Legal

Privacy Policy

Last updated: April 4, 2026

This Privacy Policy describes how Reedster LLC ("we", "us", "our") collects, uses, and protects your information when you use the Xpiry service ("Service").

1. Information We Collect

Account Information

When you create an account, we collect your email address and hashed password. We do not store plaintext passwords.

Domain Data

When you add domains for monitoring, we collect and store: domain names, SSL certificate details (issuer, expiry dates, chain information), domain registration data (registrar, expiry dates), DNS verification records, and check history logs.

Usage Data

We collect standard web server logs including IP addresses, browser user agents, and session information for security and service operation purposes.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or full payment details on our servers. See Stripe's Privacy Policy for details.

2. How We Use Your Information

  • To provide the monitoring service (checking SSL certificates, domain registrations)
  • To send alert notifications (email, Slack, webhooks) based on your preferences
  • To process payments and manage subscriptions
  • To communicate service updates and important notices
  • To improve the Service and fix issues

3. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe — for payment processing
  • Resend — for transactional email delivery
  • Railway — for infrastructure hosting

We may disclose information if required by law or to protect our rights.

4. Data Retention

Account data is retained while your account is active. Check history is retained according to your plan (7 days for Free, 90 days for Pro, 1 year for Agency). Upon account deletion, all data is permanently removed within 30 days.

5. Security

We use industry-standard security measures including encrypted connections (TLS), hashed passwords (bcrypt), and secure session management. Database access is restricted and encrypted at rest.

6. Cookies

We use a session cookie to maintain your login state. We do not use third-party tracking cookies or advertising pixels.

7. Your Rights

You have the right to:

  • Access the data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Export your domain and check data

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email.

9. Contact

Questions about this Privacy Policy? Contact us at [email protected].