GetHook
Sign inGet started free

Legal

Privacy Policy

Last updated: March 2025

1. Overview

GetHook ("we", "us", "our") operates a Webhook Reliability Gateway. This Privacy Policy explains what data we collect, how we use it, and what rights you have over it. By using GetHook you agree to the practices described here.

2. Data We Collect

  • Account data — name and email address provided at sign-up.
  • Webhook payloads — request headers, body, and metadata for events you send through or receive via GetHook. Payloads are stored to enable delivery, retry, and replay.
  • Usage data — API call counts, delivery attempt outcomes, and error rates used to operate the service and generate your dashboard stats.
  • Technical data — IP addresses, user-agent strings, and request timestamps captured in server logs for security and debugging purposes.

3. How We Use Your Data

  • To authenticate your account and authorise API access.
  • To deliver, retry, and replay webhook events on your behalf.
  • To provide dashboard analytics and event logs.
  • To detect abuse, fraud, and security threats.
  • To send transactional emails (delivery failures, team invitations).
  • To improve and maintain the service.

4. Data Retention

Webhook event payloads and delivery attempt records are retained for 30 days on the Free plan and 90 days on Pro. Enterprise customers may negotiate custom retention windows. Account data is retained for the lifetime of the account and deleted within 30 days of account deletion.

5. Data Sharing

We do not sell your data. We share data only with:

  • Infrastructure providers — cloud hosting, database, and CDN vendors who process data on our behalf under data processing agreements.
  • Your designated destinations — webhook payloads are forwarded to the URLs you configure. You are responsible for the privacy practices of those endpoints.
  • Law enforcement — when required by applicable law or a valid legal order.

6. Security

API keys are stored as SHA-256 hashes and never logged in plaintext. Signing secrets and sensitive configuration are encrypted at rest using AES-256-GCM. Connections to GetHook are encrypted in transit via TLS 1.2+. See our Security page for more detail.

7. Your Rights

Depending on your jurisdiction you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email us at privacy@gethook.to. We will respond within 30 days.

8. Cookies

The dashboard uses a single session cookie for authentication. We do not use third-party tracking cookies or advertising pixels.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a notice in the dashboard at least 14 days before they take effect.

10. Contact

Questions or concerns? privacy@gethook.to