← Back to home

Privacy Policy

Last updated: March 2026

1. Introduction

WatchDiff ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data in compliance with the Brazilian General Data Protection Law (LGPD - Lei Geral de Proteção de Dados, Law No. 13.709/2018).

2. Data We Collect

We collect the following data:

  • Account data: Email address (required for registration and login)
  • Monitor data: URLs you choose to monitor, CSS selectors, check frequency preferences
  • Snapshot data: Content captured from monitored webpages (used for change detection)
  • Usage data: Login timestamps, feature usage patterns
  • Payment data: Subscription status and billing information (processed by Stripe; we do not store credit card numbers)

3. How We Use Your Data

  • Service delivery: Monitor webpages, detect changes, and send email alerts
  • Account management: Authentication, subscription management, support
  • Service improvement: Understanding usage patterns to improve features
  • Communication: Service-related emails (alerts, account notifications)

4. Third-Party Services

We use the following third-party services that may process your data:

  • Supabase: Database hosting, authentication, and data storage (servers in the US)
  • Resend: Transactional email delivery for alerts and notifications
  • Stripe: Payment processing for Pro subscriptions
  • Vercel: Application hosting and content delivery

Each third-party service has its own privacy policy governing data handling.

5. Data Storage and Security

Your data is stored in Supabase-managed PostgreSQL databases with Row Level Security (RLS) enabled. All data is encrypted in transit (TLS) and at rest. We implement industry-standard security measures to protect your information.

6. Your Rights (LGPD)

Under the LGPD, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a structured, machine-readable format
  • Revocation of consent: Withdraw consent for data processing at any time
  • Information: Know which entities your data has been shared with

To exercise any of these rights, contact us at privacy@watchdiff.com.

7. Cookies and Tracking

We use only essential cookies required for authentication and session management. We do not use third-party tracking cookies, analytics scripts, or advertising pixels.

8. Data Retention

We retain your data while your account is active. Monitoring snapshots are retained for change history purposes. Upon account deletion request, all personal data is permanently removed within 30 days. Anonymized, aggregated data may be retained for service analytics.

9. Children's Privacy

WatchDiff is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors.

10. International Data Transfers

Your data may be processed in servers located outside of Brazil (primarily in the United States) through our third-party service providers. These transfers are conducted in compliance with LGPD requirements for international data transfers.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top indicates the most recent revision.

12. Contact

For privacy-related questions or to exercise your data rights, contact us at privacy@watchdiff.com.