Back to Home

Privacy Policy

Last updated: May 24, 2026

Public URL for App Store and compliance: https://o11ybot.app/privacy

Introduction

o11ybot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website.

Information We Collect

Mobile Application

The o11ybot iOS app connects only to backend URLs and services you configure (your Elastic MCP Server endpoint and related Elastic/Kibana APIs derived from that configuration). It does not send your observability data, queries, or credentials to o11ybot.app or to the app developer's servers. That connection is user-controlled—it is not third-party AI data sharing with the app publisher.

  • API credentials: Your MCP server URL and API key are stored in the iOS Keychain on your device. They are used only to authenticate HTTPS requests from the app to your configured endpoint (and, when you use workflow actions, to workflow API URLs under the same Elastic deployment).
  • Data the app transmits: The app sends JSON-RPC requests to your MCP server (for example, tools such as ES|QL execution). Requests include your API key and the parameters needed for those tools (queries, time ranges, workflow identifiers, etc.). Responses contain observability data from your Elastic environment.
  • Elastic MCP and AI/ML: Depending on your Elastic subscription and how your MCP server is set up, Elastic may process requests using features that involve AI or machine learning (for example, assistant or automation capabilities in the Elastic stack). That processing happens under your Elastic deployment and Elastic's terms—not under the control of the o11ybot app publisher. Review Elastic's privacy statement and your organization's policies for details.
  • In-app telemetry: The app may record performance-oriented events (such as app launch) using OpenTelemetry APIs inside the app. This is not sent to o11ybot.app. Outbound export of telemetry to a cloud vendor is not part of the app's connection to your configured MCP endpoint.

Website

  • Chat Interactions: When you use the support chatbot, your messages are sent to Anthropic (Claude) for processing. The assistant is instructed to answer only o11ybot- and Elastic-setup-related questions. We do not store your chat history.
  • Email Communications: If you contact us via email, we collect your name, email address, subject, and message content. This information is sent via SendGrid to our support email address.
  • Telemetry Data: We collect server-side telemetry data through OpenTelemetry for monitoring website performance and errors.
  • Usage Analytics: We use OpenTelemetry to track page views and user interactions for analytics purposes.

How We Use Your Information

  • To provide and maintain our services
  • To process and respond to your support requests
  • To monitor and analyze usage patterns and trends
  • To improve our application and website
  • To detect, prevent, and address technical issues
  • To comply with legal obligations

Third-Party Services

Anthropic (Claude)

Our support chatbot uses Anthropic's Claude models. When you interact with the chatbot, your messages are sent to Anthropic for processing. Please review Anthropic's Privacy Policy at https://www.anthropic.com/legal/privacy.

SendGrid

We use SendGrid to send email communications. When you submit a contact form, your information is processed by SendGrid. Please review SendGrid's Privacy Policy at https://www.twilio.com/legal/privacy.

Elastic

Website: We may use Elastic's OpenTelemetry ingestion for this site's operational telemetry. Data is processed per Elastic's policies. See https://www.elastic.co/legal/privacy-statement.

Mobile app: When you use the app, observability queries and credentials go to your configured Elastic MCP / Kibana endpoints—not to the app publisher. Elastic's privacy terms apply to how your deployment handles that data.

Data Security

We implement appropriate technical and organizational measures to protect your information:

  • API credentials are stored securely in the iOS Keychain, which uses hardware-backed encryption
  • All API communications use HTTPS encryption
  • Environment variables are used for sensitive API keys on our servers
  • We do not store chat history or personal information on our servers

Data Retention

  • Mobile App: Your API credentials are stored locally on your device until you delete the app or remove them manually.
  • Website: We do not store chat history. Email communications are retained as needed to respond to your inquiries.
  • Telemetry Data (website): Server-side telemetry for this website may be retained by Elastic according to their policies.
  • Telemetry Data (mobile app): Data retention for queries and results is determined by your Elastic deployment and organization—not by o11ybot.app.

Your Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Right to access your personal information
  • Right to correct inaccurate information
  • Right to delete your information
  • Right to object to processing of your information
  • Right to data portability

To exercise these rights, please contact us at our support page.

Children's Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, please contact us: