HomeProductEndpointsAccountPricingDocumentation

Legal

Privacy Policy

Last updated:

This Privacy Policy explains how we collect, use, disclose, and protect information when you use eventpipe (“Service”). By using the Service, you agree to this policy. If you are in the European Economic Area (EEA), UK, or Switzerland, additional rights described below may apply.

1. Who we are

The Service is operated by the eventpipe team. For privacy inquiries, contact: privacy@eventpipe.app

2. Information we collect

We collect information in the following categories:

  • Account data: email address, name if provided, authentication identifiers from your sign-in provider, and account settings.
  • Usage and technical data: IP address, device and browser type, approximate location derived from IP, pages viewed, timestamps, and diagnostic logs needed to operate and secure the Service.
  • Billing data: subscription status and payment-related identifiers processed by our payment processor (we do not store full card numbers on our servers).
  • Customer content: webhook payloads, headers, URLs, and code or configuration you submit to endpoints, Pipe Studio, or related features. This may include personal data sent by third parties to your endpoints.
  • Communications: messages you send to support or feedback channels.

3. How we use information

We use information to:

  • Provide, maintain, and improve the Service, including debugging and performance analysis.
  • Authenticate users, enforce limits by plan, and prevent fraud or abuse.
  • Process payments and send transactional emails (for example receipts or security notices).
  • Comply with legal obligations and respond to lawful requests.
  • Send optional product updates or marketing where permitted; you may opt out of marketing at any time.

4. Legal bases (EEA/UK)

Where GDPR applies, we rely on: performance of a contract (providing the Service); legitimate interests (security, product improvement, analytics in line with your expectations); consent where required (for example certain cookies or marketing); and legal obligation where applicable.

5. Sharing and subprocessors

We do not sell your personal information. We share data only as needed with the following categories of recipients:

  • Service providers who host infrastructure, process payments, send email, or provide analytics, under contracts that require appropriate safeguards.
  • Authorities when required by law or to protect rights, safety, and security.
  • A successor entity in a merger, acquisition, or asset sale, subject to this policy or equivalent protections.

6. International transfers

We may process data in the United States and other countries. Where we transfer personal data from the EEA, UK, or Switzerland, we use appropriate safeguards such as Standard Contractual Clauses or other mechanisms recognized by applicable law.

7. Retention

We retain account and billing records as needed for legal, tax, and accounting requirements. Webhook and traffic data are retained according to your plan and product settings; you may delete certain data through the Service where available. When retention periods end, we delete or anonymize data in line with our technical capabilities.

8. Security

We implement technical and organizational measures designed to protect information against unauthorized access, loss, or alteration. No method of transmission over the Internet is completely secure; we encourage you to use strong passwords and enable available security features.

9. Your rights and choices

Depending on your location, you may have the right to access, correct, delete, or export personal data; restrict or object to certain processing; and withdraw consent where processing is consent-based. You may lodge a complaint with a supervisory authority.

To exercise rights, contact privacy@eventpipe.app. We may verify your request and respond within the timeframe required by law.

10. California residents

If the California Consumer Privacy Act (CCPA) applies, we describe our practices above. California residents may request access or deletion of personal information and may designate an authorized agent. We do not “sell” or “share” personal information as those terms are defined under California law for cross-context behavioral advertising.

11. Children

The Service is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will delete it.

12. Changes

We may update this Privacy Policy from time to time. We will post the updated policy on this page and revise the “Last updated” date. Material changes may be communicated through the Service or by email.