Privacy Policy

1. Information We Collect

Account data: When you sign up, we collect your email address and name via our authentication provider (Clerk).

Device data: HeatAlert devices send temperature, humidity, and heat index readings to our servers every 60 seconds. Each reading is associated with the unit and account it belongs to.

Location data: If you set a location for a unit, we store the street address and GPS coordinates you provide. This is used for the dashboard map and weather forecasting.

Payment data: Payment processing is handled entirely by Stripe. We do not store credit card numbers. We store a Stripe customer ID and subscription status to manage your plan.

2. How We Use Your Information

We use your data to: operate the HeatAlert dashboard, send alert emails and SMS when configured, generate weather forecasts for your unit locations, produce OSHA compliance reports, and process subscription payments.

3. Data Retention

Sensor readings are retained according to your plan: 30 days (Free), 1 year (Pro), or indefinitely (Enterprise). You can export your data as CSV at any time from the History page. Deleting a unit permanently removes all its readings.

4. Third-Party Services

We use: Clerk (authentication), Stripe (payments), SendGrid (email), Open-Meteo (weather forecasts), and OpenStreetMap / Nominatim (maps and geocoding). Each service has its own privacy policy. We do not sell your data to any third party.

5. Security

All data is transmitted over HTTPS. Database connections use encrypted channels. Authentication is handled by Clerk with industry-standard session management. Device API keys are generated using cryptographically secure random bytes.

6. Contact

For privacy questions, contact us at privacy@heatalert.com.