Privacy Policy

Last Updated: March 3, 2026

1. Overview

CheckWatch respects your privacy. This policy explains how we handle your data when you use the CheckWatch iOS application and our notification relay service. Our guiding principle is to collect the absolute minimum amount of data necessary to deliver critical notifications.

2. Data We Collect

We do not collect personal usage data, analytics, or user profiles. We only process data required for technical functionality:

  • Device Token: A unique identifier generated by Apple (APNs) allows us to send push notifications to your specific device.
  • License Key: Used to validate your subscription or access rights to the relay service. This is stored securely in your device's Keychain and verified against our database.
  • Subscription Status Metadata: We store limited subscription identifiers and status fields (for example, transaction identifiers and expiration state) received from Apple App Store notifications so we can validate entitlement, support account recovery, and prevent abuse. Apple manages billing and payment instruments; we do not collect your payment card data.
  • Notification Metadata: In the process of delivering a notification, transient data (hostname, service state, check output) passes through our relay. We do not persist this content; it is ephemeral and survives only as long as it takes to forward to Apple's Push Notification Service.

3. How We Use Your Data

Data is used exclusively for:

  • Service Delivery: Routing notifications from your CheckMK instance to your iOS device.
  • Fraud Prevention: Validating license keys to prevent abuse of the relay service.
  • Subscription Entitlement: Processing App Store Server Notifications and subscription status updates to keep push notification access in sync with your Apple subscription state.

4. Data Storage and Retention

On Device: Your CheckMK credentials and host addresses are stored locally on your device or in your iCloud Keychain. We never have access to your CheckMK server credentials.

Server-Side: We store your License Key and Device Token mapping in a secure Firestore database hosted by Google Cloud. This mapping is retained until you delete the app or request deletion.

For subscription support and compliance, we also retain limited App Store subscription status records for as long as needed to provide service access, resolve billing-related support questions, and meet legal accounting obligations. We delete or anonymize these records when retention is no longer required.

5. Third-Party Processors

  • Apple (APNs and App Store): For push delivery and subscription events via App Store Server Notifications.
  • Google Cloud Platform: For hosting the secure relay infrastructure and database.

6. GDPR and Your Rights

If you are in the EU, you have the right to access, rectify, or erase your data. Since we do not collect personal profiles (name, email, etc.), we identify your data solely by your Device Token or License Key.

To exercise your rights, please contact support with your License Key.

7. Contact Us

For any privacy concerns or data deletion requests, please contact us at: support@checkwatch.nl