Nightwatch logo
'Nightwatch' text with white and gray letters
HomeMapNewsMilitary PulseSituation ReportsDaily ReportsList ViewVideosCyber Threats
Sign In
Contact Support

Privacy Policy

Last updated: 19 February 2026

Who we are

Nightwatch (“Service,” “we,” “our,” “us”) is provided and controlled by:

Aleksi Lemmetyinen (sole proprietor)
support@nightwatch.services

Scope

This Privacy Policy explains how we collect, use, share and protect personal data when you:

  • visit nightwatch.services or its sub-domains;
  • use our APIs, dashboards or email digests;
  • sign in with Google, Twitter or GitHub OAuth.

The data we collect

A. Data you give us through OAuth

  • email address (primary identifier)
  • public profile name, photo and provider account ID

B. Data we generate or observe

  • subscription tier, billing status (via Stripe)
  • API usage logs: endpoints, timestamps, IP address
  • access-control flags (admin privileges)
  • server logs and error reports

C. Cookies & local storage

  • NextAuth.js session cookie (encrypted JWT) – required for login
  • Optional Google Analytics 4 cookies (_ga, _ga_*, _gid) – only set if you explicitly accept analytics cookies
  • No advertising cookies; ad personalization is disabled
  • You can withdraw or change analytics consent anytime by clearing Nightwatch cookies in your browser and reloading the site

Purposes & legal bases (GDPR Art. 6)

  • Perform our contract with you – provide the Service, authenticate users, enforce rate limits.
  • Legitimate interests – secure the platform, prevent fraud, improve features.
  • Consent – optional analytics cookies and analytics measurement, plus marketing e-mails (opt-in only).
  • Legal obligation – tax, accounting and consumer-protection laws.

How we share data

  • Stripe – payment processing (card data never touches our servers).
  • OpenAI – processing user-submitted text to create AI summaries.
  • Copernicus/Sentinel – satellite-imagery queries (geo-coordinates only).
  • Currents API – news aggregation searches.
  • OAuth providers – as required for sign-in and user-info sync.
  • Google Analytics – optional usage analytics, only when you have granted analytics consent.

All vendors are bound by data-processing agreements and may process data only on our instructions.

International transfers

Our servers are currently hosted in the European Economic Area (EEA). If we later transfer data outside the EEA we will rely on EU adequacy decisions or Standard Contractual Clauses (SCCs) per GDPR Art. 46.

Retention

  • Account data: kept as long as your account is active and up to the maximum period allowed by applicable law after closure.
  • Back-ups: rolling seven-day encrypted snapshots.
  • API logs: up to 24 months, then anonymised or deleted.

Your rights

If you are in the EU/EEA you have the right to access, correct, delete, restrict or port your data, and to object to processing. Contact privacy@nightwatch.services.

California residents have CCPA rights to know, delete and opt-out of “sale” (we do not sell personal data).

We will respond within one month (GDPR) or 45 days (CCPA). You may lodge a complaint with the Finnish Data Protection Ombudsman.

Security

We use TLS 1.2+, encryption at rest, least-privilege access controls, daily backups and routine penetration-testing. No method is 100% secure; you use the Service at your own risk.

Children

Nightwatch is not directed to children under 16. We do not knowingly collect data from minors. If we learn we have done so, we will delete it.

Open Data Licensing Notice

This Privacy Policy covers personal data handling. Licensing and attribution terms for geospatial datasets (including OpenStreetMap-derived AOI data) are described separately in our Terms and Support pages.

See Terms of Service: Data Licensing and Support: ODbL data requests.

Changes

We may update this Policy for legal or operational reasons. We will post the new version and, for material changes, email or in-app notify you at least 14 days before it takes effect.

Contact

Data-Protection Officer: Aleksi Lemmetyinen
privacy@nightwatch.services
Graniittitie 20 A 34, 01150 Söderkulla, Finland