Last updated: June 29, 2026
This Privacy Policy explains how we handle personal data collected through the Apphold website at https://apphold.org and when you contact us or buy our services. It does not cover the self-hosted Apphold software you run on your own server: Apphold is monitoring software that you operate yourself, so when you self-host, you are the controller of all telemetry and monitoring data in your own installation, and none of that data is sent to us.
Who is responsible for your data
The data controller for this website is Alex Tselegidis, trading as Apphold (sole proprietor), based in Germany.
- Contact: info@apphold.org
Full statutory provider information is available in our Imprint.
The self-hosted software collects nothing centrally
Apphold is self-hosted, open source software. The telemetry, uptime checks, and monitoring data your installation gathers stay on the infrastructure you control. The software does not phone home, send your monitoring data to us, or transmit personal data to any central Apphold service. This policy therefore concerns only the data processed through this website and through the services we sell.
What we collect and why
| When | Data | Purpose | Legal basis (GDPR) |
|---|---|---|---|
| You visit the website | Standard server log data such as IP address, browser type, referring page, and timestamps | Operate and secure the website | Legitimate interests (Art. 6(1)(f)) |
| You allow analytics cookies | Usage data collected by Google Analytics (pages viewed, approximate location, device) | Understand traffic and improve the site | Consent (Art. 6(1)(a)) |
| You use the contact form | Name, email address, the services you select, and your message | Respond to your enquiry | Steps before a contract / legitimate interests (Art. 6(1)(b)/(f)) |
| You buy a service | Billing details and payment confirmation processed by Stripe; we receive order and invoice information, not full card numbers | Process your order, provide invoices, meet tax obligations | Contract / legal obligation (Art. 6(1)(b)/(c)) |
Cookies and consent
We use a small number of strictly necessary items (for example, to remember your cookie choice and theme) that do not require consent. We load Google Analytics only after you opt in through our cookie banner. You can change or withdraw your choice at any time using the "Cookies" link in the website footer. Declining analytics does not affect your ability to use the site.
- Strictly necessary cookies and storage. Used to keep the site working and to remember your preferences, such as your cookie consent choice and light or dark theme. These are always active because the site cannot function correctly without them, and they do not require your consent.
- Analytics cookies. Set by Google Analytics to measure how the site is used. These load only after you opt in through the cookie banner, and you can withdraw consent at any time using the "Cookies" link in the footer.
Spam protection
Our contact form uses Cloudflare Turnstile to detect automated abuse. Turnstile may process technical signals from your browser to confirm you are a human. This is necessary to protect our forms from spam (legitimate interests, Art. 6(1)(f)).
Service providers we share data with
We use the following processors to run the website and services. Each processes data only on our instructions and under appropriate safeguards:
- Stripe - payment processing and invoicing. See Stripe's Privacy Policy for how it handles payment data.
- Google Analytics (Google) - website usage analytics, loaded only with your consent.
- Cloudflare (Turnstile) - spam and abuse protection on our contact form.
- Our email and hosting providers - to deliver the website, send transactional emails, and store enquiry correspondence.
We do not sell your personal data, and we do not use it for third-party advertising.
International transfers
Some of these providers may process data outside your country, including in the United States. Where that happens, transfers are protected by appropriate safeguards such as the EU Standard Contractual Clauses or an adequacy decision.
How long we keep data
We keep enquiry correspondence for as long as needed to handle your request and a reasonable period afterwards. We keep order and invoice records for the statutory retention period, which in Germany is up to 10 years (Section 147 AO, Section 257 HGB). Analytics data is retained according to our Google Analytics configuration. We delete or anonymise data when it is no longer needed.
Data we process on your behalf (hosting and migration)
If you purchase Managed Hosting or Data Migration, we may process personal data contained in your monitoring data on your behalf. In that case you are the controller and we act as your processor. We process such data only to provide the service, and a data processing agreement is available on request at info@apphold.org.
Your rights
Subject to applicable law, you have the right to access your data, correct it, delete it, restrict or object to processing, receive it in a portable format, and withdraw consent at any time (without affecting processing already carried out). To exercise any of these rights, email info@apphold.org. You also have the right to lodge a complaint with a data protection authority in the EU member state where you live or work.
Security
We use reasonable technical and organisational measures to protect personal data, including encrypted connections (HTTPS) and trusted payment infrastructure. No method of transmission or storage is completely secure, but we work to protect your information and to limit access to it.
Changes to this policy
We may update this policy from time to time. The "Last updated" date above shows when it last changed. Significant changes will be highlighted on this page.
Contact
For any privacy question or request, contact us at info@apphold.org.