Privacy Policy

Last updated: March 24, 2026. Template only; customize for your deployment, subprocessors, and jurisdiction.

Who we are

Pulse (“we”, “us”) provides error tracking and related features. The data controller for a self-hosted instance is the entity operating that instance.

Data we process

• Account data: name, email, authentication identifiers (including OAuth subject IDs where used), security settings such as two-factor configuration metadata.
• Organization and billing: organization name, membership roles, Stripe customer and subscription identifiers when billing is enabled.
• Error and event payloads: messages, stack traces, URLs, optional context, breadcrumbs, and similar fields you or your applications send to the ingest API. These may contain personal data if your applications include it.
• Technical data: IP addresses (for example for ingest allowlists, rate limits, and security logs), audit log entries for administrative actions.

Purposes

We process data to provide and secure the Service, bill subscribers, communicate about the account, and improve reliability (for example aggregated operational metrics where configured).

Legal bases (EEA/UK-style framing)

Where applicable: contract performance for providing the Service; legitimate interests in security and abuse prevention; consent where required (for example marketing cookies if you add them); legal obligations for tax and billing records.

Subprocessors

Depending on your configuration, data may be processed by infrastructure and service providers. See the Subprocessors page for a non-exhaustive list typical of Stripe-backed deployments.

Cookies and similar technologies

The web application uses cookies and browser storage needed to operate the Service: for example session cookies for signed-in users, CSRF protection, and “remember me” when you choose it. We do not use third-party advertising cookies in the default product. If you add analytics or marketing tools, document them here and obtain consent where your jurisdiction requires it.

Retention

Error events are retained according to project and plan retention settings and pruning jobs. Account data is kept while the account is active and for a reasonable period afterward for legal and operational needs unless you request deletion subject to organization ownership rules in the product.

Your rights

Depending on your region, you may have rights to access, rectify, delete, or export personal data, and to object to or restrict certain processing. Contact the operator of your instance to exercise these rights.

International transfers

If you use providers in other countries, ensure appropriate transfer mechanisms (for example Standard Contractual Clauses) as required by law.

Children

The Service is not directed at children under 16.

Changes

We may update this policy and will post the revised version with an updated date.

Contact

Use the contact details for your deployment. For a Data Processing Agreement suitable for B2B customers, see the DPA template.