Privacy Policy
This Privacy Policy explains how personal data is handled in the Meerkat mobile application and related services (the “Service”). Please read it together with our Terms of Use (EULA).
1. Who we are
The Service is provided by Andi Oliver Ion PFA, a sole proprietorship (Persoană Fizică Autorizată) established in Romania, operating under the “Meerkat” brand (the “Provider”, “we”, “us”). We act as the data controller for the limited personal data described below.
Contact: andioliverion@gmail.com
2. How Meerkat works
Meerkat monitors servers that you own and control. You install a small, read-only program — the open-source meerkat-agent — on your own server. The app reads one HTTPS status document the agent exposes. Meerkat is offered in two modes:
- Free (direct mode) — the app connects directly from your device to your own agent. There is no account, and your server data does not pass through us.
- Pro (relay mode) — you sign in with Apple to sync your server list across your devices, receive push alerts, and read relay snapshots through our backend.
3. Data we collect
Free mode
- No account and no personal data are collected by us. Server addresses, the pinned agent certificate and access token, and your thresholds and preferences are stored locally on your device.
- Status data read from your agent (machine facts, discovered resources) is fetched directly by your device and is not sent to us.
Pro mode
- Account identity from Sign in with Apple (a stable user identifier, and the name/email you choose to share). If you use Apple’s “Hide My Email”, we receive a private relay address instead of your real email.
- Your list of linked servers (such as a label and connection details) so it can be synced across your devices.
- Relay snapshots of the status your servers report, so the backend can deliver them to your other devices and evaluate alerts.
- Device push tokens used to send you alert notifications (APNs).
- Subscription entitlement state — whether your account has Pro and how it was granted.
On your device
- A local cache for sessions and settings, and secure items (such as agent tokens and, in Pro, account/session material) stored in the iOS Keychain. This is removed when you delete the app or your account.
4. What we do not collect
We do not collect location data, health data, contacts, photos or browsing history. We do not use advertising identifiers, analytics or tracking SDKs, and we do not track you across other apps or websites. We do not sell your data. The agent never sends us your credentials, and it cannot run remote commands on your server.
5. How we use your data
- To operate the app and, in Pro, your account.
- To sync your server list and relay snapshots across your own devices.
- To evaluate thresholds and deliver alert notifications you have enabled.
- To manage Free and Pro entitlements.
- To respond to support requests.
6. Payments
Any paid (Pro) subscription is purchased and billed through the Apple App Store. Apple processes the payment and we never receive your card details. We only store whether your account is entitled to Pro and how it was granted.
7. Legal bases (GDPR)
- Performance of a contract — to provide the Service, including Pro sync and alerts you sign up for.
- Consent — for optional features such as push notifications; you can withdraw it in system settings or by deleting your account.
- Legitimate interests — to keep the Service secure and functioning.
- Legal obligation — where we must retain limited records to comply with law.
8. Sharing
We host the Pro backend on our own private server infrastructure in the European Union. We do not share your personal data with third parties for their own purposes. Data is shared only:
- with Apple, for purchases, Sign in with Apple and push delivery (APNs), under Apple’s own terms;
- where required by law.
9. Retention
In Free mode there is nothing for us to retain. In Pro, we keep your account data and server list for as long as your account is active, and relay snapshots only as needed to provide sync and alerts. When you delete your account, we permanently delete your account and associated data (see Section 10). Limited records may be retained only where the law requires.
10. Deleting your account and data
In Free mode, deleting the app removes all locally stored data. In Pro, you can delete your account from within the app; this permanently removes your account, linked server records, relay snapshots and push registrations from our servers. This action cannot be undone.
11. Your rights
Under the GDPR you have the right to access, correct, erase, export (portability), restrict or object to the processing of your personal data, and to withdraw consent. To exercise these rights, contact andioliverion@gmail.com. You also have the right to lodge a complaint with the Romanian supervisory authority (ANSPDCP, dataprotection.ro).
12. Children
Meerkat is a tool for people who operate their own servers and is not directed to children.
13. Security
The agent uses TLS and a bearer token, and the app pins the agent’s certificate. Secure material is stored in the iOS Keychain. We use reasonable technical and organisational measures to protect personal data. No method of transmission or storage is completely secure, but we work to safeguard your information.
14. Changes
We may update this Policy from time to time. Material changes will be reflected by updating the “Last updated” date on this page.
15. Contact
Questions about this Policy or your data: andioliverion@gmail.com.