Hookbase
LoginGet Started

Privacy Policy

Last updated: January 10, 2025

1. Introduction

Hookbase ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our webhook relay service.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name, and password (stored securely using industry-standard hashing). If you use OAuth providers (Google, GitHub), we receive basic profile information from those services.

Webhook Data

We process webhook payloads that you send through our service. This data is stored temporarily according to your plan's retention period (3-90 days) and is encrypted at rest. We do not analyze, sell, or share the content of your webhook payloads.

Usage Data

We collect information about how you use our service, including API requests, feature usage, and performance metrics. This helps us improve the service and diagnose issues.

Device and Browser Information

We automatically collect certain information when you access our service, including IP address, browser type, operating system, and device identifiers.

3. How We Use Your Information

  • To provide and maintain our webhook relay service
  • To process your webhook deliveries and retries
  • To send you service-related notifications
  • To respond to your support requests
  • To improve and optimize our service
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

4. Data Retention

Webhook payloads are retained according to your plan's retention period:

  • Free plan: 3 days
  • Starter plan: 7 days
  • Pro plan: 30 days
  • Business plan: 90 days

After the retention period, webhook data is permanently deleted. Account information is retained until you delete your account.

5. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS 1.3
  • Webhook payloads are encrypted at rest
  • Passwords are hashed using secure algorithms
  • API keys are stored using one-way hashing
  • We use Cloudflare's global edge network for DDoS protection

6. Third-Party Services

We use the following third-party services:

  • Cloudflare - Infrastructure, CDN, and security
  • Stripe - Payment processing
  • PostHog - Product analytics

7. Your Rights

Depending on your location, you may have the following rights:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Export your data
  • Object to data processing
  • Withdraw consent

To exercise these rights, contact us at [email protected].

8. Cookies

We use essential cookies for authentication and session management. We also use analytics cookies (PostHog) to understand how users interact with our service. You can disable non-essential cookies in your browser settings.

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at [email protected].