Privacy Policy

Effective date: January 16, 2026

MXGROUP ("we", "us") operates ChangeNotifier. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, your rights, and how to contact us.

What we collect

• Account data: email address, name, profile image (if you sign in with Google), password hash (when using email/password).
• Authentication tokens: OAuth credential or authorization code (Google) used to authenticate you.
• Monitors & monitoring data: URLs you monitor, selectors, snapshots, HTML/screenshot data, and change history.
• Usage data: IP address, user agent, device/browser type, timestamps, and activity logs.
• Payments & billing: Paddle customer and subscription IDs, billing transactions (no raw card data stored by us).
• Support & communications: emails you send us and automated emails we send via our email provider.
• Server logs & diagnostics: error logs and system events.

How we use your data

• Provide and operate the Service (account creation, login, monitors, results).
• Authenticate users and manage sessions.
• Process payments and manage subscriptions via Paddle.
• Send transactional and notification emails.
• Improve the Service and monitor performance and security.
• Investigate fraud, abuse, or violations of terms.

Third-party services & data sharing

We use third parties to provide the Service. Key providers include:

• Google — OAuth authentication and profile data.
• Paddle — payment processing and subscription management.
• AWS / S3 / CloudFront — storage and hosting of snapshots and static assets.
• Resend (or similar) — transactional email delivery.

We do not sell your personal data. We share data with service providers strictly to perform services on our behalf, and when required by law.

Data retention

Account and monitor data are retained while your account exists. Snapshots and logs are retained according to configured retention policies. Deleted accounts will be removed or anonymized per our retention schedule; some transactional records may be kept for legal reasons.

Security

We use industry-standard security measures (HTTPS/TLS, access controls, secure storage). Passwords are stored as salted hashes. Third-party services are configured according to best practices.

Your rights

• Access: request a copy of your personal data.
• Correction: ask to correct inaccurate data.
• Deletion: request account deletion; we will delete or anonymize personal data subject to retention requirements.
• Portability: request a machine-readable export of your data.

To exercise these rights contact support@changenotifier.com. We may verify your identity before fulfilling requests.

Cookies & local storage

We use cookies and local storage for session management, preferences, and security. You can control cookies via your browser settings.

Children

The Service is not directed to children under 13; we do not knowingly collect data from children.

International transfers

Data may be processed and stored in the United States and other countries. By using the Service you consent to transfer of data to countries with different laws.

Changes to this policy

We may modify this policy; we will post the new policy with an updated effective date and notify users for material changes.