uk
Phone: 0303 123 1113

16. Additional UK-Specific Information

16.2 Supervisory Authority

The Information Commissioner's Office (ICO) is the UK's supervisory authority for data protection matters.

16.3 Brexit Considerations

This policy complies with UK GDPR, which applies to the processing of personal data in the UK following Brexit.

This Privacy Policy is effective as of September 11, 2025 and will remain in effect except with respect to any changes in its provisions in the future.