Aircloud/Legal/Privacy Policy

Privacy Policy

Last updated: April 5, 2026

§

Introduction

[Aircloud Technologies Inc. ("Aircloud," "we," "our," or "us") is a GPU infrastructure company providing cloud GPU compute services to AI and machine learning teams. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you use our platform, website, APIs, and related services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you are using the Services on behalf of an organization, you represent that you have the authority to bind that organization to this Privacy Policy.]

[This Policy applies to all users of Aircloud's Services, including account holders, organization administrators, and developers accessing our APIs. For customers operating under a Data Processing Agreement (DPA), the DPA governs data processing activities to the extent it conflicts with this Policy.]

§

Information We Collect

Account and Registration Data

[When you create an account, we collect your name, email address, company name, job title, and password. For organization accounts, we also collect information about your team members you invite to the platform.]

Usage and Telemetry Data

[We collect data about how you use the Services, including: API requests and response metadata (excluding payload contents), GPU instance provisioning and termination events, job run times and resource consumption metrics, error logs and diagnostic information, and feature usage patterns. We do not collect the contents of your workloads, model weights, training data, or inference inputs/outputs.]

GPU and Infrastructure Telemetry

[For billing and operational purposes, we collect GPU utilization metrics, memory usage, network I/O, and instance lifecycle events. This data is used to calculate per-second billing, optimize cluster performance, and detect anomalous usage patterns.]

Payment and Billing Data

[We collect billing address, payment method details (processed by Stripe — we do not store raw card numbers), and transaction history. Invoice records are retained for tax and audit purposes.]

Communications Data

[If you contact our support team, we collect the content of those communications. We may also collect survey responses, feedback, and information you provide when participating in beta programs.]

Automatically Collected Data

[When you visit our website, we automatically collect IP address, browser type and version, operating system, referring URLs, pages viewed, and timestamps. We use standard server logs and a minimal analytics stack for this purpose.]

§

How We Use Your Information

[We use the information we collect for the following purposes:]

Service Delivery[To provision GPU instances, manage your account, process API requests, and operate the platform infrastructure.]
Billing and Payments[To calculate per-second usage charges, generate invoices, process payments through Stripe, and maintain billing records.]
Security and Fraud Prevention[To detect, investigate, and prevent unauthorized access, abuse of spot instances, cryptomining on non-approved workloads, and other prohibited activities.]
Product Improvement[To understand how the Services are used, identify performance bottlenecks, and develop new features. This analysis is performed on aggregated and anonymized data where possible.]
Customer Support[To respond to support requests, diagnose technical issues, and communicate about your account.]
Communications[To send transactional emails (provisioning confirmations, invoices, security alerts) and, with your consent, product updates and announcements.]
Legal Compliance[To comply with applicable laws, respond to lawful legal process, and enforce our Terms of Service.]
§

Data Sharing

[We do not sell your personal data. We do not share your data with third parties for their own marketing purposes. We share data only as described below.]

Infrastructure and Cloud Providers

[We use third-party cloud providers to host the Services. Your data may reside on or transit through infrastructure operated by Amazon Web Services (AWS) and other hyperscalers used for Trusted-tier instances. These providers operate under their own privacy and security programs and are bound by our data processing agreements.]

Subprocessors

[We use the following categories of subprocessors to deliver the Services:]

SubprocessorPurposeLocation
StripePayment processingUnited States
Amazon Web ServicesCloud infrastructure (Trusted tier)United States / EU
Postmark / SendGridTransactional email deliveryUnited States
[Analytics Provider]Product analytics (anonymized)United States
[Support Platform]Customer support ticketingUnited States
[Error Monitoring]Application error trackingUnited States

[A current list of subprocessors is maintained at aircloud.com/legal/subprocessors. Customers under a DPA are notified of subprocessor changes as described in that agreement.]

Legal Requirements

[We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to protect the rights, property, or safety of Aircloud, our customers, or the public. We will attempt to notify affected customers of legal requests where permitted by law.]

Business Transfers

[In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to such a transfer.]

§

Data Retention

[We retain different categories of data for different periods based on business necessity, legal requirements, and your instructions:]

Account dataDuration of account + 90 days after deletion request
Billing records and invoices7 years (tax and audit requirements)
GPU usage telemetry13 months rolling window
API request logs (metadata only)90 days
Support communications3 years from last interaction
Security logs12 months
Anonymized aggregate usage dataIndefinite

[When you delete your account or submit a data deletion request, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes. Data stored in backups is purged on our standard backup rotation schedule, which does not exceed 90 days.]

§

Your Rights

GDPR Rights (EEA and UK Users)

[If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR:]

Right of Access

[Request a copy of the personal data we hold about you.]

Right to Rectification

[Request correction of inaccurate or incomplete personal data.]

Right to Erasure

[Request deletion of your personal data, subject to legal retention requirements.]

Right to Restriction

[Request that we restrict processing of your data in certain circumstances.]

Right to Data Portability

[Receive your data in a structured, machine-readable format.]

Right to Object

[Object to processing based on legitimate interests or for direct marketing.]

Right to Withdraw Consent

[Where processing is based on consent, withdraw that consent at any time.]

[To exercise any of these rights, contact us at privacy@aircloud.com. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with your local supervisory authority.]

CCPA Rights (California Residents)

[If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights, including: the right to know what personal information we collect and how it is used; the right to delete personal information we have collected; the right to opt out of the sale of personal information (we do not sell personal information); and the right to non-discrimination for exercising your CCPA rights. To submit a verifiable consumer request, contact privacy@aircloud.com or use the data request form at aircloud.com/privacy/request.]

§

Security

[Aircloud implements technical and organizational security measures designed to protect your information from unauthorized access, alteration, disclosure, or destruction. Our security program includes:]

Encryption at Rest: [All customer data and backups are encrypted using AES-256.]
Encryption in Transit: [All data transmitted between clients and our services uses TLS 1.2 or higher.]
Access Controls: [Access to production systems is restricted to authorized personnel, requires multi-factor authentication, and is logged and audited.]
Network Isolation: [Customer workloads run in isolated network environments with strict egress controls.]
Vulnerability Management: [We conduct regular security assessments and patch critical vulnerabilities on an expedited schedule.]
Incident Response: [We maintain an incident response plan and will notify affected customers within 72 hours of discovering a breach affecting their data.]

[Despite these measures, no security system is impenetrable. If you become aware of a security vulnerability or incident involving Aircloud, please report it to security@aircloud.com. We operate a responsible disclosure program.]

§

Cookies

[We use a minimal set of cookies on our website and platform. Strictly necessary cookies are required for authentication, session management, and security (e.g., CSRF protection). These cannot be disabled without impairing the functionality of the Services.]

[We use analytics cookies to understand aggregate usage patterns on our marketing website. You can opt out of analytics tracking by [opting out via our cookie preference center / using a browser-level opt-out / honoring Do Not Track signals — to be finalized]. We do not use advertising or retargeting cookies.]

[We do not use third-party tracking pixels or share behavioral data with advertising networks.]

§

Contact

[If you have questions about this Privacy Policy or our data practices, please contact us at:]

Aircloud Technologies Inc.Attn: Privacy[Address to be added]privacy@aircloud.com

[For data subject requests or to exercise your rights under GDPR or CCPA, email privacy@aircloud.com with the subject line "Data Subject Request." We will acknowledge receipt within 2 business days and respond within the applicable statutory timeframe.]

Questions? Email legal@aircloud.com© 2026 Aircloud Technologies Inc.