Privacy Policy

Welcome to Drumbeats ("we," "us," or "our"). We operate a global job monitoring service. We are committed to transparency and protecting the privacy of our users ("you").

Data Controller: Drumbeats is currently operated by independent developers based in Turkey (pre-incorporation). Upon formation of a legal entity, this section will be updated accordingly. For all data-related inquiries, please contact us at support@drumbeats.io.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and monitoring services. By using Drumbeats, you acknowledge the practices described in this policy.

A. Information You Provide

Registration: We collect your email address to send a verification code. This is necessary to validate your identity before account creation.

Onboarding: To complete your profile, we collect your first name, last name, and country. You may optionally provide company details.

B. Monitoring Data (Ping Payloads)

C. Usage and Consumption Metrics

We track and record usage metrics including, but not limited to, the number of API requests (pings), monitors created, alerts triggered, and data volume consumed. This data is collected for the legitimate purpose of accurate billing, enforcing plan limits, and maintaining service quality. If you are on a plan with overage billing, these metrics are used to calculate your usage-based charges.

D. Technical Logs: We automatically log IP addresses and timestamps for security and abuse prevention.

We use the information we collect to:

• Service Provision: Authenticating you and displaying your monitoring dashboard.
• Alerting: Sending notifications to your configured channels when your jobs fail.
• Billing: Calculating usage, generating invoices, and processing payments through our Merchant of Record (DodoPayments).
• Security: Detecting DDoS attacks and preventing abuse.
• Legal Compliance: Fulfilling obligations under tax laws and data protection regulations.

Credit Card Data Isolation: We do NOT store, process, or have access to your credit card numbers, CVV codes, or any sensitive financial data on our servers. All payment transactions are handled entirely by our Merchant of Record, DodoPayments.

Data Shared with DodoPayments: To enable DodoPayments to process payments, issue legally compliant invoices, and calculate applicable taxes (VAT/GST/Sales Tax), we share the following information with DodoPayments:

• Your name and email address
• Your country/region (for tax calculation)
• Your subscription plan and usage/consumption metrics (for invoice generation)

DodoPayments operates as a third-party payment processor and is subject to its own privacy policy and PCI-DSS compliance requirements. By subscribing to a paid plan, you acknowledge and consent to this data transfer.

We adhere to a "Storage Limitation" principle:

Server Location: Our primary infrastructure is hosted with Netcup GmbH in Germany.

Payment Processing: Payment data is processed by DodoPayments, which may store and process data in the United States or other jurisdictions where they operate.

By signing up, you explicitly consent to the transfer of your personal data to Germany (infrastructure) and to the jurisdictions where DodoPayments operates (payment processing).

We utilize standard technical and organizational safeguards to protect cross-border data transfers.

We share data only with the service providers necessary to operate the Service:

• Netcup GmbH (Germany): VPS Hosting and Database.
• Brevo (Email Provider): Delivery of alerts and verification codes.
• DodoPayments (Merchant of Record): Payment processing, invoicing, and tax compliance.

A. Essential Cookies

We use strictly necessary cookies to ensure the website functions properly. These include:

• Session Cookies: Required for authentication and maintaining your logged-in state.
• Cookie Consent: Stores your cookie preference choices.

B. Analytics Cookies (Optional)

With your consent, we may use analytics cookies to understand how visitors use our website. These cookies help us improve our services by collecting anonymous usage data. You can manage your cookie preferences at any time using the "Cookie Settings" link in the footer.

C. Local Storage

We use browser local storage to store your preferences such as theme settings and selected project. This data stays on your device and is not transmitted to our servers.

For more details, please see our Cookie Policy.

Under GDPR (Europe) and KVKK (Turkey), you have the right to:

• Access your data.
• Correct inaccurate data.
• Delete your account and data ("Right to be Forgotten").
• Withdraw consent for marketing or cross-border transfers (which may require closing your account).
• Data portability — request a copy of your data in a machine-readable format.

Financial Records Exception: Please note that exercising your right to deletion ("Right to be Forgotten") applies to data stored on Drumbeats systems. Invoicing and payment records held by DodoPayments are subject to mandatory financial record-keeping requirements under applicable tax laws, and may be retained by DodoPayments even after your account and data are deleted from our systems.

To exercise these rights, email us at: support@drumbeats.io.