TRY NOW!

Privacy Policy

Effective Date: 01/10/2025
Last Updated: 01/09/2025

Who We Are

Cloudure.io delivers comprehensive cloud security management services, helping organizations
secure, monitor, and scale their cloud infrastructure responsibly. We’re committed to protecting your
privacy and maintaining the highest standards of data security.

Information We Collect

Information You Provide to Us

  • Account Information: Name, email address, company name, password, and profile details
  • Contact Data: Information provided through contact forms, support requests, and communications
  • Configuration Data: Cloud infrastructure settings, security configurations, and monitoring preferences
  • Business Information: Company size, industry sector, cloud providers used, and compliance requirements

Information We Collect Automatically

  • Platform Usage: Features accessed, time spent, configuration changes, and system interactions
  • Technical Information: IP addresses, browser types, device information, and operating systems
  • Security Monitoring Data: Logs, alerts, threat intelligence, and security event information
  • Performance Data: System performance metrics, response times, and service availability

Information from Third Parties

  • Cloud Provider APIs: Security configurations, resource inventories, and activity logs from your cloud accounts
  • Threat Intelligence: Security threat data from external sources to enhance protection
  • Integration Data: Information from connected security tools and services

How We Use Your Information

We process your data to:

  • Deliver Security Services: Monitor cloud infrastructure, detect threats, and provide security recommendations
  • Manage Your Account: Process registrations, handle billing, and provide customer support
  • Security Analysis: Analyze threats, generate security reports, and improve detection capabilities
  • Platform Enhancement: Develop new features, optimize performance, and enhance user experience
  • Communication: Send service updates, security alerts, and respond to inquiries
  • Compliance Support: Help meet regulatory requirements and industry standards

Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

  • Contract Performance: Providing cloud security monitoring and management services
  • Legitimate Interests: Improving security capabilities, platform optimization, and fraud prevention
  • Consent: Marketing communications and optional features (where applicable)
  • Legal Compliance: Meeting security regulations and responding to lawful requests

Information Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Cloud Security Partners: Trusted security vendors who enhance our threat detection capabilities
  • Service Providers: Infrastructure providers, payment processors, and support services
  • Legal Obligations: When required by law, court orders, or regulatory investigations
  • Security Incidents: With relevant authorities during security investigations (anonymized when possible)
  • Business Transfers: In connection with mergers, acquisitions, or business restructuring

Data Security and Protection

We implement enterprise-grade security measures:

  • Encryption: Advanced encryption for data in transit and at rest
  • Access Controls: Multi-factor authentication, role-based access, and the principle of least privilege
  • Infrastructure Security: Secure cloud hosting, network segmentation, and intrusion detection
  • Security Monitoring: Continuous monitoring, threat detection, and incident response
  • Regular Audits: Security assessments, penetration testing, and compliance reviews
  • Incident Response: Comprehensive procedures for security event management

Your Rights Under GDPR

You have the right to:

  • Access: Obtain copies of your personal data and information about processing
  • Rectification: Correct inaccurate or incomplete personal information
  • Erasure: Request deletion of your data (subject to security and legal requirements)
  • Data Portability: Receive your data in a structured, machine-readable format
  • Processing Restriction: Limit how we process your information
  • Object to Processing: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke consent for marketing or optional features

Contact us at info@cloudure.io to exercise these rights.

Data Retention

We retain information as follows:

  • Account Data: Duration of service plus 7 years for security and legal purposes
  • Security Logs: Up to 5 years for threat analysis and incident investigation
  • Communication Records: 7 years for business and compliance purposes
  • Anonymized Analytics: Indefinitely for security research and service improvement
  • Legal Requirements: As required by applicable security and data protection regulations

International Data Transfers

When transferring data outside the EU, we ensure protection through:

  • Adequacy Decisions: Countries with EU-approved data protection standards
  • Standard Contractual Clauses: EU-approved contractual safeguards
  • Security Certifications: SOC 2, ISO 27001, and other recognized security standards
  • Your Explicit Consent: For specific transfers where required

Third-Party Cloud Providers

Our service integrates with major cloud providers (AWS, Azure, GCP):

  • API Access: We access your cloud configurations through secure APIs you authorize
  • Data Processing: Cloud provider data is processed solely for security monitoring
  • Separate Policies: Each cloud provider has their own privacy policies
  • Limited Scope: We only access data necessary for security services

Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Operations: Authentication, security, and core platform functionality
  • Performance Monitoring: Platform performance, error tracking, and user experience
  • Security Analysis: Threat detection, anomaly identification, and fraud prevention
  • Analytics: Understanding platform usage and optimizing features

Manage cookie preferences through your browser or account settings.

Security Incident Notification

In case of security incidents affecting personal data:

  • Notification Timing: We’ll notify relevant authorities within 72 hours when required
  • User Communication: We’ll inform affected users without undue delay
  • Incident Details: We’ll provide clear information about the incident and our response
  • Remediation Steps: We’ll explain measures taken to address the incident

Changes to This Policy

We may update this policy for legal, operational, or security reasons:

  • Advance Notice: Significant changes will be communicated via email or platform notifications
  • Effective Date: Changes take effect on the date specified in the updated policy
  • Review Opportunity: You’ll have time to review changes before they become effective

Regulatory Contact

For GDPR-related concerns, you may contact: EU Representative:

Supervisory Authority: Contact your local data protection authority

Secure data practices for secure cloud infrastructure.

Contact Us

For privacy-related inquiries or to exercise your right:

Email: info@cloudure.com
Security Contact: security@cloudure.io
Address: Antalya Tower, 5th Floor, Nador, Morocco
Data Protection Officer: info@cloudure.com

Ready to eliminate guesswork from your cloud security?

Connect with our cloud security experts and discover how cloudure’s intelligent automation can strengthen your AWS, Azure, and GCP infrastructure.

Privacy & Policy
Terms Condition

Copyright © 2025.