cloudflex technologies logo
Contact us
theme design for cloud flex technologies used in cloud storage, cloud solutions

Privacy Policy

Effective Date: 1 Jan, 2024

Introduction and Scope

Cloud Flex Technologies Pvt. Ltd. ( “Cloud Flex,” “we,” “us,” or “our”) provides cloud solutions (Virtual Machines, Kubernetes, VDI Workspace, GPU services, cloud storage, backup/disaster recovery, security services, managed services, data center, bare metal servers, etc.) to clients in India and the United States. This Privacy Policy explains how we collect, use, and protect data obtained through our website and related online services. It applies to all users of our website — including general visitors, potential customers, and enterprise clients — and covers both personal and business information. We are committed to handling your data in compliance with applicable privacy laws and data protection principles.

 

Types of Data Collected (Personal and Business Data)

We collect the following categories of information only through our website:

  • Personal Data: Information that can identify you as an individual. Examples include your full name, email address, phone number, home or business address, date of birth, and government IDs (such as Aadhar or Social Security number) if provided. We may also collect login credentials (usernames, passwords) and authentication data for account access.
  • Business/Professional Data: For enterprise clients or business contacts, we collect data such as company name, industry, job title/role, business email and phone, business address, and department. This information helps us tailor services to your organization’s needs.
  • Financial and Transaction Data: If you purchase services, we collect billing details and payment information (GST details, credit card, bank account, tax ID) to process payments and invoices.
  • Technical and Usage Data: We automatically collect data from your browser or device when you visit our site, such as IP address, device type, operating system, browser version, and pages accessed. We also log usage details (e.g. date/time of visit, search queries, session IDs) to improve our site and services.
  • Cookies and Tracking Data: We use cookies and similar technologies to recognize you on our site, analyze usage patterns, and support marketing. These may include unique identifiers and analytics cookies (see Use of Cookies and Tracking below).
  • Communications Data: When you communicate with us (e.g. via contact forms, email inquiries, support requests), we collect the content of those messages and any information you provide, such as your contact details and topics discussed.

We ensure that we only collect data necessary for legitimate business or legal purposes. Any sensitive personal information (e.g. health, racial origin) is collected only if voluntarily provided and with appropriate safeguards.

 

Purpose and Use of Collected Data

We use the data we collect for specific, legitimate purposes, and only to the extent necessary, in accordance with data protection principles. In particular:

  • Service Delivery: To fulfill our contractual obligations. Personal and business data let us create and manage your account, provision cloud resources (VMs, storage, etc.), perform service setup, and provide customer support and troubleshooting.
  • Account and Billing Management: To verify your identity, process orders/payments, send invoices, and manage subscriptions or renewals. We use your contact information to send service-related updates, receipts, and billing notices.
  • Communications: To respond to inquiries, requests, or feedback you submit. We may use your email or phone to provide customer support or clarify order details. With your consent, we may send newsletters or promotional materials about our services; you can unsubscribe at any time.
  • Service Improvement: To analyze and improve our website, products, and services. We use technical and usage data to understand trends, diagnose issues, enhance user experience, and tailor our offerings. These analytics help us make data-driven improvements.
  • Marketing and Advertising: To offer you relevant information about our services. We will use your data for marketing only if you have opted in. For advertising purposes, we may use cookies or third-party platforms to present ads that match your interests, subject to your consent.
  • Security and Fraud Prevention: To protect our systems and users. We use data to detect, prevent, and respond to security incidents, fraud, abuse, or illegal activities. This includes monitoring network traffic and applying security measures like firewalls and intrusion detection.
  • Legal Compliance and Business Administration: To comply with applicable laws and regulations (e.g. tax laws, accounting, legal holds, record-keeping) and legitimate business purposes (e.g. maintaining business records, enforcing contracts). We also use data for dispute resolution and to establish, exercise, or defend legal claims.

All processing is conducted lawfully. For example, we rely on lawful bases such as performance of a contract (service delivery), legitimate interests (analytics, security), and consent (marketing). We avoid using personal data for purposes incompatible with those disclosed at collection.

 

Data Storage, Protection, and Security Practices

We store user data on secure servers and in data centers located in India and the U.S., operated by reputable cloud providers. We implement industry-standard security measures to protect data, including:

  • Encryption: Data is encrypted both in transit and at rest. As recommended by cloud security best practices, we apply strong encryption on databases and backups, and use HTTPS/TLS for data transfer. This conceals data from unauthorized access.
  • Access Control: We restrict access to personal and business data to authorized personnel only, using strong authentication and role-based permissions. We follow the principle of least privilege — each employee or system component only has access to the data needed to perform its role.
  • Network and Infrastructure Security: Firewalls and regular security scans protect our network and servers. We maintain security posture monitoring to detect misconfigurations or threats. All cloud infrastructure is hardened per best practices (e.g. disabling unnecessary services).
  • Physical Security: Our data centers have robust physical controls (e.g. biometric entry, surveillance) to prevent unauthorized physical access to servers. Hardware is located in secured facilities with 24/7 monitoring.
  • Administrative Safeguards: We train our staff on privacy and security, enforce strict confidentiality obligations.
  • Incident Response: We maintain an incident response plan. In the unlikely event of a data breach, we will promptly investigate, contain the breach, and notify affected individuals and regulators as required by law.

