1. Introduction

CloudNOOE is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services. Please read this policy carefully to understand our practices regarding your personal data.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us, including:

• Account registration information (name, email address, password)
• Profile information and preferences (organization, profession, theme settings)
• Infrastructure designs, workspace configurations, and chat conversations
• AWS account credentials (encrypted using AWS KMS with rotating keys)
• Communications you send to us
• Payment information (processed securely through Polar, our payment processor)

2.2 Automatically Collected Information

When you use our services, we automatically collect:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Cookies and similar tracking technologies
• Log data and analytics information

3. How We Use Your Information

We use the collected information for various purposes:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send administrative information, updates, and security alerts
• Respond to your comments, questions, and support requests
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Personalize your experience and deliver relevant content
• Send marketing communications (with your consent)

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: With third-party vendors who perform services on our behalf
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• With Your Consent: When you explicitly authorize us to share your information

We do not sell your personal information to third parties for their marketing purposes.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS 1.3 and at rest using AES-256 encryption
• AWS Key Management Service (KMS) with rotating encryption keys for AWS credentials storage
• JWT token-based authentication with secure session management
• Access controls and multi-layer authentication requirements
• Secure data storage on AWS infrastructure with regular backups across multiple availability zones

Your AWS credentials are never stored directly. We encrypt them using AWS KMS with automatically rotating keys, ensuring that even our team cannot access your sensitive credentials. However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a structured format
• Opt-out: Unsubscribe from marketing communications
• Cookie Preferences: Manage your cookie settings through your browser

To exercise these rights, please contact us through our support channels.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. Cookies are small data files stored on your device that help us improve our services and your experience. You can control cookie settings through your browser preferences, but disabling cookies may limit certain features of our services.

9. Third-Party Links

Our services may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

10. Children's Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

11. International Data Transfers

Your information is stored and processed on AWS cloud infrastructure. Data is replicated across multiple AWS availability zones for redundancy and disaster recovery. These zones may be located in different countries with varying data protection laws. By using our services, you consent to the transfer and storage of your information on AWS infrastructure.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through our support channels. We will respond to your inquiry as promptly as possible.