PRIVACY POLICY

1. DATA PROTECTION COMMITMENT

Cloudynic takes your privacy seriously. We implement industry-standard security measures to protect your personal data, API keys, passwords, and usage information.

2. WHAT DATA WE COLLECT

We collect:

  • Email address and account credentials (password hashed with bcrypt)
  • API usage statistics and request logs (stripped of sensitive content)
  • Subscription and payment information (handled via Razorpay)
  • Device IP address for rate limiting and fraud prevention
  • Error logs for debugging (without storing user input)

3. API KEY & PASSWORD SECURITY

API Keys & Passwords are:

  • Stored using industry-standard encryption
  • Never logged in plain text
  • Protected from unauthorized access
  • Only accessible to your account
  • Can be regenerated or revoked anytime

Your responsibility: Never share your API keys or passwords. Treat them as secrets. If compromised, regenerate them immediately from your dashboard.

4. COOKIE & SESSION SECURITY

Your Cookies are:

  • HttpOnly (cannot be accessed by JavaScript)
  • Secure (only transmitted over HTTPS)
  • SameSite restricted (prevents CSRF attacks)
  • Short-lived (expire after inactivity)
  • Never shared with third parties

We do NOT sell, share, or misuse your cookie data. Sessions are encrypted and managed securely by Supabase Auth.

5. DATA USAGE

We use your data ONLY for:

  • Providing the CloudyNIC AI service
  • Processing payments and subscriptions
  • Rate limiting and fraud prevention
  • Improving service quality and reliability
  • Communicating important updates

We NEVER: Sell user data, use it for advertising, share with third parties (except Razorpay for payments), or train AI models on your API queries.

6. THIRD-PARTY SERVICES

We use:

  • Razorpay - Payment processing

Each service has its own privacy policy. We recommend reviewing them. These services are bound by data processing agreements and cannot use your data for other purposes.

7. DATA RETENTION

We retain personal data only as long as necessary. You can request data deletion anytime. API usage logs are retained for 90 days for billing and rate limiting purposes.

8. YOUR RIGHTS

You have the right to:

  • Access your personal data
  • Request corrections or deletions
  • Export your data
  • Revoke API keys and sessions
  • Contact us with privacy concerns

Email: hello@cloudynic.com

SECURITY GUARANTEE

Cloudynic uses encryption (SSL/TLS), secure password hashing (bcrypt), and industry-best practices for data protection. However, no system is 100% secure. If you suspect a security breach, contact us immediately at hello@cloudynic.com.

Last updated: May 2026

BACK TO HOME