Privacy Policy

Account data from Google sign-in

When you sign in with Google, losclouds receives your Google account identifier, email, and display name. We store the email and display name so the dashboard and alerts can address you. We do not receive your Google password, contacts, calendar, or files.

Sessions and cookies

losclouds uses first-party cookies scoped to the losclouds domain to keep you signed in and to remember theme preference. Session tokens are stored server-side and expire automatically. We do not use advertising cookies.

Alert destinations

When you subscribe to alerts, losclouds stores the destination address (email, Slack webhook URL, or Discord webhook URL) along with notification preferences and a verification state so we can confirm ownership before delivering alerts. Unsubscribe tokens are generated per subscription and can be rotated by editing or deleting the subscription.

API key metadata and usage

API keys created from Settings are stored hashed. losclouds records per-key request counts, last-used timestamps, and tier-level usage summaries so you can monitor consumption and revoke leaked keys. Raw key values are shown only once at creation time.

Community report metadata

Community status reports are associated with the signed-in user when available. To prevent abuse and deduplicate signal, each report also stores a salted hash of the reporter IP and the coarse-grained country and city derived from the request IP at report time.

• Raw IP addresses are not stored alongside reports.
• Country and city are derived for grouping only and are never attached to your public profile.
• Hashed IP plus target plus recent-window rate limiting is used to detect and reject duplicate submissions.

Operational and observability data

losclouds logs request paths, status codes, and error traces for the purpose of keeping the service running. Access logs and error traces are retained for a rolling window and are used to debug incidents, not to profile users.

Retention, deletion, and export

Deleting your account from Settings → Danger Zone immediately removes your user record, active sessions, alert destinations, API keys, and status reports tied to your account or email. Request an export or ask a data question by emailing us.