Privacy Policy

1. Introduction

This Privacy Policy explains how sCloud ("we", "us", "our") collects and processes personal data when you use our services, dashboard, and APIs.

sCloud is an independent software service operated by Lucas Guiot.

We follow a data minimization approach and only collect information necessary to provide, secure, and maintain the platform.

2. Data Controller

For the purposes of applicable data protection laws, the data controller is:

sCloud
Operated by Lucas Guiot

For privacy-related inquiries, contact:
[email protected]

3. Data We Collect

We may collect the following categories of data:

Account Information

Information you provide when creating an account, such as:

• email address
• username or name
• authentication identifiers (OAuth IDs)
• encrypted credentials

Service Configuration Data

Information required to operate the platform, including:

• domains
• bucket names
• configuration settings
• API usage metadata

Operational Logs

Technical logs required for security, reliability, and abuse prevention, such as:

• IP addresses
• request metadata
• timestamps
• system events

Billing Information

Billing and payment-related information handled through our payment provider Polar.sh.

sCloud does not store full payment card information.

4. How We Use Data

We process personal data for the following purposes:

• creating and managing user accounts
• operating and maintaining the platform
• securing infrastructure and preventing abuse
• providing technical support
• processing billing and subscriptions
• complying with legal obligations

5. Legal Bases for Processing

Under the GDPR, we rely on the following legal bases:

6. Cookies

We only use strictly necessary cookies required for the operation of the dashboard.

These cookies include:

• session cookies used to maintain login sessions
• security cookies used to prevent unauthorized access

We do not use advertising, tracking, or marketing cookies.

7. Data Retention

We retain personal data only as long as necessary to provide our services.

Typical retention periods include:

• account information: retained while the account remains active
• operational logs: retained for security and operational purposes
• billing data: retained as required by applicable financial regulations

When an account is deleted, associated personal data is removed unless retention is required by law.

8. Data Security

We implement technical and organizational measures designed to protect personal data, including:

• encryption in transit
• restricted access controls
• infrastructure monitoring

Despite these safeguards, no system can guarantee absolute security.

9. Third-Party Processors

We rely on trusted third-party providers to operate certain parts of the platform.

These may include:

• payment processing via Polar.sh
• authentication providers (e.g., OAuth providers)
• infrastructure hosting providers

These providers process personal data only as necessary to deliver their services.

10. International Data Transfers

Some service providers may operate infrastructure outside the European Economic Area (EEA).

When this occurs, we ensure that appropriate safeguards are implemented in accordance with applicable data protection laws.

11. Your Rights

Under applicable data protection laws, including the GDPR, you have the right to:

• request access to your personal data
• request correction of inaccurate information
• request deletion of your data
• request restriction of processing
• request portability of your data
• object to certain types of processing

Requests can be made by contacting:

[email protected]

12. Complaints

If you believe your data protection rights have been violated, you may file a complaint with your local data protection authority.

In Belgium, this authority is the Belgian Data Protection Authority.

13. Changes to this Policy

We may update this Privacy Policy from time to time.

If significant changes occur, we may notify users through the dashboard or other appropriate communication channels.