Legal
How we collect, use, and protect your information.
Last updated: April 1, 2026
When you use Stratl, we collect information you provide directly to us, such as your name, email address, company name, and payment information when you create an account or subscribe to our services.
We automatically collect certain technical information when you access our platform, including your IP address, browser type, operating system, and usage patterns within the application. This helps us improve our service and maintain security.
We also receive data from your connected AWS accounts as necessary to provide our monitoring and alerting services. This includes CloudTrail event data, resource metadata, and EventBridge rule configurations.
We use the information we collect to provide, maintain, and improve our services, including processing alerts, generating AI-powered insights, and delivering notifications through your configured channels.
Your data is used to personalize your experience, communicate with you about your account, respond to support requests, and send you technical notices and security alerts related to your infrastructure.
We may use aggregated, anonymized data for analytics purposes to improve our AI models and platform performance. Individual AWS account data is never shared between customers or used to train models on other customers' infrastructure.
All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. We store your data in SOC 2 Type II compliant data centers located in the United States.
We implement industry-standard security measures including network segmentation, intrusion detection, regular penetration testing, and access controls with multi-factor authentication for all internal systems.
Your AWS credentials are never stored directly. We use AWS STS temporary credentials via cross-account IAM roles with least-privilege permissions to access your infrastructure data.
We do not sell, trade, or rent your personal information to third parties. We may share information with trusted service providers who assist us in operating our platform, provided they agree to keep your information confidential.
We may disclose your information if required by law, regulation, or legal process, or if we believe disclosure is necessary to protect the rights, property, or safety of Stratl, our users, or the public.
We retain your account information for as long as your account is active or as needed to provide you services. Alert data is retained according to your subscription plan (7 days for Starter, 90 days for Pro, custom for Enterprise).
When you close your account, we delete your personal information and AWS data within 30 days, except where we are required by law to retain certain records.
You have the right to access, correct, or delete your personal information at any time through your account settings or by contacting our support team. You can also request a portable copy of your data in a machine-readable format.
If you are located in the European Economic Area, you have additional rights under the GDPR, including the right to restrict processing, object to processing, and lodge a complaint with a supervisory authority.
We use essential cookies to maintain your session and authentication state. We use analytics cookies to understand how users interact with our platform. You can control cookie preferences through your browser settings.
We do not use third-party advertising trackers. Our analytics are privacy-focused and do not create cross-site user profiles.
We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and sending a notification to your registered email address at least 30 days before the changes take effect.
If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@stratl.dev or through our contact page.