Privacy Policy

This Privacy Policy describes how Sonato LLC, a Wyoming limited liability company operating the service at failover.io (the "Service," "we," "us," or "our"), collects, uses, and shares information about you.

By using the Service, you agree to the practices described below. If you do not agree, please do not use the Service.

1. Who we are

Sonato LLC
Wyoming, United States
Contact:

2. Information we collect

2.1 Information you provide

• Account information: email address and hashed password when you register.
• Alert channel configuration: phone numbers, email addresses, webhook URLs, Slack/Discord/Telegram identifiers, and similar endpoints you configure to receive alerts.
• Monitor configuration: URLs and services you ask us to monitor, along with labels, check intervals, and expected responses.
• Status page configuration: any branding, descriptions, or content you publish on status pages you create.
• Billing information: when you subscribe to a paid plan, billing data is collected and processed directly by Stripe. We do not store full payment card details on our servers.
• Support correspondence: messages you send us via email or contact form.

2.2 Information we generate

• Monitor check results: response times, status codes, and error details from probes we run against the URLs you configure.
• Incident records: when monitors fail their checks, we create incident records including duration, root-cause hints, and acknowledgement history.
• Alert delivery logs: records of which alerts were sent, when, through which channels, and whether they were acknowledged.
• Server logs: standard web server logs (IP address, user-agent, request paths, timestamps) retained for security and abuse-prevention purposes.

2.3 Information from third parties

• Stripe: when you subscribe, Stripe shares billing event data (subscription status, invoice payment results) with us so we can manage your plan.
• Cloudflare: our infrastructure is fronted by Cloudflare, which provides DDoS protection. Cloudflare's privacy practices are described here.

3. How we use information

• To provide the Service: run monitor checks, deliver alerts, render status pages.
• To bill paying customers and manage subscriptions.
• To respond to support requests.
• To prevent abuse, fraud, and security incidents.
• To send transactional emails (account verification, password resets, billing notifications). We do not send marketing emails without your explicit opt-in.
• To comply with legal obligations.

4. How we share information

We do not sell your personal information. We share information only in the following cases:

• Service providers: we use Stripe (payments), Twilio (SMS and voice alert delivery), Resend (email alert delivery), Cloudflare (CDN/DDoS protection), Hetzner, Worldstream and DigitalOcean (hosting). Each processes data on our behalf under contractual obligations.
• Alert delivery: when you configure an alert to be sent via SMS, email, webhook, etc., we transmit the relevant alert details through that channel — by definition, the recipient receives it.
• Legal obligations: if required by law, court order, or to protect rights, property, or safety.
• Business transfers: in the event of a merger, acquisition, or asset sale, your information may be transferred. We will notify you before this happens.

5. Data retention

We retain your account data for as long as your account is active. When you delete your account, we delete your personal information within 30 days, except where retention is required by law (e.g., billing records for tax purposes — typically 7 years).

Monitor check history is retained according to your plan (7, 90, or 365 days). Older check data is automatically purged.

You can request deletion of your account and associated data by emailing .

6. Security

We implement reasonable technical and organizational measures to protect your information, including encryption in transit (TLS 1.2+), encryption at rest, hashed passwords (bcrypt), and access controls. No system is 100% secure, however. If we become aware of a breach affecting your data, we will notify you as required by law.

7. Your rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing.

To exercise these rights, email . We will respond within a reasonable timeframe as required by applicable law.

8. Children

The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, contact .

9. International transfers

The Service is operated from the United States and our infrastructure is located in Germany (Hetzner) with global edge presence via Cloudflare. By using the Service, you consent to your information being processed in these locations.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. The "Last updated" date at the top reflects the most recent revision.

11. Contact

Sonato LLC

Wyoming, United States