Privacy Policy

Last updated: March 21, 2026

At CloudRAT, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, and protect your information when you use our analytics platform.

1. Information We Collect

1.1 Personal Information

We collect the following personal information:

  • Account Information: Email address, name, password (encrypted)
  • Payment Information: Billing details processed securely through Razorpay
  • Usage Data: How you interact with our platform
  • Technical Data: IP address, browser type, device information

1.2 Analytics Data

When you use CloudRAT to track analytics on your websites/applications:

  • User events and interactions
  • Page views and navigation patterns
  • Custom events you define
  • User identifiers and properties

2. How We Use Your Information

2.1 Service Provision

  • Create and manage your account
  • Provide analytics services
  • Process payments and subscriptions
  • Send service-related communications

2.2 Analytics Processing

  • Process and analyze tracking data
  • Generate reports and insights
  • Provide real-time analytics
  • Support funnel and cohort analysis

2.3 Legal Compliance

  • Comply with legal obligations
  • Prevent fraud and abuse
  • Enforce our Terms of Service
  • Protect our rights and those of others

3. Data Sharing and Disclosure

3.1 We Do Not Sell Your Data

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

3.2 Service Providers

We may share data with trusted service providers who help us operate our platform:

  • Razorpay: Payment processing
  • Database Providers: Data storage (PostgreSQL)
  • Cloud Hosting: Infrastructure providers

3.3 Legal Requirements

We may disclose information if required by law, court order, or to protect our rights and safety.

4. Data Security

4.1 Security Measures

We implement industry-standard security measures:

  • End-to-end encryption for data in transit
  • Encrypted storage of sensitive data
  • Regular security audits and updates
  • Access controls and authentication
  • Secure payment processing

4.2 Data Breach Notification

In the event of a data breach, we will notify affected users within 72 hours and take immediate corrective action.

5. Your Rights (GDPR Compliance)

5.1 Access and Portability

You have the right to access your personal data and receive a copy in a portable format.

5.2 Rectification

You can request correction of inaccurate or incomplete personal data.

5.3 Erasure (Right to be Forgotten)

You can request deletion of your personal data, subject to legal and legitimate business requirements.

5.4 Restriction of Processing

You can request limitation of how we process your data.

5.5 Objection

You can object to processing based on legitimate interests or direct marketing.

5.6 Data Portability and Export

You can request your data in a structured, machine-readable format. Data export is available for a fee of ₹500 per project and is limited to the most recent 36 months of analytics data. Export requests may take up to 30 days to process and are subject to verification of account ownership.

6. Cookies and Tracking

6.1 Essential Cookies

We use essential cookies for authentication and security. These cannot be disabled.

6.2 Analytics Cookies

We may use analytics cookies to improve our service. You can opt out through your browser settings.

7. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where required.

9. Data Retention

9.1 Account Data

We retain account information while your account is active and for a reasonable period thereafter for legal and business purposes.

9.2 Analytics Data

Analytics data is retained based on your subscription plan. You can request deletion at any time.

9.3 Legal Requirements

Some data may be retained longer if required by law or for legitimate business purposes.

10. Children's Privacy

CloudRAT is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification. Continued use constitutes acceptance of the updated policy.

12

11. Contact Us

If you have questions about this Privacy Policy or our data practices:

  • Email: privacy@cloudrat.io
  • Data Protection Officer: dpo@cloudrat.io
  • Address: Bangalore, Karnataka, India

12. Complaints

If you believe we have not complied with applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority.