Privacy Policy

Last updated: April 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:
[Full name / Company name]
[Street and number]
[Postcode City]
Germany
Email: support@getravn.com

2. Data We Collect and How We Use It

2.1 Website Visits

When you visit our website, your browser automatically transmits information to our server. This information is temporarily stored in a server log file and includes:

• IP address of the requesting device
• Date and time of the request
• Name and URL of the requested file
• Referring website (referrer URL)
• Browser type and, where applicable, your device’s operating system

Processing is based on Art. 6(1)(f) GDPR. Our legitimate interest is the proper operation of the website and ensuring system security.

2.2 Account Registration

Using Ravn (app.getravn.com) requires registration. We collect:

• Email address
• Password (stored as a secure hash, never in plaintext)
• Project names and configurations

Processing is based on contract performance under Art. 6(1)(b) GDPR.

2.3 Error and Performance Data (Ingest API)

Users of the monitoring platform transmit error events and performance data from their own applications via the Ravn SDK or API. This data is processed to deliver the contracted service (Art. 6(1)(b) GDPR).

If this data contains personal information about third parties (e.g. end users of your application), you as the data controller are responsible for ensuring the appropriate legal basis.

2.4 Email Communication

If you contact us by email, we store your email address and the content of your message in order to process your request (Art. 6(1)(f) GDPR).

2.5 Alert Emails

If you enable email notifications for your projects, we use the email address you provided solely to send those project-related alerts (Art. 6(1)(b) GDPR).

3. Cookies and Local Storage

We use only technically necessary cookies and local storage entries:

• Authentication token: A JWT stored to maintain your dashboard session
• Theme preference: Your preferred color scheme (light/dark) is stored locally in your browser

We do not use tracking cookies or any third-party cookies for advertising purposes.

4. Sharing Data with Third Parties

We do not share your personal data with third parties unless required to fulfil the contract or you have given explicit consent. In operating our services we engage the following categories of processors:

• Cloud hosting provider (server infrastructure)
• Email delivery service (for notifications)
• AI services for automatic error analysis (pseudonymised data only)

All processors are contractually bound pursuant to Art. 28 GDPR.

5. Retention Periods

We retain personal data only for as long as necessary for the given purpose or as required by law. Accounts are deleted upon request. Error events and logs are retained for the duration of the contract and deleted within 30 days of contract termination.

6. Your Rights

Under the GDPR you have the following rights:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

To exercise your rights, contact us at: hello@getravn.com

You also have the right to lodge a complaint with a data protection supervisory authority.

7. Data Security

We implement technical and organisational measures to protect your data against loss, destruction, unauthorised access, alteration, and disclosure. API keys are stored server-side as hashed values. Passwords are hashed using bcrypt. All connections to our services are SSL/TLS encrypted.

8. Changes to This Policy

We reserve the right to update this Privacy Policy as needed. The current version is always available at getravn.com/datenschutz.html.