MonitUp Privacy Policy

Last updated: 2026-03-26

Version: privacy_v2_2026_03_26

Identity and contact: MonitUp (brand and service name), [email protected].

1. Who We Are

This Privacy Policy explains how MonitUp ("MonitUp", "we", "us") handles personal data in connection with our website, account signup, and software services.

This policy is informational and is not the main service contract. Service terms are available at /terms-and-conditions.

2. Role Clarity: Controller and Processor

MonitUp's role depends on the context:

• For website visitors, account signup, billing contacts, support requests, and service administration data, MonitUp generally acts as a data controller.
• For monitoring and related data processed on behalf of a customer through the Service, MonitUp may act as a processor or service provider under customer instructions.
• For on-premise deployments, the customer controls environment access, retention, permissions, and infrastructure. MonitUp has no standing access and can access only when the customer explicitly enables and authorizes support access.

3. Data We Collect

Depending on how you use MonitUp, we may process:

• Account and signup data, such as business contact email, authentication data, and signup metadata.
• Billing and transaction data needed to manage subscriptions and payments.
• Support and contact communications, including messages you send to us.
• Website and service usage data, including technical logs, device/browser information, and analytics events.
• Customer-provided or customer-controlled service data generated through use of monitoring features.

We do not claim employee monitoring is automatically lawful; lawful use depends on each customer's legal basis, notices, and governance.

4. How We Use Data

We use personal data to:

• provide, secure, and maintain the Service;
• create and manage accounts and subscriptions;
• process billing and payment administration;
• respond to support requests and operational communications;
• monitor performance, reliability, and abuse prevention;
• comply with legal obligations and enforce our rights.

5. GDPR and UK GDPR Legal Bases

Where GDPR or UK GDPR applies, MonitUp typically relies on one or more of the following legal bases: performance of a contract, legitimate interests, legal obligations, and consent where consent is required for a specific activity.

For workplace monitoring data, customers are responsible for determining and documenting their own legal basis and notices under applicable employment and data protection laws.

6. KVKK-Aware Notice (Turkey)

Where Turkish Law No. 6698 (KVKK) applies, MonitUp handles personal data in line with applicable KVKK principles, including transparency, purpose limitation, proportionality, and security.

Customer organizations remain responsible for providing required employee/end-user notices, selecting lawful processing grounds, and managing transfer and retention settings in their own environments.

7. Sharing of Personal Data

We may share personal data with service providers that support our operations, such as infrastructure, payment, analytics, security, and support tooling providers, under appropriate contractual and confidentiality obligations.

We may also disclose data where required by law, regulation, or valid legal process, or in connection with corporate transactions.

8. International Transfers

MonitUp may process data in jurisdictions outside your country. Where required, we use appropriate transfer safeguards under applicable law.

9. Retention

We retain personal data for as long as needed to provide services, meet contractual and legal obligations, resolve disputes, and enforce agreements.

For customer monitoring data, retention is generally determined by customer configuration, deployment model, and contractual arrangements.

10. Security

We apply reasonable technical and organizational safeguards designed to protect personal data against unauthorized access, loss, misuse, and alteration. No method of transmission or storage is completely secure.

11. Your Rights

Depending on applicable law, you may have rights such as access, correction, deletion, restriction, objection, and portability, and a right to complain to a supervisory authority.

If MonitUp processes data as a processor/service provider for a customer, data subject requests should generally be directed to the relevant customer (the controller), though we may assist as required.

12. On-Premise Privacy Position

In on-premise deployments, the customer controls the hosting environment and operational access decisions. MonitUp provides software and support services, and does not have permanent or automatic access to customer environments.

13. Links and Related Notices

Terms of Service: /terms-and-conditions

Cookie Notice: /cookie-notice

14. Updates to This Policy

We may update this Privacy Policy from time to time. Material changes will be published on this page with an updated "Last updated" date and version.