1. Introduction
NetherCloud (hereinafter: "Data Controller", "we", "us") is committed to protecting your personal data. This Privacy Policy describes how we collect, use, store, and protect your personal data.
Data processing is carried out in accordance with the European Union General Data Protection Regulation (GDPR) and Hungarian data protection laws.
2. Data Controller Information
- Name: NetherCloud
- Location: Hungary
- Email: privacy@nethercloud.app
- Website: https://nethercloud.app
3. Data We Collect
We collect and process the following personal data:
3.1 Registration Data
- Email address
- Username
- Password (stored in encrypted form)
3.2 Billing Data
- Billing name
- Billing address
- Payment information (handled by Stripe, we do not store card details)
3.3 Technical Data
- IP address
- Browser type
- Operating system
- Visit timestamps
- Usage statistics
3.4 Server Data
- Server configurations
- Server logs
- Uploaded files and game data
4. Purpose and Legal Basis for Processing
| Purpose | Legal Basis |
|---|
| Service provision | Contract performance (GDPR 6(1)(b)) |
| Billing | Legal obligation (GDPR 6(1)(c)) |
| Customer support | Contract performance (GDPR 6(1)(b)) |
| Sending notifications | Legitimate interest (GDPR 6(1)(f)) |
| Marketing | Consent (GDPR 6(1)(a)) |
| Abuse prevention | Legitimate interest (GDPR 6(1)(f)) |
5. Data Retention Period
- Account data: until account deletion
- Billing data: 8 years (as per accounting law)
- Server data: until service termination + 30 days
- Logs: 90 days
- Support tickets: 2 years
6. Data Processors
We use the following third parties:
- Stripe, Inc. - Payment processing (USA, EU-US Data Privacy Framework)
- Hetzner Online GmbH - Server infrastructure (Germany)
- Discord - Customer support (USA)
7. Cookies
Our website uses the following cookies:
7.1 Necessary Cookies
- next-auth.session-token - Session management
- next-auth.csrf-token - CSRF protection
7.2 Analytics Cookies
We may collect anonymous visit statistics for service improvement purposes.
8. Your Rights
Under GDPR, you have the right to:
- Right of access: Request information about what data we process
- Right to rectification: Request correction of inaccurate data
- Right to erasure: Request deletion of your data ("right to be forgotten")
- Right to restriction: Request restriction of processing
- Right to data portability: Request your data in machine-readable format
- Right to object: Object to data processing
- Right to withdraw consent: Withdraw your consent at any time
To exercise your rights, email privacy@nethercloud.app. We will fulfill requests within 30 days.
9. Data Security
We implement the following measures to protect data:
- SSL/TLS encryption for all data transfers
- Password hashing with bcrypt algorithm
- Regular security backups
- Firewall and DDoS protection
- Access control
- Regular security audits
10. International Data Transfers
We primarily store data in the European Union. When data transfer outside the EU occurs (e.g., Stripe), we ensure appropriate safeguards (EU-US Data Privacy Framework, Standard Contractual Clauses).
11. Children's Data
Our service does not target children under 16. Persons under 16 may only use the service under parental supervision. If we learn we are processing data of a person under 16 without parental consent, we will delete the data immediately.
12. Filing a Complaint
If you believe our data processing violates your rights, you may file a complaint with the National Authority for Data Protection and Freedom of Information (NAIH):
- Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary
- Phone: +36 1 391 1400
- Email: ugyfelszolgalat@naih.hu
- Website: www.naih.hu
13. Policy Modifications
We reserve the right to modify this policy. Users will be notified of changes on the website and by email.
14. Contact
For data protection questions:
- Email: privacy@nethercloud.app
- Postal address: NetherCloud, Hungary