Privacy Policy
Pushover, LLC ("Pushover", "we", "us", "our") provides online and mobile services, including but not limited to, the Pushover website ("Pushover.net" or the "Site"), API, and mobile applications (collectively, the "Service"). Pushover is committed to maintaining the privacy, integrity and security of any personal information about our users.
This Privacy Policy ("Policy") explains how we protect personal information we collect in connection with your use of the Service and how we use and in some cases disclose that information. "Personal information" for purposes of this Policy means information that identifies you, such as your name or e-mail address. This Policy is subject to the provisions our Terms of Use, which are incorporated by reference.
What Personal Information We Collect
Your Pushover service works in conjunction with a user account on Pushover.net (a "User Account"). When you sign up for a Pushover User Account from our mobile applications or our Site, you are required to provide an e-mail address (which will be used as your login ID) and to create an account password (collectively the "Registration Information").
During the course of using your Pushover Service, the Pushover device client applications will routinely synchronize your notification data with Pushover servers. These requests sent from your Pushover device client application include information that identifies your current Pushover application version, your device operating system version, your device hardware manufacturer and model number, and your Pushover device client license status. These requests include a Pushover-assigned device identifier, but no hardware-specific identifiers (such as a device UUID) that could be used to track the device across other applications.
Our web and API servers may record IP addresses, request timestamps, and other connection metadata in server logs. These logs are used for security, debugging, and abuse prevention and are retained for no longer than 90 days.
Message content sent to you through the Service is created and controlled by the third-party application or user that sent it. Pushover acts as a conduit for this content and does not control or endorse it.
Legal Basis for Processing
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal basis for collecting and using your personal information depends on the data concerned and the context in which we collect it:
- Contractual necessity: We process your Registration Information and message data as necessary to provide the Service you have signed up for.
- Legitimate interests: We process server logs, usage data, and device metadata to maintain the security and reliability of the Service, prevent abuse, and improve the Service, where these interests are not overridden by your data protection rights.
- Legal obligation: We may process your data where required to comply with applicable law.
How We Use Your Personal Information
Pushover uses your personal information to:
- Provide you with the Service;
- Analyze Site usage and improve the Service;
- Deliver to you any administrative notices and communications relevant to your use of the Pushover Service;
- Provide you with updates regarding Pushover products and services;
- Perform internal market research, project planning, troubleshooting problems, and to detect and protect against error, fraud or other criminal activity; and
- Enforce the Pushover Terms of Use.
Disclosure to Third Parties
Pushover ("we") collect the e-mail addresses of those who communicate with us via e-mail, aggregate information on what pages consumers access or visit, and information volunteered by the consumer (such as survey information and/or site registrations). The information we collect is exclusively used to improve the content of our Web pages and the quality of our service, and is not shared with or sold to any person, company, or organization (for the avoidance of doubt, this prohibition applies to any commercial and non-commercial purposes), except under the following circumstances:
It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law.
We transfer information about you if Pushover, LLC is acquired by or merged with another company. In this event, Pushover will notify you before information about you is transferred and becomes subject to a different privacy policy.
We share certain information with companies that may be considered our "sub-processors" under EU GDPR:
| Company | Purpose |
|---|---|
| Apple Inc. | Notification Transport, In-App Purchases |
| Cloudflare, Inc. | DNS, DDoS Protection |
| FastMail Pty Ltd | E-Mail Delivery |
| Google LLC | Notification Transport, In-App Purchases |
| PayPal, Inc. | Credit Card Processing |
| rsync.net, Inc. | Encrypted Backups |
| Stripe, Inc. | Credit Card Processing |
| Vultr Holdings Corporation | Dedicated Server Hosting |
| Wildbit, LLC (Postmark) | E-mail Delivery |
International Data Transfers
Pushover is based in the United States and processes data on servers located in the United States. If you are accessing the Service from outside the United States, your personal information will be transferred to and processed in the United States. By using the Service, you consent to this transfer. Where required by applicable law, we rely on appropriate legal mechanisms (such as Standard Contractual Clauses) to support transfers of personal data outside the EEA, United Kingdom, or Switzerland.
