Duck Stats logo Duck Stats
How Features Pricing Status FAQ Sign in Get started

Privacy Policy

Effective 2026-06-21 · Short version: we collect what we need to run the service, and nothing else.

1. What we collect

To run an account for you, we collect:

  • Account email — used for sign-in, password reset, billing receipts, and outage alerts you've subscribed to.
  • Password hash — hashed with bcrypt. We never see or store your plaintext password.
  • Your monitor configurations — URLs, hostnames, ports, alert rules, status-page branding, notification channels. This is what you came here to store.
  • IP address & user agent — captured server-side for our marketing pages via a 1x1 tracking pixel routed through Cloudflare, and recorded in app login logs for security auditing. We don't sell or share this.
  • Monitor result data — every probe result, heartbeat, and status change, retained per the schedule below.

2. What we don't collect

We deliberately leave a lot of analytics off the table:

  • No Google Analytics. No Facebook Pixel. No TikTok pixel. No Meta SDK.
  • No session-replay tools (no FullStory, Hotjar, LogRocket, Microsoft Clarity).
  • No third-party advertising trackers.
  • No fingerprinting libraries.
  • No data brokers, ever.

The only first-party tracking we run is a single internal pixel (t.duckingstats.com/p.gif) on our marketing pages so we can count page views without involving an outside analytics vendor.

3. Where data lives

All application data — accounts, monitor configs, heartbeats, stats — lives in a MySQL database on infrastructure we operate directly. Not shared multi-tenant cloud DBaaS, not "serverless" infra of unknown provenance. One server, ours.

  • Daily backups taken at 03:00 UTC and encrypted at rest with AES-256.
  • Heartbeat retention — individual probe results kept for 7 days, then pruned via table-swap. Aggregate stats (minutely 30 days, hourly 1 year, daily forever) stay longer because they don't contain raw IPs or payloads.
  • Backups older than 30 days are deleted.

4. Third-party services we use

We try to keep this list short and name everyone:

  • Cloudflare — DNS, CDN for marketing pages, and the secure tunnel that fronts our origin server. Cloudflare sees the IP of anyone who loads duckingstats.com or stats.duckingstats.com; their privacy policy applies to that edge layer.
  • Stripe — payment processing for Premium subscriptions. Card numbers never touch our servers; Stripe handles them directly and returns us a token.
  • Oracle Cloud SMTP — outbound delivery of alert emails and account emails. They see the destination email and the message body of the alert.
  • Email Forwarder Postmaster — inbound mail to [email protected] when you reply to us.

That's the entire third-party footprint. We don't add anything else without updating this page first.

5. Cookies

We set exactly one cookie: a session cookie after you log in, marked Secure and HttpOnly, scoped to stats.duckingstats.com. It exists so you stay logged in across page loads. There are no cross-site trackers, no advertising cookies, no consent-management modal because there's nothing to consent to.

6. Your rights

Regardless of where you live, you can:

  • Export your data — every monitor config, status page, and historical heartbeat is available via our API, or we'll send you a JSON dump on request.
  • Correct your data — most of it is editable in the dashboard. For anything else, email us.
  • Delete your account — request deletion via the account settings page or by emailing [email protected]. We complete full account and data deletion within 7 days of the request. Backups containing your data roll off naturally within 30 days after that.

We don't make you fill out a form, sign a notarized affidavit, or wait 30 business days. One email is enough.

7. Children

Duck Stats is not directed at children under 13. We don't knowingly create accounts for them. If a child has signed up, email us and we'll delete the account.

8. Changes to this policy

If we materially change what we collect or who we share it with, we'll email every account holder at least 30 days before the change takes effect. Smaller wording cleanups will just bump the effective date at the top of this page.

9. Contact

Privacy questions, data-export requests, account deletion, or just "hey, what does field X store" — email [email protected]. A real person responds.

← Back to home Terms of Service →