Security
Last updated: 20 June 2026
We keep this page in plain language and only claim what we actually do. Here is how your data is stored, protected, and deleted.
1. Where your data lives
Your account and the pages we monitor for you are hosted in the European Union. Our application and database run on Hetzner infrastructure in Germany and Finland. Page snapshots and saved HTML are stored in Cloudflare R2 with storage pinned to the EU jurisdiction.
Connections to PageDiff are served over HTTPS, so your data is encrypted in transit. At rest, your data sits on access-controlled EU infrastructure and is restricted to your account, as described below.
2. Access isolation
Every monitor, snapshot, and change history belongs to the account that created it. It is private to your account — only you can view it. We do not make your monitored content public, and our team does not access it except where strictly necessary to operate the service, prevent abuse, or comply with the law.
PageDiff only monitors pages you direct it to, and we do not bypass logins, paywalls, or other access controls. As a result, pages behind authentication, aggressive bot-blocking, or CAPTCHAs may not be reachable for monitoring.
3. Authentication
Passwords are stored only as salted, one-way hashes — never in plaintext — and we cannot recover them. Sign-in sessions are transmitted over HTTPS. You can change your password at any time from your account settings.
4. Payments
All payments are processed by Lemon Squeezy, our payment provider and Merchant of Record. Lemon Squeezy is PCI-DSS compliant and handles your card details directly — PageDiff never sees or stores your card number.
5. AI processing
To turn raw differences into readable summaries, the content of a detected change is sent to our AI subprocessor for analysis. This content is not used to train AI models.
It is retained for up to 30 days, during which it may be accessed for safety and security purposes, and is then deleted.
The AI provider we currently use is named in our Subprocessors list.
6. Retention & deletion
We keep page snapshots and change history according to your plan: 30 days on Starter, 90 days on Pro, and 365 days on Business. Snapshots older than your plan's window are automatically deleted.
You can delete any monitor — or your entire account — at any time. When you delete your account, it is first deactivated and then permanently purged after a 30-day grace period, which removes your monitors, snapshots, change history, notifications, and stored files.
7. Subprocessors
We rely on a small number of vetted third parties to run the service — for hosting, storage, payments, and AI analysis. We keep a current list of them, including what each one does and where it is located. See our Subprocessors list.
8. Selling & sharing
We do not sell your personal data, and we never have. We share data only with the disclosed subprocessors needed to provide the service, or where we are legally required to. For how we handle personal data and your rights under the GDPR, see our Privacy Policy.