Children
Pushover does not ask for or collect personal information from anyone under the age of 16. We also do not allow registration of such persons. If we find that such a person has registered and submitted information, we will delete the information and deactivate any associated accounts immediately.
Cookies
A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site's computers and stored on your computer's hard drive.
Cookies are required to login to the Pushover website, but not to view pages when not logged in.
We use cookies to record current session information while logged in, but do not use permanent cookies. You are required to log-in to your Pushover account after a certain period of time has elapsed to protect you against unauthorized persons accessing your account.
Data Storage
Pushover uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run Pushover.
Credit Card and related transaction information, if any, is stored and processed with an off-site fully PCI-compliant third party vendor.
Data Retention
Messages delivered to your devices are deleted from Pushover's servers once delivery has been verified. Messages that cannot be verified as delivered are deleted after 21 days. Your Registration Information is retained for the duration of your account. Server logs containing IP addresses and request metadata are retained for no longer than 21 days.
Your Rights Regarding Your Data
If you would like to cancel your Pushover account, you may do so by logging into your Pushover account, visiting the Settings header, then clicking on "Delete Account" in the upper right corner.
When you request cancellation of your account, your personally identifiable information will be marked for deletion including but not limited your e-mail address, name, user token, device identifiers, and any messages delivered to your devices that have not yet been deleted from our servers. This data will be permanently deleted from our database after 30 days. Archival copies of your account information that exist within our back-up system will be deleted in accordance with our normal back-up expiration schedule.
Depending on your location, you may also have the right to:
- Access the personal information we hold about you;
- Correct inaccurate personal information;
- Request a portable copy of your personal information;
- Restrict or object to certain processing of your personal information.
To exercise any of these rights, contact us at support at pushover.net. We will respond within 30 days, or within the timeframe required by applicable law.
Do Not Track
Pushover does not use third-party tracking or advertising services and does not track users across third-party websites. Our site does not respond to browser Do Not Track signals because we do not engage in the type of tracking that such signals are intended to prevent.
Data Breach Notification
In the event of a data breach that affects your personal information, Pushover will notify affected users via e-mail and post a notice on our website as soon as reasonably practicable and in accordance with applicable law.
Disclosure
Pushover may disclose personally identifiable information under special circumstances, such as to comply with subpoenas or when your actions violate the Terms of Service.
Changes
Pushover may update this policy. We will notify you about significant changes in the way we treat personal information by sending an e-mail to the address address specified on your Pushover account or by placing a notice on our website.
Questions
Any questions about this Privacy Policy should be addressed by e-mail to support at pushover.net.
Changelog
This policy was last updated on May 1, 2026 to clarify existing policies regarding device identifier disclosures, add sections for server log retention, message content from third parties, legal basis for processing, international data transfers, data retention, expanded user rights, Do Not Track, and data breach notification.
This policy was last updated on January 7, 2025 to modify the list of service providers that may be considered sub-processors under EU GDPR regulations, and to update the minimum age requirement to 16 years of age.
This policy was previously updated on April 12, 2023 to modify the list of service providers that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on November 20, 2022 to modify the list of service providers that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on December 17, 2020 to modify the list of service providers that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on June 9, 2020 to list additional service providers that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on October 26, 2019 to list additional service providers that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on March 13, 2019 to reflect that Superblock, LLC has been renamed to Pushover, LLC.
This policy was previously updated on January 24, 2019 to list an additional e-mail delivery company that may be considered a sub-processor under EU GDPR regulations.
This policy was previously updated on May 24, 2018 to explicitly list companies that may be considered sub-processors under EU GDPR regulations.
This policy was previously updated on November 2, 2016 to clarify that third parties we do not disclose information to includes persons and companies, not just organizations, and that the prohibition applies to commercial and non-commercial purposes.
This policy was previously updated on January 27, 2014 to reflect the application and device version information that is collected.
This policy was previously updated on August 8, 2012.