Privacy Policy
This Privacy Policy explains what personal data Tailwise ("we", "us") collects, why, and what you can do about it. Tailwise is operated as a sole proprietorship by Marinus Klasen in the Netherlands. If you are a paying customer, the way we handle the log data you send us as your processor is described in more detail in our Data Processing Agreement, which sits alongside this policy.
1. Who we are
Tailwise is a server log monitoring service operated by Marinus Klasen, based in the Netherlands. You can reach me directly at marinus@mklasen.com. There is no support desk, no ticket queue, no shared inbox: it is one founder reading your message. More about me at mklasen.com.
2. What data we collect
Tailwise touches four categories of data, and nothing else.
a. Log lines from your servers. The Tailwise bash agent runs as a cron job on servers you control. It ships only the new lines from log files you have explicitly pointed it at. Each request carries your token in the header, a sanitised hostname, a sanitised source filename, and the alert email address you configured. We never read files you did not point the agent at, and we cannot reach your source code, your databases, or anything outside the log paths you chose.
b. Website visit data. When you load a page on tailwise.dev, our web server records standard access log entries: IP address, timestamp, path, referrer and user-agent. We use these for aggregate visit counts only. Raw IPs are not stored in our analytics file, only the counts derived from them.
c. Signup and waitlist data. If you submit the form on the homepage or any landing page, we store your email address and, depending on the form, your name and availability. These submissions are kept in an append-only file on our server.
d. Subscription and billing data. When you start a paid subscription, Stripe collects your name, email and payment details. We never see or store your card number. On our side we keep your Stripe customer ID, subscription ID, status and the email associated with the subscription, alongside the access token issued to you.
3. Why we collect it, and the legal basis
For log data, signup data and billing data: processing is necessary to perform the contract with you (Article 6(1)(b) GDPR), or to take steps you asked for before entering into a contract.
For website visit counts: we rely on our legitimate interest (Article 6(1)(f) GDPR) in understanding rough traffic patterns and keeping the site online and abuse-free. We do not build user profiles, we do not run ad pixels, and we do not track you across sites.
4. Who has access
Inside Tailwise, only the founder (Marinus Klasen) has access to the systems that hold your data. There are no other employees, contractors or interns. We use a small set of sub-processors that need to see narrow slices of data to make the service work, listed below and in our DPA.
5. Where it lives
Tailwise runs on our own infrastructure, hosted inside the European Union. Log data stays in the EU. Alert email is sent from an EU region. We do not copy customer logs to any third-party AI provider, analytics service or data warehouse. The only data that leaves the EU is the billing data that Stripe processes on its own platform (covered in section 8 below).
6. Sub-processors
We use the following sub-processors. The same list, with more detail, lives in the DPA.
| Sub-processor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Server hosting & storage | Germany (EU) |
| Sinch (Mailgun) | Transactional alert and account email | EU region |
| Stripe, Inc. | Payment & subscription billing (billing data only, not your logs) | US (SCCs apply) |
7. How long we keep it
- Log lines are stored on a rolling basis and overwritten as new lines arrive. On termination of your subscription, or at your request, your stored logs and any detected issues are deleted within a short period (typically a few days, as part of normal housekeeping).
- Signup and waitlist entries are kept until you ask to be removed, or until they stop being useful, whichever comes first.
- Subscription and billing records are kept for as long as you are a customer, and afterwards for the period required by Dutch and EU tax and accounting law (currently seven years for invoice records).
- Website access logs are rotated and discarded on a short rolling window.
8. International transfers
Your log data is processed entirely within the EU. Billing data is processed by Stripe in the United States under the EU Standard Contractual Clauses. DNS is provided by Cloudflare and resolves the domain only; it does not see your log data. If you are based outside the EU, the data you send us is still stored in the EU.
9. Cookies
Tailwise.dev does not set tracking cookies. We do not run Google Analytics, the Facebook pixel, or any other third-party analytics or ad tracker. The Stripe customer portal, when you visit it, sets its own essential cookies under Stripe's own privacy policy.
10. Your rights under GDPR
If your personal data is in our systems (because you are a customer, you signed up, or your data appears in logs your provider is sending us), you have the right to:
- Ask what we hold about you (access).
- Correct anything that is wrong (rectification).
- Ask us to delete it (erasure), where we are not legally required to keep it.
- Receive it in a portable format (portability).
- Object to or restrict certain processing.
- Withdraw consent, where processing is based on consent.
- Lodge a complaint with a supervisory authority. In the Netherlands, that is the Autoriteit Persoonsgegevens; you can also complain to the authority in your own EU country.
Send any request to marinus@mklasen.com and I will respond within one month, usually much sooner. Note that if you are a website visitor whose data appears in a customer's log files, the customer is the controller for that data: I will help where I can, but you may need to contact them directly first.
11. Security and redaction
All data in transit between the agent and Tailwise is sent over HTTPS/TLS. Storage is on EU servers with access limited to the founder. You choose which files the agent reads, which means you also choose what ends up in our system. Tailwise does not currently strip secrets or personal data from inbound log lines on our side; built-in redaction is on the roadmap. In the meantime, please point the agent only at files you are comfortable shipping, and exclude anything containing secrets, payment card data, or special-category personal data.
12. Changes to this policy
If we change this policy in a way that affects you (new sub-processor, new data category, anything material), we will email active customers and update the version and date at the top of this page. Minor wording fixes happen quietly.
13. Contact
Questions about this policy, your data, or anything privacy-related: marinus@mklasen.com.