Legal

Privacy Policy

Last updated: March 30, 2026

1. Information We Collect

We collect information you provide directly to us, including: Account Information: When you create an account, we collect your name, email address, company name, and password. Cloud Account Data: When you connect your cloud accounts (AWS, GCP, Azure), we collect cost and usage metadata, resource inventories, and billing data through read-only API access. We do not access your application data, customer data, or production workloads. Usage Data: We automatically collect information about how you use CloudDory, including pages visited, features used, and interaction patterns. Communication Data: When you contact us, we collect the content of your messages, email address, and any other information you provide.

2. How We Use Your Information

We use the information we collect to: - Provide, maintain, and improve CloudDory services - Process and analyze your cloud cost and usage data to generate recommendations - Send you technical notices, updates, security alerts, and administrative messages - Respond to your comments, questions, and customer service requests - Monitor and analyze trends, usage, and activities in connection with our services - Detect, investigate, and prevent fraudulent transactions and other illegal activities - Personalize and improve your experience

3. Information Sharing

We do not sell your personal information. We may share information in the following circumstances: Service Providers: We share information with third-party service providers who perform services on our behalf, such as hosting, analytics, and customer support. These providers are bound by contractual obligations to protect your data. Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request. Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. With Your Consent: We may share information with your consent or at your direction.

4. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. We also retain information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. Cloud cost and usage data is retained for up to 13 months to enable year-over-year comparisons. You can request deletion of your data at any time by contacting us.

5. Your Rights (CCPA/GDPR)

Depending on your location, you may have the following rights: Access: You can request a copy of the personal information we hold about you. Correction: You can request that we correct inaccurate or incomplete information. Deletion: You can request that we delete your personal information, subject to certain exceptions. Portability: You can request a machine-readable copy of your data. Opt-Out: You can opt out of certain data processing activities, including marketing communications. Non-Discrimination: We will not discriminate against you for exercising your privacy rights. To exercise these rights, contact us at [email protected].

6. Cookies and Tracking

We use cookies and similar tracking technologies to collect information about your browsing activity. These include: Essential Cookies: Required for the operation of our services (authentication, security). Analytics Cookies: Help us understand how visitors interact with our website. Preference Cookies: Remember your settings and preferences. You can control cookies through your browser settings. Disabling certain cookies may limit functionality.

7. Security

We implement appropriate technical and organizational measures to protect your information, including encryption at rest (AES-256), encryption in transit (TLS 1.3), access controls, and regular security assessments. For more details, see our Security page.

8. International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers outside the European Economic Area.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: Email: [email protected] Mail: CloudDory, Inc., San Francisco, CA, United States