Privacy Policy

1.1 Information You Provide

• Account Information: Name, email address, organization details, billing information
• Profile Data: User preferences, settings, and configuration choices
• Content Data: Code, configurations, AI agents, applications, and other content you upload
• Communication Data: Support requests, feedback, and correspondence with us
• Payment Information: Billing details processed through secure third-party providers

1.2 Information We Collect Automatically

• Usage Data: Platform interactions, feature usage, performance metrics
• Technical Data: IP address, browser type, device information, operating system
• Infrastructure Data: Cloud resource usage, container metrics, deployment information
• Log Data: System logs, access logs, error logs for troubleshooting and security
• Analytics Data: Platform performance, user engagement, feature adoption metrics

1.3 Information from Third Parties

• Cloud Provider Data: Resource usage and billing data from AWS, Azure, GCP
• Integration Data: Data from connected services like GitHub, GitLab, Docker Hub
• Authentication Data: Information from OAuth providers (Google, GitHub, etc.)
• Business Data: Company information from business intelligence services

2.1 Service Provision and Improvement

• Provide, operate, and maintain the CloudShip AI platform
• Process your transactions and manage your account
• Deploy and manage your AI agents and applications
• Monitor system performance and optimize resource allocation
• Provide customer support and technical assistance
• Develop new features and improve existing services

2.2 Security and Compliance

• Detect, prevent, and respond to security threats
• Investigate and prevent fraud or abuse
• Maintain audit logs for compliance and forensic purposes
• Enforce our Terms of Service and Acceptable Use Policy
• Comply with legal obligations and regulatory requirements

2.3 Communication and Business Operations

• Send service notifications and security alerts
• Provide product updates and announcements (with consent)
• Conduct business analytics and market research
• Generate aggregated, anonymized usage statistics

3.1 Service Providers and Partners

• Cloud Infrastructure: AWS, Microsoft Azure, Google Cloud Platform for hosting
• Payment Processing: Stripe and other payment processors for billing
• Analytics Services: Analytics providers for service improvement (anonymized data)
• Support Services: Third-party tools for customer support and communication
• Security Services: Security monitoring and threat detection services

All service providers are bound by confidentiality agreements and data processing addendums that require them to protect your information and use it only for specified purposes.

3.2 Legal Requirements and Business Transfers

• When required by law, court order, or government regulation
• To protect our rights, property, or safety, or that of our users
• In connection with a merger, acquisition, or sale of assets (with notice)
• With your explicit consent for specific purposes

3.3 Organization and Team Data

Within your organization, authorized team members may have access to shared data based on their role and permissions. Organization administrators can control access levels and data visibility through our role-based access control system.

4.1 Security Measures

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Multi-factor authentication and role-based permissions
• Infrastructure Security: Isolated environments and network segmentation
• Monitoring: 24/7 security monitoring and incident response
• Regular Audits: Security assessments and penetration testing
• Employee Training: Regular security awareness and privacy training

4.2 Security Standards

• Encryption: Data encrypted at rest and in transit using industry-standard protocols
• Access Controls: Role-based access control (RBAC) and least-privilege principles
• Data Protection: We follow data protection best practices aligned with GDPR and CCPA principles
• Regular Updates: Continuous security monitoring and regular security updates

6.1 Retention Periods

• Account Data: Retained while your account is active plus 90 days
• Usage Data: Retained for up to 2 years for analytics and improvement
• Security Logs: Retained for up to 7 years for security and compliance
• Billing Records: Retained as required by law (typically 7 years)
• Content Data: Deleted within 30 days of account termination

6.2 Data Deletion Rights

You can request deletion of your personal data at any time. We will process deletion requests within 30 days, subject to legal retention requirements. Enterprise customers have additional data portability and deletion options through their admin panel.

7.1 Access and Portability

• Request access to your personal data
• Receive a copy of your data in a portable format
• Request information about how we process your data

7.2 Correction and Control

• Correct inaccurate or incomplete personal data
• Restrict or object to certain processing activities
• Withdraw consent for marketing communications
• Update your privacy preferences

7.3 Deletion and Opt-Out

• Request deletion of your personal data (right to be forgotten)
• Opt out of sale of personal data (we do not sell personal data)
• Request restrictions on processing for specific purposes

8.1 Types of Cookies We Use

• Essential Cookies: Required for basic platform functionality
• Performance Cookies: Help us understand how you use our service
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Provide insights for service improvement

8.2 Cookie Management

You can control cookie preferences through your browser settings or our cookie preference center. Note that disabling essential cookies may affect platform functionality.