Mihari

Privacy Policy

Last updated: March 1, 2026

1. Information We Collect

We collect information to provide and improve the Mihari platform. The types of information we collect include:

  • Account Information - Your name, email address, organization name, and billing details when you create an account or subscribe to a plan.
  • Usage Data - Information about how you interact with the Service, including pages visited, features used, and actions taken within the platform.
  • Monitoring Data - Data generated by your configured monitors, such as response times, status codes, and uptime metrics for the endpoints you choose to monitor.
  • Telemetry Data - Logs, metrics, and traces that you send to Mihari through our collectors and integrations.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To operate, maintain, and provide the features and functionality of the Service
  • To process transactions and send related billing information
  • To communicate with you about your account, updates, and support requests
  • To send product announcements, feature updates, and marketing communications (with your consent)
  • To analyze usage patterns and improve the Service
  • To detect, prevent, and address security issues and abuse

3. Data Storage and Security

We take the security of your data seriously. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Our infrastructure is hosted in EU data centers, and we maintain SOC 2 Type II compliance to ensure the highest standards of data protection.

We implement industry-standard security measures including regular penetration testing, access controls, audit logging, and continuous monitoring of our systems. While no method of transmission or storage is completely secure, we are committed to protecting your data using commercially reasonable means.

4. Data Sharing

We do not sell your personal data. We may share your information with the following categories of third parties:

  • Sub-processors - Service providers who assist us in operating the platform, such as cloud hosting providers, payment processors, and email delivery services.
  • Legal Requirements - When required by law, regulation, or legal process, or to protect the rights, property, or safety of Mihari, our users, or the public.
  • Business Transfers - In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.

5. Your Rights

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access - You can request a copy of the personal data we hold about you.
  • Right to Rectification - You can request that we correct any inaccurate or incomplete personal data.
  • Right to Deletion - You can request that we delete your personal data, subject to certain legal obligations.
  • Right to Data Portability - You can request a machine-readable copy of your personal data to transfer to another service.
  • Right to Object - You can object to the processing of your personal data for certain purposes, including direct marketing.
  • Right to Restrict Processing - You can request that we limit the processing of your personal data under certain circumstances.

To exercise any of these rights, please contact us at privacy@mihari.io. We will respond to your request within 30 days.

6. Cookies

We use cookies and similar technologies to operate the Service and improve your experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

7. Data Retention

We retain your data for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specific retention periods include:

  • Account Data - Retained for the duration of your account and up to 30 days after deletion.
  • Monitoring Data - Retained according to your subscription plan (7 to 90 days).
  • Telemetry Data - Retained according to your subscription plan (7 to 90 days).
  • Billing Records - Retained for up to 7 years to comply with tax and accounting regulations.
  • Usage Logs - Retained for up to 90 days for security and troubleshooting purposes.

8. International Data Transfers

Your data is primarily stored and processed in the European Union. In cases where data must be transferred outside the EU, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and compliance with relevant data transfer frameworks. We regularly assess our sub-processors to ensure they meet equivalent data protection standards.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will also notify you via email. We encourage you to review this policy periodically.

10. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@mihari.io.