Legal
Privacy Policy
This policy explains what personal data Janitor collects, how we use and protect it, and the rights you have over it under UK data protection law.
Last updated
Who we are
Janitor (“Janitor”, “we”, “us” or “our”) provides website monitoring and branded client reporting for agencies and freelancers. This policy explains what personal data we collect when you visit www.getjanitor.com, create an account or use our service, how we use it, and the rights you have over it.
For the personal data described in this policy, Janitor is the “controller” under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have any questions about this policy or how we handle your data, contact us at support@getjanitor.com.
The information we collect
We collect only the information we need to run the service and support you. This falls into a few groups.
Information you give us
- Account details: your name, email address, password (stored only as a secure hash) and, optionally, your agency or studio name.
- Billing details: your plan, billing address and tax details. Card payments are handled by our payment processor; we do not store full card numbers on our systems.
- The sites and clients you add: the website addresses you ask us to monitor, the client groups you create, and any branding you upload for reports, such as your logo, colours, agency name and footer text.
- Alert and report recipients: the email addresses, Slack channels or webhook endpoints you configure to receive alerts and reports.
- Communications: the content of messages you send us by email or through support.
Information we collect automatically
- Usage data: how you interact with the app, such as pages viewed, features used and actions taken, so we can keep the service working and improve it.
- Technical data: your IP address, browser type, device and operating system, and similar diagnostic information held in our logs.
- Cookies: small files used to keep you signed in and to understand usage, described in the cookies section below.
Information from the sites we monitor
When you ask Janitor to monitor a site, we collect technical information about that site, such as uptime, SSL and domain records, DNS records, security headers, SEO metadata and page weight. This is information published by, or about, the website itself. It is not intended to include personal data, and you should only add sites you are authorised to monitor.
How we use your information
We use your personal data to:
- provide, operate and maintain the service, including monitoring your sites and generating your reports;
- create and manage your account and authenticate you when you sign in;
- send the alerts, reports and service messages you have configured;
- take payment and manage your subscription, including trials and renewals;
- respond to your questions and provide support;
- understand how the service is used so we can fix problems and improve it;
- keep the service secure and prevent fraud and abuse; and
- comply with our legal and regulatory obligations.
We do not sell your personal data, and we do not use the content of the sites you monitor for any purpose other than providing the service to you.
Our lawful bases
Under UK GDPR we must have a lawful basis for using your personal data. The basis we rely on depends on the activity.
| What we do | Lawful basis |
|---|---|
| Provide the service and your account | Performance of our contract with you. |
| Take payment and manage billing | Performance of our contract, and compliance with a legal obligation for tax and accounting records. |
| Send service and security notices | Performance of our contract, and our legitimate interests in keeping you informed. |
| Improve and secure the service | Our legitimate interests in running a reliable, safe product, balanced against your rights. |
| Send marketing emails | Your consent, or our legitimate interests where permitted. You can opt out at any time. |
| Use non-essential cookies and analytics | Your consent. |
Where we rely on legitimate interests, you can ask us about the balancing we have carried out by contacting us.
Data about the sites and clients you monitor
Janitor is built for agencies, which means you may add sites and client details that relate to your own customers rather than to you. Where you use Janitor to process personal data about your clients or their site visitors, you are the controller of that data and Janitor acts as your processor, handling it only on your instructions to deliver the service.
You are responsible for having the right to add each site and for the lawful basis for any client information you enter, such as report recipients. We will process that data in line with our agreement with you, keep it secure, and return or delete it when your account ends, as described in the retention section.
Cookies and analytics
We use a small number of cookies and similar technologies:
- Essential cookies keep you signed in and keep the service secure. The service will not work properly without them, so they do not require consent.
- Analytics cookies help us understand how the site and app are used so we can improve them. We set these only where you have given consent.
You can manage or refuse non-essential cookies through the cookie controls when they are shown, and you can clear cookies in your browser settings at any time. Refusing non-essential cookies will not stop you using the core service.
When we share your information
We share personal data only where it is necessary to run the service, and always under appropriate safeguards. We may share it with:
- Service providers who process data on our behalf, such as our hosting, infrastructure, email delivery, error monitoring and payment providers. They act only on our instructions and are bound by contract to protect your data.
- The recipients you choose: when you send a report or route an alert, we deliver it to the email addresses, Slack workspaces or webhook endpoints you have set up.
- Professional advisers and authorities where we are required to by law, or to establish, exercise or defend legal claims.
- A buyer or successor if Janitor is involved in a merger, acquisition or sale of assets, in which case we will tell you before your data becomes subject to a different policy.
We do not sell your personal data or share it for others to use for their own marketing.
International data transfers
Some of our service providers may store or process data outside the United Kingdom. Where we transfer personal data abroad, we make sure it is protected by an adequacy decision, by the UK International Data Transfer Agreement or the addendum to the EU Standard Contractual Clauses, or by another safeguard permitted under UK GDPR. You can ask us for more detail about the safeguards in place.
How long we keep your information
We keep personal data only for as long as we need it for the purposes set out in this policy:
- Account and site data for as long as your account is active. When you close your account, we delete or anonymise it within a reasonable period, unless we need to keep some of it for the reasons below.
- Billing records for as long as required by tax and accounting law, which is normally six years.
- Logs and diagnostic data for a limited period, after which they are deleted or aggregated.
You can ask us to delete your data sooner, and we will do so where we are not required to keep it.
How we protect your information
We take the security of your data seriously and use appropriate technical and organisational measures to protect it, including encryption in transit, access controls, hashed passwords and regular review of our systems. No method of transmission or storage is completely secure, but we work to protect your data and to respond quickly if something goes wrong. If a breach affects your rights, we will notify you and the Information Commissioner’s Office where the law requires it.
Your rights
Under UK GDPR you have the right to:
- Be informed about how we use your data, which is the purpose of this policy.
- Access a copy of the personal data we hold about you.
- Rectification of inaccurate or incomplete data.
- Erasure of your data where we no longer have a reason to keep it.
- Restrict our processing in certain circumstances.
- Data portability, to receive your data in a portable format or have it sent to another provider.
- Object to processing based on our legitimate interests, and to direct marketing at any time.
- Withdraw consent at any time where we rely on it, without affecting earlier processing.
To exercise any of these rights, contact us at support@getjanitor.com. We will respond within one month. There is normally no charge, and we may need to verify your identity first.
Children’s privacy
Janitor is a business tool and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
Changes to this policy
We may update this policy from time to time to reflect changes to our service or to the law. When we do, we will revise the “last updated” date at the top of this page, and for significant changes we will give you reasonable notice, such as by email or a notice in the app. Please check back occasionally to stay informed.
Contact us and complaints
If you have any questions about this policy, or you want to exercise your rights, please get in touch.
Janitor
Email: support@getjanitor.com
You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection, at ico.org.uk. We would, though, appreciate the chance to address your concerns first.
This policy is governed by the laws of England and Wales.