1. Information We Collect
Account Data
Name, email address, company name, and billing information collected at registration.
Network Telemetry
PPS, BPS, protocol ratios, connection counts, and attack metadata submitted by the ftagent running on your servers. This data is processed to detect DDoS incidents.
PCAP Files
If PCAP capture is enabled, packet captures are transmitted by the agent and stored for 7 days (standard plans) or up to 365 days (enterprise plans).
Usage Data
Log data, dashboard activity, and API call metadata used to operate and improve the service.
2. How We Use Data
- Detect and respond to DDoS incidents on your infrastructure.
- Provide and maintain the Flowtriq dashboard and API.
- Send incident alerts and service notifications.
- Process billing through Stripe (we do not store card data).
- Improve detection accuracy and service reliability.
3. Data Sharing
We do not sell your data. We share data with:
- Stripe: payment processing.
- Infrastructure providers: hosting and storage under data processing agreements.
- Law enforcement, when required by applicable law.
4. Data Retention
Metric data (PPS/BPS) is retained for 25 hours in raw form and up to 90 days in aggregated form. PCAP files are retained for 7 days (standard plans) or up to 365 days (enterprise plans). Account data is retained while your account is active and deleted immediately upon account deletion.
5. Your Rights
You may request access, correction, or deletion of your personal data by emailing [email protected]. We will respond within 30 days.
6. Security
All data is encrypted in transit (TLS 1.2+). Passwords are stored as bcrypt hashes; API keys are stored as one-way hashes. PCAP files are stored outside the web root with restricted filesystem access.
7. Cookies
We use a session cookie for authentication. We do not use tracking cookies or third-party analytics.