Privacy Policy | CloudTool.app

At CloudTool.app, we respect our customers' need for privacy. We offer our Services to customers and users either directly or via third-party integrations. Where we refer to "Customers" in this Privacy Notice, we refer to individuals or organisations that have created an account with us to use the Services. Each Customer's team members or authorised users are referred to as "Authorised Users."

By using or accessing our Services in any manner, you accept the practices and policies outlined in this Privacy Notice and you acknowledge that we may process your information as described herein.

About CloudTool.app

CloudTool.app is a browser-based SaaS platform providing developer utility tools to individuals, teams, and organisations. Our Services include, but are not limited to, JSON formatting and validation, QR code generation, PDF creation, URL shortening, hash encoding, UUID generation, screenshot capture, IP lookup, email validation, and related developer utilities, all accessible through a single authenticated workspace at cloudtool.app and its associated subdomains.

Applicability

This Privacy Notice ("Notice") explains CloudTool.app's practices regarding the collection, use, disclosure, and processing of your personal information; the rights and choices you may have with respect to such information; how you may contact us; and how we protect your information when you:

Visit cloudtool.app and any associated subdomains, including landing pages, help documentation, and related web properties (collectively our "Sites");
Access or use the tools, dashboard, account features, or any other products or services made available by CloudTool.app (collectively the "Services") as a Customer or Authorised User; and
Interact with us in any other way, including contacting our support team, providing feedback, or subscribing to communications from us.

Under this Notice, CloudTool.app acts as a data controller for the personal information we process in connection with your account and use of our Sites and Services. This means we determine how and why personal information is collected and processed.

This Privacy Notice does not apply to:

Personal information that we process solely at the direction of a Customer, for example where a team owner manages Authorised Users within a shared workspace. In those circumstances, the Customer operates as the data controller and their own privacy notice will govern how personal information is handled. If you have questions about how a specific team owner or organisation manages your personal information within their CloudTool workspace, please contact that organisation directly.
Third-party services, websites, or integrations that may be accessible from or connect with our Services. We are not responsible for the privacy practices of such third parties, and we encourage you to review their respective privacy notices.

Information We Collect

The information we collect depends on your interactions with us, the choices you make, the features you use, your location, and applicable laws. We may collect information directly from you when you create an account or use our Services, and we may also collect information automatically through your use of our Sites and Services.

Information You Provide Directly to Us

We collect the following information directly from you when you use our Sites and Services:

Contact Information

We collect your contact information when you sign up for, inquire about, or use our Services. This information may include your full name and email address.

Account Information

We collect information you provide to create, update, or administer your account, such as your email address, display name, and password (stored in hashed form). Where you choose to sign in via Google OAuth2, we receive your name and email address from Google in accordance with the permissions you grant during the OAuth flow.

Transactional Information

We collect payment-related information in connection with paid subscriptions. Payment card details are collected and stored by our third-party payment processor, Stripe, and are not stored directly by CloudTool.app. We retain references such as your Stripe customer ID and subscription plan for billing administration purposes.

Tool Input Data

When you use our tools, you may submit data such as JSON text, URLs, HTML, plain text, or other file content as inputs. This input data is processed in real time to generate your requested output and is not persistently stored by CloudTool.app unless you explicitly save an output to your account history.

Saved Outputs

Where you choose to save a tool result, we store the associated input, output, tool identifier, and a label of your choosing in your account history. You may delete saved outputs at any time from your account dashboard.

Support and Feedback Information

We collect information you provide when you contact us for support or submit feedback, including the content of your message, your email address, and any attachments or additional context you choose to share.

Team Information

Where you are a team owner on the Team plan, you may invite other users to your workspace. We collect the email addresses of invited users and their role assignments within your team for the purpose of managing access.

Information We Collect Automatically

When you use or interact with our Sites and Services, we automatically collect or receive certain information about you, your device, and your usage:

Usage Information

We collect information about how you interact with our Sites and Services, such as pages viewed, tools used, actions taken, date and timestamps associated with your usage, and session duration.

Device Information

We collect information about the device and browser you use to access our Services, including browser type and version, operating system, language preferences, and screen resolution.

Service-Generated Information

We collect log data generated by our servers in connection with your use of the Services, including your IP address, request details, HTTP status codes, response times, and error information. This data is used for security monitoring, performance optimisation, and debugging.

Location Information

We derive your approximate city and country of origin from your IP address for the purposes of security monitoring and usage analytics. We do not collect or store precise geolocation data.

