Effective Date: March 27, 2026
MonChart (https://monchart.com) is committed to protecting your privacy. This policy outlines how we collect, use, and safeguard your information in compliance with Irish data protection regulations, including the General Data Protection Regulation (GDPR).
Personal Data: We collect personal information such as email addresses and usernames when you sign up for our services. This information is used for account management, communication, and service delivery. During registration and account verification, we generate and store a cryptographic token (as a one-way hash) to validate your email address. This token is automatically deleted once your account is activated.
OAuth Sign-In (Google): You may also create an account or log in using your Google account via Auth0, our authentication provider. When you do so, we receive your name, email address, and profile picture from Google solely to create or identify your MonChart account. We do not receive your Google password, and we do not store your Google credentials.
Non-Personal Data: We collect cookies, IP addresses, and other non-personal data through tracking technologies to improve website functionality and provide analytics.
Personal Data: Your email and any other provided personal information will be used for managing your account, sending service-related communications, and improving your experience on our platform. This includes sending a verification email upon registration and, if your account remains unverified, an automated reminder email within 24–72 hours of sign-up to help you complete activation.
Non-Personal Data: Cookies and IP addresses are used for website analytics, traffic monitoring, and user behavior tracking. This helps us improve the site's functionality and enhance user experience.
We do not sell, trade, or share your personal information with third parties, except as necessary for service delivery (e.g., email services, analytics providers, payment processing) or when required by law. We ensure that all third parties comply with GDPR and maintain appropriate safeguards.
When you sign in with Google, your authentication is handled by Auth0 (our identity provider) acting as an intermediary between MonChart and Google. Auth0's privacy practices are governed by the Auth0 Privacy Policy. MonChart only stores your name, email, and a reference identifier (Auth0 subject ID) — never your Google credentials.
We use cookies to collect non-personal data such as user interactions, traffic patterns, and preferences. These cookies help us to understand how users interact with the site and improve its functionality. As per GDPR, you are responsible for obtaining consent from users before collecting cookies. You may manage cookie settings in your browser, but this may affect access to some features of our site.
We take reasonable measures to protect personal data, including encryption, access control, and regular security assessments. Sensitive tokens such as email verification links and password reset tokens are never stored in plain text — only a one-way cryptographic hash (SHA-256) is retained in our database. The raw token is sent to you once via email and is never recoverable from our systems. Each token is valid for a limited time and is immediately invalidated once used or replaced. While we strive to secure your data, please note that no internet transmission is 100% secure.
Under GDPR, you have the right to:
To exercise these rights, please contact us at support@monchart.com.
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Non-subscribers' personal data (e.g., emails) will be deleted upon request or when it is no longer needed for service delivery.
Accounts that are registered but never verified retain their data indefinitely until the user completes activation or requests deletion. Cryptographic verification tokens are automatically removed from our database upon successful account activation or when a new token is issued. Password reset tokens expire after 10 minutes and are deleted upon use.
We may periodically update this policy to reflect legal or service changes. Any updates will be posted on this page, and you will be notified via email if significant changes occur.
When you choose to make a chart public, its content — including the chart title, description, data summary, and preview image — becomes accessible to search engine crawlers such as Google. Public charts may be indexed and appear in search results, making your data discoverable by anyone on the web.
You are solely responsible for the content of charts you make public. Please ensure you do not publish personally identifiable information, confidential data, or data you do not have the right to share. You can change a chart back to private at any time from your chart settings, which will prevent further indexing. However, previously cached versions may remain in search engine indexes until those caches are refreshed.
MonChart offers an optional integration with Zendesk, a third-party customer support platform. This integration is available exclusively to users on a Premium or Trial plan. Free-tier users may see the integration option in their profile but cannot activate it without upgrading.
When you connect your Zendesk account, we request an OAuth access token from Zendesk on your behalf. This token is encrypted at rest using AES-256-GCM and stored securely in our database. We also store your Zendesk subdomain, OAuth scope, and the date the connection was established. We never store your Zendesk password.
The stored token is used solely to fetch support metrics on your request — including ticket volume, resolution time, tickets by status, agent performance, channel breakdown, CSAT, priority, group, custom fields, and ticket forms. This data is aggregated in memory and stored as chart data within your MonChart account. Raw ticket data, ticket content, customer names, and email addresses are never transmitted to or retained on our servers.
Data Sync: For charts published from the Zendesk app, Premium users may trigger a manual re-sync or enable automatic periodic sync (minimum interval: 30 minutes). When a sync runs, MonChart uses your stored OAuth token to re-fetch aggregated metrics from Zendesk and update the chart's data. The previous version of the chart data is archived in the chart's history before being replaced. No additional personal data is collected during this process.
You may disconnect the Zendesk integration at any time from your Profile settings. Upon disconnection, your Zendesk access token is deleted from our systems. Previously generated charts remain in your account and are unaffected by disconnection unless you delete them manually.
Zendesk's data practices are governed by the Zendesk Privacy Notice. MonChart's use of Zendesk data is limited to the purposes described above and is not shared with third parties.
This Privacy Policy is governed by the laws of the Republic of Ireland and complies with applicable European Union regulations, including the GDPR.
For any questions or concerns about this policy, please contact us at support@monchart.com.
Back to Main Page