Privacy Policy

Last updated: May 15, 2025

At CloudToVPS, your trust is foundational. This Privacy Policy outlines how we collect, use, and protect your information when you engage our services to provision and manage VPS or bare metal servers. Given the sensitive nature of infrastructure access and SSH credentials, we take privacy and security seriously—both in policy and in practice.

1. Information We Collect

We collect only the minimum necessary data to deliver our services effectively and securely.

Account Information

• Your name, email address, and billing information.
• Company or project details you voluntarily provide.

Server and Access Information

• VPS or server IP addresses and provider details (e.g., DigitalOcean, Hetzner).
• SSH public keys that you provide for deployment and access.
• Git repository URLs if deployment integration is requested.
• Database configuration settings (when we manage the DB setup).

We never store your private SSH keys. You provide us only the public key for authorized access.

Monitoring and Logs

If you subscribe to “Hands-On Monitoring,” we collect and store:

• System-level metrics (CPU, disk, memory).
• Log alerts and system event summaries.
• Backup success/failure status.

We do not inspect or store customer application logs, code, or data—unless specifically authorized for troubleshooting under an ad-hoc support session.

2. How We Use Your Information

We use your data solely for the purpose of:

• Provisioning, configuring, and maintaining your servers.
• Providing ongoing monitoring, backups, and issue resolution.
• Sending operational and billing communications.

We do not use your data for advertising, data mining, or third-party sales.

3. Data Security

We follow industry best practices for server and credential security.

• All server access is via SSH key-based authentication only.
• Password-based logins are disabled by default.
• Firewall rules and intrusion detection are configured for each managed server.
• Access to your infrastructure is limited to a small, vetted technical operations team under strict confidentiality agreements.
• All backups (if configured) are encrypted in transit and at rest.

4. Data Sharing and Third Parties

We do not sell, rent, or share your data with third parties except when required to:

• Comply with legal obligations (e.g., subpoenas, court orders).
• Provision infrastructure at your request through third-party VPS providers (e.g., DigitalOcean, Linode).

Even in these cases, we only transmit what is necessary and never share sensitive credentials.

5. Data Retention

• SSH keys, deployment configuration, and server details are retained only while you're an active customer.
• Upon cancellation, we delete all such records within 14 days, unless you request immediate removal.
• Billing and invoice records are retained as required by law.

6. Your Rights and Choices

You may at any time:

• Request a summary of the information we hold about your account.
• Ask us to delete your deployment or server information (note: this will impact service delivery).
• Update your SSH keys or revoke our access.

To exercise any of these rights, contact: [email protected]

7. Changes to This Policy

We may update this Privacy Policy from time to time. We’ll notify you of any major changes via email or through our website. Continued use of the service constitutes your agreement to the updated terms.

8. Contact

If you have any questions about this Privacy Policy or our practices, contact:

CloudToVPS Support Team
📧 [email protected]