F FreeTier Sentinel

Privacy Policy

Last updated: May 4, 2026

FreeTier Sentinel (operated by 강주원, contact wndnjs3865@gmail.com) is a free-tier usage monitoring service. This policy explains what data we collect, why, and how to control it.

What we collect

• Email address — for sign-in (magic link / 6-digit code) and to send usage alerts.
• API tokens you connect — read-only tokens for the SaaS services you choose to monitor (e.g. Cloudflare, GitHub Actions). Stored AES-256-GCM encrypted in Cloudflare D1; the master encryption key lives in Workers Secrets, separate from the database.
• Usage data — the percentages we fetch from the SaaS APIs you connected, plus alert history (when threshold was crossed).
• Payment data (Pro tier only) — handled entirely by Stripe. We never see your card. We store only your Stripe customer ID and subscription status.
• Operational logs — Cloudflare Workers automatically logs request metadata (IP, timestamp, status). Used for debugging and abuse prevention. Retained per Cloudflare's policy.

What we don't collect

• No third-party analytics, advertising trackers, or session recording.
• No tokens with write/provisioning/billing scopes — we explicitly require read-only/usage-scope tokens.
• No payment card details — Stripe handles all payment processing.

Where data lives

Cloudflare Workers, D1 (SQLite at edge), and KV. Cloudflare's data centers are globally distributed. Stripe handles payment data per its own privacy policy. Resend handles transactional email delivery on our behalf.

Retention

• Account data (email, services, alerts): retained until account deletion.
• Usage history: 7 days (Free) / 30 days (Pro), then automatically purged.
• Magic-link tokens: 15 minutes max, then deleted.
• Sessions: 30 days, then expire.

Your rights (GDPR / similar regimes)

If you reside in the EU, UK, California, or any jurisdiction granting equivalent rights, you have:

• Access — request a copy of all data we hold on you.
• Deletion — request full account + data deletion.
• Correction — fix incorrect data (e.g. update email).
• Portability — receive your data in a machine-readable format.
• Withdraw consent — at any time, by deleting your account.

To exercise any of these rights, email wndnjs3865@gmail.com. We respond within 30 days.

Subprocessors

• Cloudflare — hosting, edge compute, database, KV. Privacy policy.
• Stripe — payment processing for Pro tier. Privacy policy.
• Resend — transactional email delivery. Privacy policy.
• GitHub — source code hosting only. No user data sent to GitHub.

Cookies

We set one cookie: a session cookie (fts_session) after sign-in, expiring after 30 days. No tracking or advertising cookies.

Children

This service is not directed at children under 16. Do not sign up if you're under 16.

Changes

If we materially change this policy, we'll email registered users at least 14 days before the change takes effect. The "Last updated" date at the top reflects the most recent revision.

Contact

Questions? Email wndnjs3865@gmail.com.

← Back to home