RUA•Watcher privacy policy

1. Introduction ​

RUA•Watcher respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, create an account, or use our email authentication and deliverability monitoring services.

2. Who we are ​

RUA•Watcher is operated by Akovana, UAB (registered number #302859437), a company registered in Lithuania, with its registered address Didzioji Street 18, Vilnius, Lithuania. References to "Akovana," "RUA•Watcher," "we," "us," or "our" refer to the entity responsible for processing your data.

For privacy-related inquiries, please contact us at: privacy@ruawatcher.com

3. Scope of this policy ​

This Privacy Policy applies to:

• Our website and all related subpages
• Our dashboard and monitoring features
• Customer support and service communications
• Any other interaction where this Privacy Policy is linked or referenced

4. Personal data we collect ​

We collect information that you provide directly to us, as well as data automatically generated during your use of the service.

4.1 Account and billing information ​

When you create an account, we may collect:

• Your full name or display name
• Your email address
• Account credentials and authentication metadata
• Billing details required for paid subscriptions (e.g., organization name, billing address, and tax information)

Note: We do not store full payment card numbers. All payments are processed by secure third-party payment providers operating under their own privacy policies.

4.2 Service monitoring and diagnostic data ​

To provide our monitoring services, we process the following data:

• Domain names and their configuration status
• Email authentication signals (SPF, DKIM, DMARC) derived from industry-standard reports
• Aggregate report data, including sending IP addresses and result codes
• DNS record snapshots and historical changes for monitored domains

4.3 DMARC failure reports (forensic data) ​

DMARC failure reports (RUF) may contain personal data such as email addresses, subject lines, or snippets of message content.

Privacy control: This feature is strictly optional and disabled by default. We only process this data if you explicitly enable failure reporting. By enabling it, you acknowledge that these reports may contain sensitive information.

4.4 Communications and support ​

If you contact us, we may retain:

• The content of your communications (support tickets, emails, messages)
• Related metadata to help resolve your inquiry
• Notification preferences and alert history to ensure reliable service delivery

4.5 Technical and usage data ​

When you interact with our platform, we automatically collect:

• IP addresses and device identifiers
• Browser type, operating system, and user agent strings
• Timestamps and event logs for security, troubleshooting, and service optimization

5. How we use your data ​

We process your personal data for the following purposes:

• Service provision: To create and manage your account and provide monitoring features.
• Security & safety: To prevent abuse, detect fraud, and ensure the integrity of our platform.
• Customer support: To respond to your requests and troubleshoot issues.
• Billing & payments: To manage subscriptions and invoices via our payment processors.
• Product improvement: To analyze performance and enhance the quality of our services.
• Compliance: To fulfill legal, tax, and regulatory obligations.

6. Legal bases for processing ​

We rely on the following legal frameworks to process your data:

• Contractual necessity: Data required to fulfill our service agreement with you.
• Legitimate interests: Processing necessary for security and service improvements that do not outweigh your privacy rights.
• Legal compliance: Processing required by law (e.g., tax and accounting).
• Consent: Processing based on your explicit choice (e.g., enabling optional features).

7. Data sharing and disclosure ​

We do not sell your personal data. We only share information with third parties when necessary to provide our services.

7.1 Service providers ​

We engage trusted vendors for specific functions:

• Payment processors: For secure billing and subscription management.
• Cloud infrastructure: For secure hosting and data storage.
• Email services: For sending transactional alerts and system notifications.
• Error tracking: To help us identify and fix technical issues.

All vendors are contractually obligated to protect your data and use it only for the purposes we specify.

7.2 Legal and regulatory disclosures ​

We may disclose information if required by law, valid legal process, or to protect the safety and rights of our users and the public.

8. Cookies and tracking technologies ​

RUA•Watcher is built with a "privacy-first" approach. We use only essential cookies necessary for:

• Keeping you securely signed in
• Protecting against security threats
• Remembering your basic interface preferences

We do not use tracking cookies for cross-site advertising or behavioral profiling.

9. Data retention ​

We retain your personal data only as long as necessary:

• Account data: Kept while your account is active, plus a reasonable period for security and audit purposes.
• Monitoring data: Retention periods vary based on your subscription plan and settings.
• Financial records: Retained as required by applicable tax and accounting laws.

Data in backups is automatically overwritten during our standard rotation cycles.

10. Data security ​

We employ robust technical and organizational measures to protect your data from unauthorized access, loss, or alteration. While no system is 100% secure, we continuously monitor our platform and follow industry best practices to mitigate risks.

11. International data transfers ​

As a global service, your data may be processed in jurisdictions other than your own. We ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to protect your data during cross-border transfers.

12. Your privacy rights ​

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete information
• Request the deletion of your data
• Restrict or object to certain processing activities
• Receive your data in a portable format
• Withdraw consent at any time

To exercise these rights, please contact us at privacy@ruawatcher.com.

12.1 California-Specific Rights (CCPA/CPRA) ​

If you are a California resident, you have the right to request disclosure of the categories of personal information we collect and the right to opt-out of the "sale" or "sharing" of your information (though we do not sell your data). We do not discriminate against users who exercise these rights.

13. Children's privacy ​

RUA•Watcher is not intended for use by individuals under the age of 13. We do not knowingly collect data from children. If you believe we have inadvertently collected such data, please contact us immediately.

14. Changes to this policy ​

We may update this Privacy Policy periodically. Significant changes will be communicated via our website or through direct service notifications.

15. Contact us ​

For questions or concerns regarding your privacy, please reach out to us:

Email: privacy@ruawatcher.com