PRIVACY POLICY
1. DATA PROTECTION COMMITMENT
Cloudynic takes your privacy seriously. We implement industry-standard security measures to protect your personal data, API keys, passwords, and usage information.
2. WHAT DATA WE COLLECT
We collect:
- Email address and account credentials (password hashed with bcrypt)
- API usage statistics and request logs (stripped of sensitive content)
- Subscription and payment information (handled via Razorpay)
- Device IP address for rate limiting and fraud prevention
- Error logs for debugging (without storing user input)
3. API KEY & PASSWORD SECURITY
API Keys & Passwords are:
- Stored using industry-standard encryption
- Never logged in plain text
- Protected from unauthorized access
- Only accessible to your account
- Can be regenerated or revoked anytime
Your responsibility: Never share your API keys or passwords. Treat them as secrets. If compromised, regenerate them immediately from your dashboard.
4. COOKIE & SESSION SECURITY
Your Cookies are:
- HttpOnly (cannot be accessed by JavaScript)
- Secure (only transmitted over HTTPS)
- SameSite restricted (prevents CSRF attacks)
- Short-lived (expire after inactivity)
- Never shared with third parties
We do NOT sell, share, or misuse your cookie data. Sessions are encrypted and managed securely by Supabase Auth.
5. DATA USAGE
We use your data ONLY for:
- Providing the CloudyNIC AI service
- Processing payments and subscriptions
- Rate limiting and fraud prevention
- Improving service quality and reliability
- Communicating important updates
We NEVER: Sell user data, use it for advertising, share with third parties (except Razorpay for payments), or train AI models on your API queries.
6. THIRD-PARTY SERVICES
We use:
- Razorpay - Payment processing
Each service has its own privacy policy. We recommend reviewing them. These services are bound by data processing agreements and cannot use your data for other purposes.
7. DATA RETENTION
We retain personal data only as long as necessary. You can request data deletion anytime. API usage logs are retained for 90 days for billing and rate limiting purposes.
8. YOUR RIGHTS
You have the right to:
- Access your personal data
- Request corrections or deletions
- Export your data
- Revoke API keys and sessions
- Contact us with privacy concerns
Email: hello@cloudynic.com
SECURITY GUARANTEE
Cloudynic uses encryption (SSL/TLS), secure password hashing (bcrypt), and industry-best practices for data protection. However, no system is 100% secure. If you suspect a security breach, contact us immediately at hello@cloudynic.com.
Last updated: May 2026
BACK TO HOME