Privacy Policy
Effective date: February 19, 2026 · Last updated: February 20, 2026
1. Introduction
Statux (“we,” “our,” or “us”) operates the Statux platform, which includes Statux Pages, Statux Alerts, and Statux Synthetics (collectively, the “Service”). This Privacy Policy describes how we collect, use, store, and share information when you use our Service, visit our websites, or interact with our integrations.
By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Account Information
When you create a Statux account, we collect your name, email address, and authentication credentials. Authentication is handled through AWS Cognito; we do not store passwords directly.
2.2 Organization & Subscription Data
We store organization names, membership roles, team assignments, and subscription details to manage access and billing for your account.
2.3 Service Data
Depending on which products you use, we collect and store:
- Statux Pages: Status page configurations, components, incidents, subscriber email addresses, and incident update history.
- Statux Alerts: Alert definitions, alert events, escalation policies, on-call schedules, notification preferences, and incident records.
- Statux Synthetics: Check configurations (URLs, endpoints), check results, and relay agent metadata.
2.4 Usage & Analytics Data
We collect anonymized usage analytics to improve the Service, including page views, feature usage, and error reports. We do not use third-party advertising trackers. Our analytics are privacy-respecting and do not track individual users across websites.
2.5 Third-Party Integration Data
When you connect third-party services (such as Slack, Microsoft Teams, or Discord), we collect and store the data necessary to maintain those integrations. See Section 5 for details on each integration.
3. How We Use Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Send alert notifications via email, push notifications, and connected integrations
- Manage your account, organization membership, and subscriptions
- Respond to your support requests
- Detect and prevent fraud, abuse, or security issues
- Comply with legal obligations
We do not sell your personal information to third parties. We do not use your data to train machine learning models. We do not display third-party advertisements.
4. Data Sharing
We share information only in the following circumstances:
- Service providers: We use AWS for infrastructure hosting, email delivery (SES), and authentication (Cognito). These providers process data on our behalf under contractual obligations.
- Connected integrations: When you connect Slack, Microsoft Teams, or Discord, alert notification content (such as alert titles, severity, and status) is sent to those platforms. You control which events trigger notifications.
- Legal requirements: We may disclose information if required by law, court order, or government regulation.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you of any such change.
5. Third-Party Integrations
5.1 Slack Integration
When you install the Statux Alerts Slack app, we collect and store the following data from Slack:
- Workspace information: Slack workspace ID and workspace name
- Channel information: The ID and name of the channel you select for notifications
- Bot access token: An OAuth access token used to post messages to your selected channel. This token is encrypted at rest using AES-256.
- Bot user ID: The Slack user ID assigned to the Statux bot in your workspace
- User linking (optional): If you link your Slack account to your Statux account, we store your Slack user ID alongside your Statux user record. This enables us to attribute actions taken in Slack (such as acknowledging an alert) to your Statux account.
What we send to Slack: When alert events occur, we send notification messages to your configured Slack channel. These messages contain alert titles, severity levels, status, service names, and action buttons. We also update existing messages and post thread replies to maintain alert history.
What we do not do: We do not read messages from your Slack workspace. We do not access message history. We do not access files, channels, or direct messages beyond the configured notification channel. We do not share your Slack data with any third party other than Slack itself (to deliver messages).
Removal: You can disconnect the Slack integration at any time from the Statux Alerts dashboard. When you disconnect, we delete the stored access token, workspace information, and channel configuration. If you have linked your Slack account, you can unlink it independently from the Settings page.
5.2 Microsoft Teams Integration
Statux Alerts supports two methods of connecting to Microsoft Teams: webhook-based and bot-based. The data we collect depends on which method your organization uses.
Webhook mode
When you connect Microsoft Teams via an incoming webhook, we store the webhook URL you provide. We use this URL to deliver alert notification cards to your configured Teams channel. We do not access your Teams workspace, read messages, or store any Teams user data. You can disconnect the integration at any time, which deletes the stored webhook URL.
Bot mode (Statux Bot)
When you install the Statux Bot into a Microsoft Teams channel, we collect and store the following data from Teams:
- Tenant information: Your Microsoft Teams tenant ID, used to identify your organization’s Teams environment.
- Channel information: The conversation ID and Bot Framework service URL of the channel where the bot is installed, used to deliver messages.
- Bot installation status: Whether the Statux Bot is currently installed in your channel.
- User linking (optional): If you interact with the bot (for example, by clicking an action button on an alert card), we may store your Teams user ID and display name alongside your Statux user record. This enables us to attribute actions taken in Teams (such as acknowledging or resolving an alert) to your Statux account.
What the bot does: When alert events occur, the Statux Bot sends interactive Adaptive Card messages to your configured Teams channel. These cards contain alert titles, severity levels, status, service names, and action buttons (Acknowledge, Resolve, Snooze, Reassign). When an alert’s status changes, the bot updates the existing card in-place and posts a threaded reply summarizing the event. This maintains a complete history of each alert within Teams.
What we do not do: We do not read messages from your Teams workspace. We do not access message history, files, channels, or direct messages beyond the specific channel where the bot is installed. We do not share your Teams data with any third party other than Microsoft (to deliver messages via the Bot Framework). The bot authenticates using OAuth 2.0 tokens issued by Microsoft’s identity platform; we validate all incoming requests to prevent unauthorized access.
Removal: You can disconnect the Teams integration at any time from the Statux Alerts dashboard or by removing the Statux Bot from your Teams channel. When you disconnect, we delete the stored tenant ID, conversation ID, service URL, and bot installation state. If you have linked your Teams account, you can unlink it independently from the Settings page, which removes the stored Teams user ID and display name from your Statux account.
5.3 Discord Integration
When you connect Discord, we store a webhook URL you provide. We use this webhook to deliver alert notification messages to your configured Discord channel. We do not access your Discord server, read messages, or store any Discord user data. You can disconnect the integration at any time, which deletes the stored webhook URL.
6. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. Specifically:
- Account data: Retained while your account is active. Deleted within 30 days of account closure upon request.
- Alert and incident data: Retained while your organization subscription is active. Historical data is available for reporting and postmortem analysis.
- Integration tokens: Encrypted at rest and deleted immediately when you disconnect an integration.
- Analytics data: Anonymized analytics are retained indefinitely. No personally identifiable information is included.
7. Data Security
We implement industry-standard security measures to protect your data:
- Encryption in transit: All communication uses TLS 1.2 or greater.
- Encryption at rest: Database storage is encrypted. Sensitive fields such as integration access tokens use additional AES-256 encryption.
- Infrastructure: Hosted on Amazon Web Services (AWS) with a multi-VPC architecture isolating access, application, and database tiers.
- Authentication: Managed through AWS Cognito with secure token handling. We do not store user passwords.
- Access controls: Role-based access control limits data visibility to authorized organization members.
8. Your Rights
You have the following rights regarding your personal data:
- Access: You can request a copy of the personal data we hold about you.
- Correction: You can update your profile information at any time through the Service.
- Deletion: You can request deletion of your personal data. We will process deletion requests within 30 days.
- Portability: You can request an export of your data in a machine-readable format.
- Withdrawal of consent: You can disconnect integrations or close your account at any time.
To exercise any of these rights, contact us at privacy@statux.io. We will respond within 30 days.
9. Cookies
We use essential cookies to maintain your authenticated session and preferences (such as dark mode). We do not use third-party tracking cookies or advertising cookies.
10. Children’s Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and notify you via email or through the Service.
12. Contact Us
If you have questions about this Privacy Policy or how we handle your data, contact us at:
- Email: privacy@statux.io
- Support: statux.io/support