elmah.io ("us", "we", or "our") operates https://elmah.io (the "Site"). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.
Throughout this document, we divide data into two categories:
- Personal data
- Log data
As for Personal Data, this is information identifying you as a user on elmah.io (like users and organizations).
As for Log Data, this is the data sent by your applications for processing on elmah.io (like errors).
elmah.io is developed and maintained by elmah.io ApS.
Information Collection and Use
While using our Site, we ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your name and email address ("Personal Information"). These information are used to improve the way we communicate with you throughout the Site and integrations like Emails and Slack messages.
This is an overview of the personal data we collect directly on elmah.io and why we do it.
|We collect user email in order to send them help during their trial, mails when new errors are logged in their subscription, daily digest and other types of emails that the user opts-in to.|
|ProviderName||We store the name of the social provider used to log in on elmah.io, to be able to log users in next time they try from the same provider and to avoid problems where two social accounts would user same user id.|
|Created||A date and time is stored on all users in order to see when their trial expires.|
|LastLoggedIn||The last time the user logged in is stored to show organization admins if their users log in or not and not optimize the search user feature to show results from people the logged in first.|
|Name||The users name is stored in order to show a name rather than an email throughout both the UI and the notification channels (mail, Slack, etc.).|
|Timezone||Timezone is used throughout the UI to make sure that dates are handled correct. We store everything in UTC but need the timezone to convert back to the user's time.|
|FailedLoginAttempts||When a login using username/password fails, we increment a counter on the user.|
|Name||The name of the organization is stored to be able to generate a correct invoice and to show in different locations on the UI.|
|Created||A date and time is stored on all organizations in order to see when their trial expires.|
|CompanyName||The name of the organization is stored to be able to generate a correct invoice and since users want their organization named differently than their company name (like if they have more organization on a single company).|
|Address||The address of the organization is stored to be able to generate a correct invoice.|
|Zipcode||The zip code of the organization is stored to be able to generate a correct invoice.|
|City||The city of the organization is stored to be able to generate a correct invoice.|
|Country||The country of the organization is stored to be able to generate a correct invoice.|
|Vat||The vat of the organization is stored to be able to generate a correct invoice.|
Access to data
No one in the company has access to Log Data, unless explicitly approved by the customer in order to carry out support. When the support case is closed, the approval expires and a new approval will be needed for the next support case (even if it is the same customer).
We do not allow remote access to our systems, and we only share data with the following entities.
elmah.io employees have access to the users Personal Data through our backoffice system. The user can restrict this access through the elmah.io UI.
Personal information is forwarded to the following third-parties:
- Intercom - We share your name and email, in order to send emails to you during the trial period as well as transactional emails about failed payment, new features and similar.
- Stripe - We share your organization name with Stripe. Stripe is used to charge you the monthly/yearly fee and top-ups.
- Mailchimp - If you opt in for the newsletter, we share your name and email with Mailchimp in order to send and personalize the newsletter to you.
- Amazon Web Services (AWS) - We use AWS Simple Email Service (SES) for sending transactional emails. We share your email and name with AWS in order to personalize and send emails to you.
Location of Data
All personal data is stored inside Microsoft's data center in West US. Backups are forwarded to Microsoft's data center in East US. We need to spread across at least two data centers, in order to restore customer data in the case of a data center breakdown.
Deleting personal data
A user can per request ask to get his/her user deleted. We want this to be a manual process, in order to disallow people from keep signing up for new trials.
When a user asks for deletion, the user data will be deleted from:
- Our database (Elasticsearch)
- MailChimp (in case the user signed up for the newsletter)
- Backups (we don't want to modify already created backup data, why we create a new total backup and delete the old one)
Exporting personal data
All users must be able to export all of the personal data we keep about them. Personal data can be requested through our support and will be delivered as a JSON output from our users database.
Modification of personal data
The user can modify most of the information collected about them (like name, email, etc.). We have some internal properties which are not visible through the UI (see the first paragraph on this page). This information can be updated by contacting our support staff.
Like many site operators, we collect information that your browser sends whenever you visit our Site. This data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics. We use Google Analytics and AdWords conversion tracking to monitor traffic and optimize how we spend our ad money.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer's hard drive.
Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
For detailed technical documentation of elmah.io security, please visit https://elmah.io/security/.
Links to Other Sites
elmah.io has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third-party sites or services.