Crosswatch ("the Service") is operated by Qaswa Technology ("we," "us," or "our"). This Privacy Policy explains how we collect, use, and protect information when you use Crosswatch at crosswatch.io. By using the Service, you agree to the practices described here.
Account & contact information. When you create a workspace or sign in, we collect your name, email address, company/workspace name, and — where you use Microsoft single sign-on — the email identity returned by Microsoft to authenticate you to the admin console or client portal.
Fleet telemetry (processed on your behalf). To provide the Service, we ingest read-only operational events from the tools you connect — for example device or host identifiers, end-client/site identifiers, and event metadata such as patch, agent, service, backup, certificate, sign-in, network-device, and Microsoft 365 signals, with their timestamps. This telemetry may include personal data (such as device names or user names) belonging to your own end clients. We process it as a service provider, on your instructions, to detect and correlate incidents for you (see Section 7).
Connection credentials. When you connect an RMM, Microsoft Intune/365, or a PSA, we store the API keys or OAuth tokens you provide encrypted at rest (AES-256-GCM). Secrets are never displayed back to you and are used only to read telemetry, or to file a ticket you explicitly approve. Crosswatch is read-only with respect to your devices and never executes changes on them.
Usage data. We collect operational data about how the Service is used — incident counts, feature usage, and feed health — to run, secure, and improve the Service.
Server logs. Our infrastructure records standard technical logs (such as IP address and request metadata) for security and reliability. We do not use advertising or cross-site tracking technologies.
We do not sell your personal data, and we do not use it for targeted advertising or for profiling that produces legal or similarly significant effects.
Crosswatch offers an optional cross-fleet network signal that warns you when the same failure pattern is emerging across other fleets. This feature is off by default. When you opt a workspace in, Crosswatch shares only anonymized failure fingerprints and counts — never a client name, device, user identity, or tenant identifier. You can turn it off at any time.
Your data is stored on Microsoft Azure infrastructure in the United States. We use encrypted connections (TLS/HTTPS), encrypted database storage, AES-256-GCM encryption for connection secrets, role-based access controls, and logical isolation of each workspace's data. Because Crosswatch is read-only, it never writes to or runs code on your endpoints.
Consistent with Nebraska law (Neb. Rev. Stat. § 87-808), we maintain reasonable security procedures and practices appropriate to the nature and sensitivity of the information we hold and to the size and resources of our business, including safeguards applied when information is disposed of. No method of transmission or storage is 100% secure; please keep your credentials confidential.
Crosswatch relies on the following providers to deliver its functionality, each under its own privacy terms:
We share data with subprocessors solely to operate the Service, subject to confidentiality obligations. We do not sell or license your data to third parties for their own use.
For account, contact, and website data, Qaswa Technology acts as a controller. For the fleet telemetry we process on your behalf, Qaswa Technology acts as a processor / service provider and you (the MSP or IT team) are the controller; we process that data only on your documented instructions and for the purposes of providing the Service. Where you require a signed Data Processing Agreement, see Section 8.8 of our Terms of Service.
We retain workspace telemetry while your workspace is active. When you offboard or close a workspace, your data is deleted from our systems, and you may request earlier deletion at any time by contacting us. Aggregated, anonymized statistics that cannot identify you or your clients may be retained.
Subject to applicable law, you may:
To exercise these rights, contact info@qaswatechnology.com. We will respond within 45 days of receipt, which we may extend by an additional 45 days where reasonably necessary (we will notify you of any extension).
Qaswa Technology operates from the State of Nebraska, and this policy is administered under Nebraska law, including the Nebraska Data Privacy Act, Neb. Rev. Stat. §§ 87-1101 to 87-1130 (effective January 1, 2025).
Crosswatch is a business-to-business service used in a commercial context. Under the Nebraska Data Privacy Act, statutory "consumer" rights apply to Nebraska residents acting in an individual or household context (not in a commercial or employment context), and certain obligations do not apply to small businesses. Regardless of whether these provisions are legally required of our business, we voluntarily extend the following protections to all users:
If you are a Nebraska resident, you may exercise the rights in Section 9 by contacting info@qaswatechnology.com. If we decline to act on your request, you may appeal by replying to our decision; if your appeal is denied, you may submit a complaint to the Nebraska Attorney General.
In the event of a breach of the security of our systems that compromises unencrypted personal information of a Nebraska resident, we will conduct a prompt, good-faith investigation and, where unauthorized acquisition has occurred or is reasonably likely, notify affected residents as soon as possible and without unreasonable delay. As required by Nebraska's Financial Data Protection and Consumer Notification of Data Security Breach Act (Neb. Rev. Stat. §§ 87-801 to 87-808), we will also notify the Nebraska Attorney General no later than the time we notify affected residents.
We use only the cookies necessary to maintain your sign-in session (including Microsoft single sign-on). We do not use cookies for advertising or cross-site tracking.
Crosswatch is intended for business use by professionals and is not directed at children under 13. We do not knowingly collect information from children under 13.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Continued use after changes take effect constitutes acceptance of the updated policy.
Qaswa Technology
Email: info@qaswatechnology.com
Website: crosswatch.io