Privacy Policy - trycatch

Overview

This Privacy Policy explains how trycatch collects, uses, protects, and shares information when you use the service.

trycatch is an error monitoring product. The service processes account information, organization settings, project metadata, and diagnostic event data that your applications send through SDKs or compatible ingest endpoints.

Data We Collect

We collect account profile fields from Google sign-in, including email, name, avatar URL, and verification state.

We collect product data such as organizations, members, projects, API tokens, notification channels, alert rules, releases, source map artifacts, issue metadata, and audit logs.

Error events may include stack traces, request metadata, tags, breadcrumbs, user identifiers, browser/runtime context, and raw event samples.
Operational metadata may include IP address, user agent, request IDs, timestamps, and rate limit decisions.
Waitlist submissions include email, optional name, optional company, source, user agent, and IP address.

How We Use Data

We use data to authenticate users, route authorization decisions, ingest and group errors, display issue and event history, provide release artifact lookup, send alerts, enforce quotas, prevent abuse, and improve product reliability.

We do not sell customer data. We do not use your error payloads to train models unless a separate written agreement explicitly allows it.

Retention

Retention depends on your deployment configuration. Event samples, release artifacts, audit logs, and maintenance output can be pruned by configured retention jobs.

Waitlist data is retained until you ask us to remove it or until the waitlist is no longer needed.

Security

Session cookies are HttpOnly and SameSite=Lax.
API tokens are stored as hashes, not plaintext secrets.
Source map and raw event files are written through storage helpers that constrain paths.
PII scrubbers can remove common secrets and identifiers before event data is stored.

No internet service is perfectly secure, but we design trycatch to minimize unnecessary data movement and keep self-hosted deployments inspectable.

Your Rights

Depending on your location, you may request access, correction, export, deletion, or restriction of personal data. Contact privacy@trycatch.dev for privacy requests.

Organization owners remain responsible for configuring retention, scrubbers, member access, and project data deletion in self-hosted environments.