Privacy Policy
Last Updated: January 24, 2026
At CloudLens AI, operated by CloudLens AI ("we", "us", or "our"), we take
your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your
information when you use our cloud infrastructure analysis platform.
Please read this Privacy Policy carefully. By using our Service, you agree to the collection and use of
information in accordance with this policy.
1. Information We Collect
1.1 Personal Information You Provide
We collect information that you voluntarily provide when using our Service:
| Information Type |
Examples |
Purpose |
| Account Information |
Name, email address, password |
Account creation and authentication |
| Payment Information |
Billing details (processed by third-party payment processors) |
Credit purchase and billing |
| Cloud Architecture Data |
Diagrams, configurations, infrastructure descriptions |
AI-powered analysis generation |
| Communication Data |
Support tickets, emails, feedback |
Customer support and service improvement |
1.2 Cloud Provider Credentials (Temporary)
When you connect your cloud accounts for live analysis:
- Credentials are encrypted in transit and at rest
- Used only for the duration of analysis generation
- Never stored permanently on our servers
- Deleted immediately after analysis completion
- You can revoke access anytime through your cloud provider console
1.3 Automatically Collected Information
We automatically collect certain information when you use our Service:
- Usage Data: Features used, credits consumed, analysis frequency
- Log Data: IP address, browser type, device information, access times
- Cookies and Tracking: Session cookies, authentication tokens, preferences
- Performance Data: Error logs, crash reports, performance metrics
2. How We Use Your Information
2.1 To Provide and Maintain Our Service
- Process your cloud infrastructure for AI analysis
- Generate architecture diagrams and recommendations
- Manage your account and credits
- Process payments and send billing confirmations
- Provide customer support
2.2 To Improve Our Service
- Analyze usage patterns to enhance features
- Train and improve AI models using anonymized data
- Identify and fix technical issues
- Develop new features based on user needs
2.3 To Communicate With You
- Send transactional emails (purchase confirmations, password resets)
- Respond to your inquiries and support requests
- Send important service updates and security notifications
- Notify you of new features (with opt-out available)
2.4 To Ensure Security and Prevent Fraud
- Detect and prevent unauthorized access
- Monitor for suspicious activity
- Enforce our Terms of Service
- Comply with legal obligations
3. How We Share Your Information
We DO NOT sell your personal information to third parties.
3.1 Service Providers
We share information with trusted third-party service providers who assist us in operating our Service:
- Cloud Infrastructure: AWS (hosting, storage, database)
- AI Services: Anthropic Claude API (for analysis generation)
- Payment Processing: Dodo Payments (credit card processing)
- Authentication: AWS Cognito (user authentication and OAuth)
- Analytics: Usage analytics providers (anonymized data only)
These providers are contractually obligated to protect your data and use it only for the purposes we specify.
3.2 Legal Requirements
We may disclose your information if required to:
- Comply with legal obligations (subpoenas, court orders)
- Protect our rights, property, or safety
- Prevent fraud or security threats
- Enforce our Terms of Service
3.3 Business Transfers
If we are involved in a merger, acquisition, or asset sale, your information may be transferred. We will
notify you before your information becomes subject to a different privacy policy.
3.4 With Your Consent
We may share information for other purposes with your explicit consent.
4. Data Storage and Security
4.1 Data Storage
- Location: Primary data storage in AWS US East (N. Virginia) region
- Retention:
- Account data: Until account deletion + 30 days
- Analysis results: Until user deletion or account termination
- Cloud credentials: Immediately after analysis completion (never stored)
- Payment records: 7 years (legal requirement)
4.2 Security Measures
We implement industry-standard security measures:
- Encryption in Transit: TLS/SSL for all data transmission
- Encryption at Rest: AES-256 encryption for stored data
- Authentication: Multi-factor authentication support, secure password hashing
- Access Controls: Role-based access, principle of least privilege
- Monitoring: Continuous security monitoring and logging
- Compliance: SOC 2 compliant infrastructure (AWS)
No Security is Perfect: While we strive to protect your data, no method of transmission
or storage is 100% secure. We cannot guarantee absolute security.
5. Your Privacy Rights
5.1 Access and Control
You have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Deletion: Request deletion of your account and data
- Portability: Export your analysis results in common formats
- Objection: Object to certain data processing activities
- Restriction: Request limitation of data processing
5.2 How to Exercise Your Rights
To exercise any of these rights, contact us at support@cloudlensai.cloud. We will respond within 30 days.
5.3 Marketing Communications
You can opt out of marketing emails by:
- Clicking "unsubscribe" in any marketing email
- Updating preferences in your account settings
- Contacting us directly
Note: You cannot opt out of transactional emails (receipts, security notifications).
6. Cookies and Tracking Technologies
6.1 Types of Cookies We Use
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Authentication, security, basic functionality |
Session/Persistent |
| Performance Cookies |
Understand how users interact with our Service |
Persistent |
| Preference Cookies |
Remember your settings and preferences |
Persistent |
6.2 Managing Cookies
You can control cookies through your browser settings. However, disabling essential cookies may limit
functionality.
7. Third-Party Services
7.1 OAuth Authentication (Google)
When you sign in with Google:
- We receive only your email address and profile information
- We do not access your Google Drive, Gmail, or other Google services
- You can revoke access anytime via Google Account settings
7.2 Cloud Provider APIs
When you connect AWS accounts (Azure and GCP coming soon):
- We access only infrastructure metadata for analysis
- We do not access application data, databases, or files stored in your cloud
- Credentials are used read-only and deleted immediately after use
7.3 AI Processing (Anthropic Claude)
Your cloud architecture data is sent to Anthropic Claude API for analysis:
- Anthropic does not train models on your data (per their privacy policy)
- Data is processed in real-time and not retained by Anthropic
- We send only necessary infrastructure metadata, not sensitive credentials
8. Children's Privacy
Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal
information from children. If you believe we have inadvertently collected information from a child, please
contact us immediately.
9. International Data Transfers
Your data may be transferred to and processed in countries other than your own. We ensure adequate protection
through:
- Standard contractual clauses with service providers
- Compliance with applicable data protection laws
- Use of Privacy Shield certified partners (where applicable)
10. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights:
- Right to Know: What personal information we collect and how we use it
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
- Non-Discrimination: We will not discriminate against you for exercising your rights
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have rights under GDPR:
- Right of access, rectification, erasure, and restriction
- Right to data portability
- Right to object to processing
- Right to withdraw consent
- Right to lodge a complaint with supervisory authority
Legal Basis for Processing:
- Contract performance (providing the Service you requested)
- Legitimate interests (improving our Service, security)
- Legal obligations (compliance with laws)
- Your consent (where applicable)
12. Data Breach Notification
In the event of a data breach that may compromise your personal information:
- We will notify you within 72 hours of discovering the breach
- We will describe the nature of the breach and affected data
- We will explain steps we're taking to address the breach
- We will provide recommendations for protecting yourself
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Posting the new Privacy Policy with an updated "Last Updated" date
- Sending an email notification for material changes
- Displaying a notice on our Service
We encourage you to review this Privacy Policy periodically.
14. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us:
CloudLens AI
Email: support@cloudlensai.cloud
Website: https://cloudlensai.cloud