CloudSnoozer Security & Privacy

Privacy Policy

Unwavering commitment to infrastructure security and data protection

Last Updated: May 21, 2026

API Credential Encryption Pledge

ADVANCED ENCRYPTION: Your Supabase and DigitalOcean API keys are encrypted at rest using bank-grade AES-256-GCM. Our systems execute operations strictly via automated programmatic workflows and permanently purge all keys if you delete your account.

1. What data do we collect?

We collect only information strictly necessary to provide and optimize our cloud cost reduction services. (i) Leads & Diagnostics: corporate email, selected provider, and infrastructure statistics to generate the Green Ops Report; (ii) Registered Accounts: organization name, work email, and access password (stored securely as a one-way cryptographical hash); (iii) Cloud Credentials: API keys and official access tokens supplied voluntarily to control server power states; (iv) Cookies: timezone identifier, preferred language, and active session tokens.

2. How is your data processed?

Your infrastructure details and access tokens are strictly processed by our background worker ('snooze engine') on the precise schedule you define. We NEVER: (i) connect to, read, or inspect data inside your Supabase tables or droplet filesystems; (ii) sell, license, or share your corporate information with third parties for commercial use; (iii) write readable tokens or passwords to system logs.

3. Bank-Grade Cyber Security

We enforce strict global security standards to block unauthorized actions. Access tokens are stored using AES-256-GCM symmetric encryption. All data traffic operates over encrypted end-to-end SSL/TLS pathways. Furthermore, server-side HTTP headers adhere strictly to HSTS, CSP, and X-Frame-Options best practices.

4. Your Guaranteed Rights (GDPR / LGPD / CCPA)

We support and respect your legal rights under leading global privacy regulations. At any time, you may: (i) Request a readable copy of all user data we store; (ii) Update or correct outdated records; (iii) Fully delete your account and organization. Deleting your account triggers an absolute and irreversible purge, permanently removing all encrypted API keys and instance history from our systems within 48 hours.

5. Third-Party Payments and Stripe

We utilize Stripe, Inc. to process secure payments. Stripe operates in compliance with strict industry benchmarks (PCI-DSS Level 1). Billing and credit card info is handled directly by Stripe's isolated secure screens, meaning CloudSnoozer never handles nor holds sensitive card numbers on our infrastructure.

6. Inquiries and Data Protection Officer (DPO)

To trigger any of your privacy rights, or if you have questions regarding our regulatory compliance operations, reach out directly to our Data Protection Officer (DPO) at our official legal desk: [email protected].

Exercise your privacy rights by contacting our legal desk.

CloudSnoozer DPO Office•[email protected]