Mydle
Data Processing Information
Last updated: July 11, 2026
This page summarizes how Mydle processes personal data when providing the Service. For enterprise customers requiring a signed Data Processing Agreement (DPA), contact legal@mydle.app.
1. Roles
- Customer is typically the controller of end-user or employee personal data stored in workspace content.
- Mydle acts as a processor for Service data processed on the customer’s behalf, and as a controller for account administration data (billing contacts, login emails).
2. Subject matter and duration
Processing covers account operation, monitoring configuration, check results, browser telemetry, logs, traces, deployments, service catalog data, incidents, status content, AI-derived outputs, alerts, and notifications for the duration of the customer relationship and applicable retention periods.
3. Nature and purpose
Processing is limited to providing the monitoring Service, securing the platform, delivering transactional communications, and supporting billing where enabled.
4. Types of personal data
- Account identifiers (name, email)
- Workspace membership and roles
- IP and technical logs
- Content customers choose to store in projects, telemetry, incidents, status pages, services, and operational metadata
5. Sub-processors
We use infrastructure and delivery vendors to operate the Service. Core sub-processors currently include:
- Neon — managed PostgreSQL
- Vercel (or equivalent host) — application hosting
- Upstash — Redis / rate limiting where configured
- Trigger.dev — background job execution
- Resend — transactional email
- iyzico — payment processing (when billing is enabled)
- Sentry — error monitoring (when observability is enabled)
Material changes to core sub-processors will be communicated to paying customers where contractually required. Contact privacy@mydle.app for the latest list.
6. Security measures
Summarized in our Security Policy: encryption in transit, access controls, least-privilege secrets, and production fail-closed configuration for critical dependencies.
7. International transfers
Transfers outside the EEA/UK use appropriate safeguards (for example SCCs) where required.
8. Assistance
We will reasonably assist customers with data subject requests, security incidents affecting customer personal data, and DPIA-related information, subject to the nature of the request and plan tier.
9. Deletion and return
Upon account deletion or written request after termination, we will delete or return Service data within a commercially reasonable period, except data retained for legal, security, or backup constraints.
Questions? legal@mydle.app · Support support@mydle.app