Privacy Policy

Last updated: June 2025

ExpiryProbe ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.

1. What we collect

We collect only what is necessary to provide the service:

• Account information: your email address and a hashed password when you register.
• Domain hostnames: the domain names you add to your monitoring list.
• Check results: SSL certificate expiry dates, issuer details, and domain registration expiry dates retrieved from public WHOIS records and TLS handshakes.
• Usage data: basic server logs including IP addresses, request timestamps, and HTTP status codes for security and debugging purposes.

We do not collect passwords in plain text, payment card details (handled by Stripe), or any information about your servers beyond the domain hostnames you provide.

2. How we use your data

• To perform SSL and domain expiry checks on domains you've added.
• To send you email alerts when certificates or registrations are approaching expiry.
• To authenticate your account and secure the service.
• To diagnose technical issues and improve reliability.

We do not sell your data, use it for advertising, or share it with third parties except as described below.

3. Third-party services

• Stripe: used to process subscription payments. Stripe handles all payment data under their own privacy policy. We never see your card details.
• Email providers (Resend / Mailgun): used to deliver alert emails. Your email address is transmitted to these providers solely for delivery.
• Infrastructure: the service runs on Vultr VPS infrastructure. Data is stored within the server region you are served from.

4. Data retention

Your account data and domain check history are retained for as long as your account is active. When you delete your account, all associated data is permanently removed within 30 days.

5. Security

All data is encrypted in transit using TLS. Passwords are hashed using bcrypt and never stored in plain text. Access to production systems is restricted to authorised personnel only.

6. Your rights

You have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and all associated data.
• Export your domain list at any time via the dashboard CSV export.

To exercise any of these rights, contact us at privacy@expiryprobe.io.

7. Cookies

ExpiryProbe uses a single session cookie to keep you signed in. No tracking or advertising cookies are used.

8. Changes to this policy

We may update this policy occasionally. We will notify you by email if we make material changes. The "last updated" date at the top of this page reflects the most recent revision.

9. Contact

Questions about this policy? Email us at privacy@expiryprobe.io.

---

ExpiryProbe is operated as an independent SaaS product.