Privacy Policy

Last updated: May 18, 2026

Nodestral ("we", "us", or "our") operates nodestral.web.id. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service.

Information We Collect

  • Account information: email address, display name, OAuth identity (if you sign in with Google)
  • Server monitoring data: hostname, OS, kernel, IP address, system metrics — collected by our agent software
  • Usage data: pages visited, features used, time spent

How We Use Your Information

  • Provide and maintain our service
  • Notify you about changes to your monitored servers
  • Improve our service through analytics
  • Send service-related communications (security alerts, system updates)

Data Storage & Security

  • Data stored on encrypted servers (Supabase/PostgreSQL)
  • TLS encryption for all data in transit
  • Access limited to authorized personnel only
  • Regular security audits

Data Retention

  • Active accounts: data retained as long as your account is active
  • Deleted accounts: all personal data removed within 30 days of deletion request
  • Server monitoring data: retained for 90 days, then anonymized

Your Rights

  • Access: export all your data at any time
  • Rectification: update your account information
  • Erasure: delete your account and all associated data
  • Portability: export data in machine-readable format
  • Object: opt out of non-essential communications

Third-Party Services

  • Google OAuth — authentication
  • Resend — transactional emails
  • Tencent Cloud — infrastructure hosting
  • Supabase — database hosting

Contact

For privacy inquiries: privacy@nodestral.io