Legal
Privacy Policy
This Privacy Policy explains how we process personal data when you use LoggerMan (the “Service”).
Last updated: 2026-06-03
1. Who we are
The Service is operated by Swiss Web Development Kiefer (https://swisswebdev.ch) (“we”, “us”, “our”). Provider details are in our Imprint.
Data protection inquiries: marvin.kiefer@swisswebdev.ch.
2. Scope and roles
This policy applies to visitors of https://loggerman.dev, account holders, project members you invite, and anyone who sends data to the Service (including via the logging API or integrations). It does not cover third-party websites linked from our pages.
For log payloads and application metadata you submit, you are typically the data controller (or equivalent) for that content; we act as a processor hosting and processing it on your instructions to provide the Service. This policy also describes data for which we are controller (e.g. your account, billing, and security logs).
3. Personal data we process
Account and identity
- Email address, name, and authentication identifiers when you sign in (via Clerk).
- Profile and organization data you choose to provide through Clerk.
- Project membership: which users belong to which projects and their roles (owner or member).
Billing and subscriptions
- Subscription tier, status, billing interval, and usage counters (e.g. monthly ingest volume for hybrid pricing).
- Stripe customer and subscription identifiers; payment method and invoice data are processed by Stripe — we do not store full payment card numbers on our systems.
Service data you provide
- Project names, API tokens (stored in hashed or protected form), alert rules, integration settings, IP allowlists, and related configuration.
- Log data you or your applications submit: messages, severity/type, status, optional metadata, timestamps, and source fields. You control what is sent; do not submit passwords, payment card numbers, or other special-category data unless you have a valid legal basis and appropriate safeguards.
- Optional annotations, audit events, and outgoing integration deliveries triggered by your configuration.
Technical and security data
- IP addresses and request metadata processed transiently for ingest security, rate limiting, abuse prevention, and optional IP restrictions you configure.
- Browser/device data and cookies or local storage needed to operate the dashboard (see our Cookie Policy).
- Webhook processing records (e.g. idempotent billing events from Stripe) for reliability, not for marketing.
4. Purposes and legal bases (EEA/UK)
Where the GDPR applies, we rely on:
- Contract — to provide the Service, including authentication, log storage, team features, and paid plans you subscribe to.
- Legitimate interests — to secure, maintain, and improve the Service, prevent abuse, enforce plan limits, meter usage, and support users (balanced against your rights).
- Legal obligation — where we must comply with law (e.g. tax or accounting records via Stripe).
- Consent — where required (e.g. non-essential cookies, if enabled later).
5. Processors and third parties
We use trusted providers to run the Service, including:
- Clerk — Authentication, session management, and account profile data.
- Convex — Database, real-time sync, and backend processing for projects, logs, billing usage, and settings.
- Stripe — Subscription checkout, payment processing, invoicing, and customer billing portal (we do not store full card numbers).
- Vercel — Hosting of the website, dashboard, and HTTP API routes (including log ingest endpoints).
Their processing is governed by their own terms and privacy notices. We do not sell your personal data. If you connect outbound integrations (e.g. webhooks), data you configure to send leaves our systems to those destinations under your control.
6. Retention and deletion
Account data is kept while your account is active and as needed afterward for legal, tax, or security purposes. Log retention depends on your subscription tier (see pricing and Terms of Service). You may delete logs or projects from the dashboard where your role permits.
When a paid subscription ends or is canceled, we may remove subscription entitlements and, after any grace period described in the Terms, delete or anonymize associated project data as described there (including logs, tokens, and related settings). Resolving a plan downgrade when you exceed project limits may require you to select which projects to keep; unselected projects may be permanently deleted.
To request account deletion, contact marvin.kiefer@swisswebdev.ch. We will verify your identity and respond within a reasonable time.
7. International transfers
Data may be processed in countries outside your own (including the United States, where several of our processors operate). Where required, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms offered by our processors.
8. Security
We apply technical and organizational measures including HTTPS, authenticated dashboard access, API tokens, rate limiting, payload size limits, and role-based project access. No method of transmission or storage is 100% secure. See our security overview and responsible disclosure policy.
9. Your rights
Depending on your location, you may have rights to access, correct, delete, restrict, object, portability, and withdraw consent. California residents may have rights under the CCPA/CPRA (know, delete, correct, opt out of sale/share — we do not sell personal information).
To exercise rights, email marvin.kiefer@swisswebdev.ch. We may verify your request. You may lodge a complaint with your local supervisory authority (in Switzerland: the FDPIC).
10. Children
The Service is not directed at children under 13 (or 16 in some EU countries). We do not knowingly collect children’s data. Contact us if you believe we have.
11. Changes
We may update this policy. Material changes will be posted on this page with an updated “Last updated” date. Continued use after the effective date constitutes notice of the update where permitted by law.