privacy policy

the gromitor agent collects read-only resource metrics (cpu, memory, network i/o, disk i/o) per container and batches them to us over https. we keep a recent ~24–48 hour window of those raw metrics to power the live dashboard and threshold alerts, plus the small amount of account and agent metadata needed to run the service. we never read what's inside your containers, and we never sell your data.

gromitor is built by ogbuilds, a uk-based studio, and is offered in early access “built in public.” ogbuilds is the data controller for the personal data described here, and this policy is governed by uk data protection law (uk gdpr).

you install the gromitor agent next to your container engine — a single read-only container on a docker host, or a daemonset (one pod per node) on kubernetes. the agent reads each container's resource counters from the engine's own stats api and sends them to gromitor. specifically, per container it transmits:

• resource samples — cpu percent, memory usage and limit (bytes), cumulative network in/out bytes, and cumulative disk read/write bytes, with a timestamp.
• container metadata— the container/pod identifier, its name, the image it's running, its status (running/paused/exited), and a location label (the docker host, or the kubernetes namespace/node).
• agent metadata— a self-generated agent id, the engine type (docker or kubernetes), the agent version, and the host's hostname, plus periodic heartbeats so we can show whether the agent is connected.

the agent is read-only and reads only resource counters. it does not read, copy, or transmit the contents of your containers, your application data, environment variables, logs, files, or network payloads. container and image names are operational labels you control — please avoid putting secrets or personal data in them.

to use the in-app dashboard you sign in. when sign-in is enabled, authentication is handled by clerk, which holds your email address and (for password or google sign-in) the credentials you choose. within gromitor we store your email, a display name, and a flag for whether you've seen onboarding. each account has an ingest token the agent uses to self-register and authenticate its metric uploads — keep it secret, like a password.

if you set up threshold alerts (e.g. cpu over 80% for 5 minutes), we store the rule, the alert events it produces (the value that breached and when it resolved), and your chosen notification method. when an alert fires or resolves we may email you about it.

we use the metrics and metadata above only to provide gromitor: to render your live dashboard and recent sparklines, to evaluate your alert rules against the incoming stream, to notify you of breaches and resolutions, and to keep your account and agents working. we do not sell your data, and we don't use it for advertising.

we process account data and the metrics your agent sends to perform our contract with you (providing the service you signed up for). where we rely on optional features such as email alerts, that is to deliver a feature you configured. we rely on legitimate interests for basic service security and integrity (e.g. authenticating agent uploads and preventing abuse).

gromitor uses a small set of infrastructure providers to run the service. it contains no advertising and no third-party analytics or tracking. the providers we use are:

• vercel — hosting for the web app and the metric-ingestion endpoint.
• neon (serverless postgres) — stores account, agent, container, alert, and recent-metric data when a database is configured.
• clerk — authentication and sign-in, when enabled.
• resend — delivery of alert emails (triggered/resolved notices), when configured.

we use no payment processor — gromitor is free in early access — and no large-language-model or other ai providers process your data.

when sign-in is enabled, clerk sets the session cookies needed to keep you logged in. we don't use advertising or tracking cookies. the app may keep small interface preferences in your browser's local storage on your own machine.

raw metric samples are short-lived by design: we keep roughly the last 24–48 hours, which is what live monitoring and short-window alerts need, and older samples are pruned. account, agent, container, and alert records are kept while your account is active. if you close your account or ask us to delete your data, we remove it (deleting an account cascades to its agents, containers, alerts, and events).

under uk gdpr you can ask us to access, correct, delete, or export your personal data, and you can withdraw consent or object to certain processing. to exercise any of these, reach out via ogbuilds. you also have the right to complain to the uk information commissioner's office (ico).

some of our providers (e.g. vercel, neon, clerk, resend) process data on infrastructure that may be located in the united states or other countries outside the uk/eea. where data is transferred internationally, it's done under appropriate safeguards such as the providers' standard contractual clauses.

gromitor is a tool for developers and operators and is not intended for anyone under 13. we don't knowingly collect personal data from children.

the agent uploads metrics to us over https (encrypted in transit), and agent uploads are authenticated with your account's ingest token. authentication is handled by clerk, and data is stored with our infrastructure providers. no system is perfectly secure, but we keep the collected surface deliberately small — resource counters, not container contents.

if this policy changes, we'll update the date above and, for material changes, note it in the app or on this page.

questions about your data? reach out via ogbuilds, the studio behind gromitor.