We regularly review and update our security practices to address emerging threats and comply with relevant standards. Data is backed up regularly, and we enforce retention limits so that data is not kept longer than necessary for its intended purpose.

 

Use of Cookies and Tracking Technologies

Our website uses cookies, web beacons, and similar technologies to support functionality and analytics. Types of cookies used include:

  • Essential Cookies: These are necessary for basic site functions, such as keeping you logged in or remembering language preferences. Without them, certain services may not work correctly.
  • Analytics Cookies: We use cookies (e.g. Google Analytics) to collect data on how visitors use our site. This includes pages viewed, time spent, and navigation paths. These help us analyze trends and improve our site.
  • Preference Cookies: These remember your choices, such as whether you have consented to cookies, theme settings, or form inputs, enhancing your experience on future visits.
  • Advertising/Marketing Cookies: With your consent, we may use cookies or third-party tracking (e.g. Google Ads, LinkedIn) to deliver targeted advertisements and measure marketing performance. These cookies may track your site visits or ad interactions.

Before placing any non-essential cookies on your device, we obtain your informed consent in compliance with privacy laws. Cookie consent is freely given, specific, informed, and unambiguous (for example, via a consent banner). You can manage or disable cookies through your browser settings or opt-out mechanisms. If you reject non-essential cookies, we will not use them, although this may limit some features of the website. For more information on managing cookies, please see our Cookie Policy (if applicable) or your browser’s help resources.

 

Third-Party Sharing and Service Providers

We do not sell your personal information to third parties. We share data only as necessary to provide services and as permitted by law. Specifically:

  • Service Providers: We disclose data to third-party vendors who perform services on our behalf, such as hosting, cloud infrastructure, payment processing, analytics, CRM, marketing, and customer support. For example, we may use AWS, Azure, or other cloud platforms to host data, and Google Analytics for traffic analysis. These providers are contractually obligated to protect your data and may use it only for the services they perform on our behalf.
  • Affiliates and Partners: We may share data with our affiliates or business partners to offer joint services or for consolidated billing and support. These entities handle your data under this same privacy framework.
  • Legal and Safety Reasons: We may disclose data if required by law (e.g. court order, subpoena) or to protect our rights, property, or safety of others. For instance, we comply with valid government or law enforcement requests to disclose user data when required by applicable law.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the new owner or successor, who will assume the rights and obligations concerning the data. We will notify you via the website or direct communication if such a transfer affects your data.
  • Consent: We may share data for other purposes if we obtain your specific consent (e.g. sharing with a referral partner).

All third parties receiving personal data from us must enter into a written contract containing privacy and security commitments.

 

Data Retention Policy

We retain personal and business data only for as long as necessary to fulfill the purposes described above or to comply with legal obligations. Our retention practices include:

  • Customer and Account Information: We keep account registration and transaction data for the duration of your relationship with us and for up to 7 years as per applicable law.
  • Billing and Financial Records: Payment and invoice records are retained for the legally required period as per applicable law.
  • Support and Communications: Customer support records and correspondence are kept as long as needed to resolve issues and for record-keeping.
  • Marketing Data: Contact information for marketing is retained until you unsubscribe or request deletion. We then remove you from marketing lists, unless retention is needed for internal analytics.
  • Usage Logs and Cookies: Web analytics data and logs are stored for a limited period, after which they are deleted or anonymized. Session cookies expire at the end of each visit or per their settings.
  • Legal Records: If required by law (e.g. court orders, litigation, regulatory compliance), we may retain specific data for the legally prescribed duration, even if your account is closed.

When data is no longer needed for its original purpose, we securely delete or anonymize it. We periodically review our data holdings and dispose of information in accordance with this Policy and legal requirements.

 

Subprocessors and Data Locations

We may use trusted infrastructure providers and subprocessors in geographically distributed data centers to deliver services. We ensure that all subprocessors adhere to strict confidentiality and security standards.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in technology, services, or processes. Any material changes will be communicated through appropriate channels, and continued use of services implies acceptance of the updated policy.

Contact Information for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you may contact our privacy team:

  • Data Protection Officer (DPO): privacy@cloudflex.co.in

Start the conversation today!

Let’s discuss IT strategy, services, and business solutions & compliance concerns.

cloudflex technologies logo

Technology You Can Trust, Expertise You Can Rely On

Follow us

Linkedin-in Facebook-f Twitter Behance Instagram

ABOUT

CLOUD

SOLUTIONS

ADDRESS

India:

  • JMD Empire Square, MG Road, Gurugram, Haryana 122002

Copyright © 2025 CloudFlex Technologies