Privacy Policy

Please read these terms carefully before using Kuma Engine services.

Last Updated: July 1, 2025

1. Scope

This Privacy Policy (“Policy”) explains how Kuma Engine LLC (“Kuma Engine,” “we,” “our”) collects, uses, shares, and safeguards Personal Data when you visit kumaengine.com or use any related services, APIs, or hosted Uptime Kuma instances (collectively, the “Service”).

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information – name, e-mail address, password hash.
  • Billing Information – payment card details (stored by our PCI-compliant processor), billing contact, and transaction history.
  • Support Communications – contents of e-mails, chat logs, or other messages you send to us.

2.2 Information We Collect Automatically

  • Service Usage Data – IP address, browser type, referring URL, timestamps, instance identifiers, API calls, monitor metadata (URL, interval, status), error logs.
  • Cookies & Similar Technologies – session cookies for authentication and CSRF protection, analytics cookies (first-party; no cross-site tracking).

2.3 Information from Third Parties

We may receive limited Personal Data (e.g., updated payment method, fraud signals) from payment processors, cloud hosting providers, or analytics vendors.

3. How We Use Information

  • Operate, monitor, and maintain the Service and your Uptime Kuma instance;
  • Process payments and manage subscriptions;
  • Detect, prevent, and respond to security incidents;
  • Provide customer support and communicate about updates or outages;
  • Improve and develop new features (e.g., usage analytics, UX research);
  • Send limited product-related messages or promotional e-mails (you may opt out at any time).

We process Personal Data only where we have a lawful basis, including performance of a contract (Terms of Service), legitimate interests (security, improvement), consent (marketing), or compliance with legal obligations.

4. How We Share Information

  • Service Providers – infrastructure, payment processing, email delivery, analytics, customer support.
  • Legal & Compliance – when required by court order, subpoena, or applicable law, or to protect rights, property, or safety.
  • Business Transfers – in connection with a merger, acquisition, or sale of assets (notice will be provided).
  • We do not sell or rent your Personal Data.

5. International Data Transfers

We are headquartered in the United States and may transfer Personal Data to countries that do not provide the same level of data protection as your jurisdiction. Where required, we use Standard Contractual Clauses or rely on adequacy decisions (e.g., EU-US Data Privacy Framework) to protect data transferred from the EEA, UK, or Switzerland.

6. Data Retention

We store Personal Data for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Backups of your Uptime Kuma data are retained for 7 days before automatic deletion.

7. Security

We employ administrative, technical, and physical safeguards—such as disk encryption, network segmentation, HTTPS everywhere, periodic penetration tests, and least-privilege access controls—to protect Personal Data. However, no system is completely secure; you are responsible for using strong passwords and keeping API keys confidential.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, or port your Personal Data; object to certain processing; or withdraw consent. California residents may also request a list of categories of Personal Data disclosed for business purposes in the preceding 12 months.

To exercise any rights, e-mail privacy@kumaengine.com. We may verify your identity before processing requests.

9. Children’s Privacy

The Service is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect Personal Data from children. If you believe a child has provided Personal Data, please contact us and we will delete it.

10. Changes to This Policy

We may update this Policy periodically. We will post the revised version with a new “Effective Date.” Material changes will be announced via the Service or e-mail. Continued use after changes signifies acceptance.

11. Contact Us

privacy@kumaengine.com