Cookies and Similar Technologies

We use cookies and similar tracking technologies to support the operation of our Services, including session management, authentication, and preference storage. We do not use third-party advertising cookies or behavioural tracking technologies. For more information, please see our Cookie Notice.

How We Use Information

We use your information as described in this Notice to provide and improve our Sites and Services. Specifically, we may use your information in the following ways:

Service Operation

To operate and administer our Sites, provide, deliver, monitor, and maintain our Services, including authentication, session management, quota enforcement, and troubleshooting.

Account Administration

To create and manage your account, process subscription payments, send billing confirmations, invoices, and other transactional communications related to your account.

Product Development and Improvement

To improve the functionality, performance, and user experience of our Services, and to develop new tools and features based on usage patterns and feedback.

Support

To provide technical support and respond to your enquiries. CloudTool.app personnel do not access your tool inputs or saved outputs except where strictly necessary to resolve a support issue you have raised, or for security or legal purposes.

Communication

To send you transactional and account-related communications, such as security alerts, password reset emails, subscription notifications, and service announcements. Where you have opted in, we may send you product updates or newsletters. You may opt out of non-essential communications at any time.

Security

To detect, investigate, prevent, and respond to potential threats, fraudulent activity, unauthorised access, abuse, and other malicious or illegal activity targeting our Services or users.

Legal and Compliance

To comply with applicable laws and regulations, respond to lawful requests from governmental or regulatory authorities, enforce our Terms of Service, and protect the rights, safety, and property of CloudTool.app, our users, and the public.

With Your Consent

For any other purpose where we have obtained your prior consent.

How We Retain Your Information

We retain your information for the minimum period necessary to fulfil the purposes described in this Notice, to comply with our legal and contractual obligations, and for legitimate business purposes such as tax, accounting, and audit requirements.

Specific retention periods include:

Tool input data processed in real time is not retained beyond the current session unless explicitly saved by you.
Generated binary files, including PDFs and screenshots, are stored temporarily on our infrastructure for a maximum of twenty-four (24) hours before being automatically and permanently deleted.
Activity log metadata (tool identifier, response time, HTTP status) is retained for a rolling period of ninety (90) days, after which it is deleted or anonymised.
Account information is retained for the duration of your account and for a reasonable period following account deletion to comply with legal obligations.
Billing records are retained for up to seven (7) years in accordance with applicable financial record-keeping requirements.

When we no longer have a legitimate basis to process your personal information, we will delete or anonymise it. Where deletion is not immediately possible (for example, in encrypted backups), we will store the information securely and isolate it from further active processing until deletion is feasible.

How We Disclose Information

We disclose your personal information only as necessary to provide the Services, as required by law, or as part of our legitimate business operations. We do not sell your personal information to third parties. We do not share your personal information with advertising networks or use it for targeted advertising. Disclosures are made only on a need-to-know basis, with appropriate contractual safeguards in place, as described below.

Third-Party Service Providers

We disclose information with third-party service providers who require access to information to support our operations and delivery of the Services. These providers are authorised to use your information only as necessary to provide services to CloudTool.app, and are bound by contractual confidentiality and data protection obligations. Categories of service providers include:

Infrastructure and hosting providers to deliver compute, storage, and content delivery services.
Payment processors to authorise, record, and manage billing transactions.
Email delivery providers to send transactional and account communications.
Security and fraud detection providers to monitor and protect the Services from abuse and malicious activity.
Error tracking and monitoring services to identify and resolve technical issues.
Analytics providers to understand aggregated, anonymised usage of the Services.

Team Owners

If you are an Authorised User within a team workspace, the team owner and other administrators of that workspace may have access to certain information about your account activity, tool usage, and saved outputs within the shared workspace, as described in the Teams section of our Terms of Service.

Corporate Transactions

We may disclose or transfer your information to relevant third parties in the event of, or as part of due diligence or negotiations for, any proposed or actual reorganisation, merger, acquisition, sale of assets, or similar corporate transaction. You will be notified of any change in ownership or control of your personal information through the email address associated with your account.

Legal or Regulatory Authorities

We may disclose your information to governmental, regulatory, or law enforcement authorities where: (i) required to comply with applicable law or regulation; (ii) required by a valid court order, subpoena, or other legal process; (iii) necessary to enforce our Terms of Service or this Notice; (iv) necessary to protect the security or integrity of our Services; or (v) necessary to protect the rights, property, or safety of CloudTool.app, our users, or the public.

