Privacy Policy

Last updated: February 2026

---

1. Data Controller

The data controller for ExeWatch is:

bit Time Professionals s.r.l.
Via di Valle Morta 10
00132 Roma (RM), Italy
P.IVA: IT13018661002
Email: exewatch@bittime.it

2. Information We Collect

ExeWatch collects information that you provide directly to us:

• Account Information: Email address, name, company name (optional), and password when you register
• Billing Information: Payment details processed securely by Stripe (we do not store your credit card numbers)
• Application Data: Log events, device information, and performance metrics sent by your applications through our SDK
• Contact Information: Data you provide when contacting us through our contact form

3. Legal Basis for Processing

We process your personal data based on the following legal grounds (Art. 6 GDPR):

• Contract Performance (Art. 6(1)(b)): Processing necessary to provide our monitoring services
• Legitimate Interest (Art. 6(1)(f)): Security, fraud prevention, and service improvement
• Legal Obligation (Art. 6(1)(c)): Compliance with tax and accounting requirements

4. Cookies and Local Storage

We use only strictly necessary technologies for the operation of our website:

HTTP Cookies

Name	Purpose	Duration
access_token	Authentication (keeps you logged in)	24 hours

Browser Local Storage

Name	Purpose
ew-theme	Your preferred color theme (dark/light)
timezoneDisplayMode	Your preferred timezone display
cookie-consent	Records that you've seen the cookie notice

We do not use tracking cookies, advertising cookies, or third-party analytics.

5. Third-Party Services

We use the following third-party services to operate ExeWatch:

• Stripe (USA) - Payment processing. Privacy Policy
• Resend (USA) - Transactional emails. Privacy Policy

These services may process data in the United States. Transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data Retention

We retain your data for the following periods:

• Account data: Until you delete your account
• Log data: According to your subscription plan:
  • Hobby (Free): 7 days
  • Pro: 30 days
  • Business: 90 days
• Billing records: 10 years (legal requirement)
• Contact form submissions: 2 years

Backup Retention

We maintain regular database backups for disaster recovery purposes. Important information about backups:

• Backup frequency: Daily automated backups
• Backup retention: 30 days
• Deleted data in backups: When you delete data or your account, the deletion applies immediately to the active database. However, deleted data may persist in backup snapshots until those backups expire (maximum 30 days).
• GDPR compliance: This backup retention is considered "technically feasible" under GDPR Article 17(1), as immediate backup purging would compromise system integrity and disaster recovery capabilities.
• Security: All backups are encrypted and stored securely with access restricted to authorized personnel only.

After 30 days, old backups are automatically deleted, ensuring deleted data is completely removed from our systems within this timeframe.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (HTTPS/TLS 1.3)
• Secure password hashing (bcrypt)
• HTTP-only, secure cookies
• Regular security updates and monitoring
• Access controls and audit logging

8. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

• Access - Request a copy of your personal data
• Rectification - Correct inaccurate personal data
• Erasure - Request deletion of your data ("right to be forgotten")
• Restriction - Limit how we process your data
• Portability - Receive your data in a machine-readable format
• Object - Object to processing based on legitimate interest

To exercise these rights, contact us at exewatch@bittime.it. We will respond within 30 days.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

9. SDK Data Processing

When you use our SDK to collect logs from your applications:

• You are the Data Controller for data collected from your end users
• We act as Data Processor on your behalf
• You are responsible for informing your users about data collection
• A Data Processing Agreement (DPA) is available to view online

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. The "Last updated" date at the top indicates when this policy was last revised.

11. Contact Us

For any questions about this Privacy Policy or to exercise your rights:

• Email: exewatch@bittime.it
• Contact Form: exewatch.com/ui/contact

---

ExeWatch is a service of bit Time Professionals s.r.l.