← MowerWatch

Privacy Policy

Last updated: 9 July 2026

MowerWatch ("we", "us") provides health monitoring and diagnostics for Husqvarna Automower® robotic mowers. This policy explains what personal data we process, why, and your rights. We aim to collect the minimum needed to run the service.

Data controller

MowerWatch, operated by [YOUR NAME / BUSINESS NAME], [ADDRESS], Ireland.
Contact: [email protected]

What we collect and why

DataPurposeLegal basis
Email address and password (stored as a salted PBKDF2 hash — we cannot read it) Your account and sign-in; fault alert emailsContract
Husqvarna API application credentials (encrypted at rest) Fetching your mower's data from Husqvarna's official API on your behalfContract
Mower telemetry: status, battery, statistics, error codes, and GPS positions The dashboard, position radar, stop forensics, health index and alertsContract
Billing status (via Stripe) Subscription managementContract
Server logs (IP address, requests, timestamps) Security, abuse prevention (e.g. login rate limiting), debuggingLegitimate interest

GPS location data

Your mower reports its GPS position; we store this track to draw the position radar and to reconstruct stop events. Location data is never sold, shared or used for advertising. It is visible only to your account (and to an operator strictly for support, at your request).

Payment processing

Payments are handled by Stripe (Stripe Payments Europe, Ltd.). Your card number never touches our servers. Stripe's privacy policy: stripe.com/privacy. We store only your Stripe customer reference and subscription status.

Where your data lives

On our server in the European Union. Mower data is fetched from Husqvarna's API (Husqvarna Group's own privacy terms apply to their side). Encrypted backups are kept for 14 days on a rolling basis.

Retention

Your data is kept while your account exists — history is the product, so we keep it even if your subscription lapses, in case you return. Delete your account (or email us) and your account, credentials, telemetry and GPS history are removed; rolling backups age out within 14 days.

Your rights (GDPR)

You have the right to access, rectify, export, restrict and erase your personal data, and to complain to a supervisory authority (in Ireland: the Data Protection Commission, dataprotection.ie). Email [email protected] and we'll act within 30 days.

Cookies

One cookie: mw_session, which keeps you signed in for 30 days. It is HttpOnly and Secure. No analytics cookies, no tracking pixels, no third-party ad tech.

Changes

If this policy changes materially, we'll email account holders before the change takes effect.