With Your Consent

We may disclose your information to other third parties where we have obtained your prior consent to do so.

We may also use and disclose aggregated, de-identified information that cannot reasonably be used to identify you for any lawful purpose, including for product analytics and industry reporting.

How We Secure Your Information

We implement and maintain reasonable and appropriate administrative, technical, and physical security measures designed to protect your personal information from unauthorised access, use, modification, disclosure, loss, or destruction. These measures include encrypted data transmission over HTTPS, HTTP-only session cookies with secure and SameSite attributes, hashed password storage, Redis-backed session management with rolling expiry, and restricted access controls for our internal systems.

We require third-party service providers who process information on our behalf to implement security measures in accordance with industry standards and their contractual obligations to us. We are not responsible for the privacy and security practices of such third parties beyond the information they receive from or transmit to us.

Notwithstanding our security safeguards, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security in all circumstances. If you believe your account has been compromised or you have identified a security issue, please contact us immediately at [email protected].

Third-Party Services

Our Sites and Services may contain links to or integrations with websites, tools, or services not operated by CloudTool.app ("Third-Party Services"). These Third-Party Services have their own independent privacy notices and terms of service, which we do not control and are not responsible for. We recommend carefully reviewing the privacy notices of any Third-Party Services you access in connection with your use of our Services.

How We Transfer Your Information

CloudTool.app operates infrastructure based in Europe (Hetzner, Helsinki) with CDN and DNS services provided by Cloudflare. If you are accessing our Services from outside the European Economic Area, your information may be transferred to and processed in jurisdictions with different data protection laws.

To the extent required by applicable law, whenever we transfer your personal information internationally, we take appropriate steps to ensure that your information receives an adequate level of protection, including through the use of standard contractual clauses or other lawful transfer mechanisms approved under applicable data protection law.

Your Privacy Rights and Choices

You may have certain rights and choices available to you depending on your jurisdiction and applicable law. Below is a summary of rights that may be available to you and how to exercise them.

Right to Access and Portability

You have the right to request access to and receive a copy of the personal information we hold about you, in a structured and commonly used format.

Right to Rectification

You have the right to request correction of your personal information where it is inaccurate or incomplete. You may update most account information directly from your account settings page.

Right to Deletion

You have the right to request that we delete your personal information. You may delete your account at any time from your account dashboard, which will initiate the deletion of your personal data in accordance with our retention practices.

Right to Withdraw Consent

Where we process your personal information on the basis of your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

Right to Object or Restrict Processing

You may have the right to object to or request restriction of certain processing of your personal information, subject to applicable legal exceptions.

Right to Opt-Out of Marketing Communications

You may opt out of receiving non-essential marketing communications from us at any time by clicking the "Unsubscribe" link in any such email or by contacting us at [email protected]. You will continue to receive transactional and account-related communications while your account is active.

Right to Lodge a Complaint

If you believe we have not handled your personal information in accordance with applicable law, you have the right to lodge a complaint with the relevant supervisory or data protection authority in your jurisdiction.

To exercise any of the above rights, please contact us using the details provided in the Contact Us section below. We may need to verify your identity before processing your request. We aim to respond to all requests within thirty (30) days of receipt. In some circumstances, requests may be limited where complying would conflict with applicable law, regulatory obligations, or the rights of other individuals.

Minimum Age Requirements

Our Services are not directed to or intended for use by individuals under the age of 16. To use our Services, you must be old enough to consent to the processing of your personal information under the laws of your jurisdiction. We do not knowingly collect personal information from anyone under the age of 16. If you become aware that a child under 16 has provided us with personal information without parental consent, please contact us at [email protected] and we will take steps to remove such information from our systems.

Changes to This Privacy Notice

We periodically review and update this Notice to reflect changes to our Services or data practices. We will indicate the date of the most recent revision at the bottom of this Notice. For material changes that affect your rights or the way we process your information, we will provide notice by email to the address associated with your account or by posting a prominent notice on our Sites prior to the change taking effect. We encourage you to review this Notice periodically. Your continued use of the Services after any changes become effective constitutes your acceptance of the updated Notice.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice or our data practices, please contact us:

CloudTool.app

Privacy[email protected]

Support[email protected]

Security[email protected]

Websitecloudtool.app

Effective Date

1 June 2025

Last Updated

1 June 2025