View

Privacy Policy

Last updated: 2026-01-17

This Privacy Policy describes how Clouderer LLC (“Company”, “we”, “us”, or “our”) processes personal data in connection with its website and SaaS application Clouderer (the “Service”).

The Service is designed as a B2B, tenant-isolated SaaS application. Personal data is processed in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

1. Roles and Scope

1.1 Controller and Processor Roles

  • Customer as Data Controller / Company as Data Processor: For personal data processed through the Service on behalf of a Customer, the Customer acts as Data Controller and Clouderer LLC acts as Data Processor, processing such data solely on documented Customer instructions.
  • Company as Independent Data Controller: We act as an independent Data Controller for personal data processed for our own business purposes, including website visitors, sales inquiries, and contractual communications.

1.2 Company Information

  • Legal name: Clouderer LLC
  • Country of registration: Poland
  • Website: https://clouderer.com
  • Privacy contact: info[at]clouderer.com

2. Applicability of This Policy

This Privacy Policy applies to:

  • Visitors to our website
  • Users accessing the Service for demo, trial, or paid use
  • Individuals requesting trials or placing orders
  • Individuals contacting us for support, sales, or general inquiries

This Policy does not apply to third-party services or websites linked from the Service.

3. Service Architecture & Authentication

The Service is hosted entirely on Microsoft Azure and integrates with Microsoft Entra ID for enterprise identity and access management.

  • Authentication via Microsoft Entra ID / Azure AD B2C (OIDC)
  • Customer-controlled tenant identities and access policies
  • Logical tenant isolation

Demo Access

  • Demo access may be granted using Entra ID tenant accounts
  • Demo environments contain generic or sample data only
  • No Customer tenant data is modified or persisted

Trials & Orders

  • Authentication from the Customer’s Entra ID tenant is required
  • Limited tenant metadata is read solely for provisioning and configuration

4. Personal Data We Process

We process only the minimum personal data necessary to operate and support the Service.

4.1 Authentication & Identity Data

  • Name
  • Email address
  • Tenant ID
  • User object ID
  • Authentication metadata

4.2 Tenant & Subscription Data

  • Tenant identifier and domain
  • Administrator contact details
  • Subscription and billing metadata

4.3 Communications

  • Email address
  • Message content
  • Support or contractual correspondence

4.4 Telemetry & Logs

  • Performance metrics
  • Error and diagnostic logs
  • Limited usage telemetry

Telemetry is used solely for reliability, security, and operational monitoring. It is not used for advertising, profiling, or analytics unrelated to service delivery.

5. Purposes of Processing

  • Providing and operating the Service
  • User authentication and access control
  • Tenant provisioning and management
  • Trial, subscription, and order management
  • Service-related communications
  • Customer support
  • Security and performance monitoring
  • Legal and regulatory compliance

We do not sell personal data, use it for advertising, or use Customer data for AI or machine-learning training.

6. Legal Bases

  • Contract performance
  • Legitimate interests (limited to service operation and security)
  • Consent, where explicitly provided
  • Legal obligation

7. Data Retention

  • Demo and trial data: up to 12 months
  • Customer data: duration of contract plus legal requirements
  • Telemetry and logs: limited operational retention

Upon termination, Customer personal data is deleted or anonymized within a reasonable period, subject to legal obligations.

8. Data Sharing & Subprocessors

  • Microsoft Azure: Hosting, identity, telemetry
  • Mailjet: Transactional and service emails

Subprocessors are engaged under written agreements consistent with GDPR Article 28.

9. International Data Transfers

Personal data may be processed in Microsoft Azure data centers outside your country. Transfers are safeguarded using Standard Contractual Clauses and Microsoft data protection commitments.

10. Security Measures

  • Secure authentication via Entra ID
  • Encryption in transit and at rest
  • Role-based and least-privilege access
  • Azure-native security monitoring

11. Data Subject Rights

Data subjects may exercise their GDPR rights by contacting [PRIVACY CONTACT EMAIL]. For Customer-controlled data, we assist the Customer as required.

12. Cookies

The Service uses essential cookies required for authentication, session management, and security. Disabling these cookies may impair core functionality.

13. Updates to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent revision.

14. Contact

Clouderer LLC
Email: info[at]clouderer.com

15. Contractual Precedence

Where a Data Processing Agreement or Customer contract is in place, its terms shall prevail in the event of a conflict with this Privacy Policy.