Privacy Policy
We value your personal information and privacy. This policy explains how we collect, use, store, and protect your information. By using the Service, you understand and agree to this policy. If you do not agree, please stop using the Service. This policy and theTerms of Servicetogether form the agreement between you and us.
1. Who We Are & Scope
1.1 This policy applies to personal information you provide to us through the Nuvcloud website, console, and related features, or that we collect as a result of your use of the Service. Nuvcloud provides cloud Mac computing services to global users. This policy applies equally to users in the European Economic Area (EEA), UK, US, Southeast Asia, and other regions.
1.2 If a specific feature has its own privacy notice or consent prompt, thatspecific notice and your explicit consent.
1.3 For EU/EEA users, this policy also complies with the General Data Protection Regulation (GDPR). For California residents, our data practices comply with applicable CCPA provisions.
2. Information We Collect
2.1 Information you provide: e.g., email or phone number and password (stored encrypted) for registration/login, ticket and support communications, order and invoice information.
2.2 Usage-generated information: e.g., access logs, device model, browser type, approximate location (IP-based), operation records, and instance-relatedtechnical metadata(such as resource ID and status) — used to maintain service and security.
2.3 Payment information: Order amounts and payment status are handled jointly with payment institutions;complete card numbers and other sensitive payment dataare generally collected directly by licensed payment institutions; we only receive necessary result notifications.
2.4 Please do not submitpasswords, private keys, or unredacted third-party personal informationin tickets, chat, or public areas.
3. How We Use Information
3.1 We use information only to the extent that is lawful, legitimate, and necessary:
- Creating and maintaining accounts, completing orders and provisioning, processing payments and invoices;
- Providing technical support and responding to ticket and support requests;
- Ensuring system and network security, preventing fraud and abuse, and meeting international compliance and regulatory requirements;
- Sending service notices, security alerts, or product updates with your consent or as permitted by law (you may opt out of marketing communications per the instructions provided);
- Fulfilling our obligations under applicable law in your region (including but not limited to GDPR, CCPA, and other regional data protection regulations).
3.2 We will not use your personal information for purposesincompatiblewith those described in this policy, unless we obtain fresh consent or the law provides otherwise.
4. Cookies & Similar Technologies
4.1 We may use cookies, local storage, or similar technologies to maintain login state, remember language preferences, measure visits, and improve the experience.
4.2 You can manage or delete cookies through browser settings. Disabling essential cookies may cause some features to not work properly.
5. Sharing, Transfer & Disclosure
5.1 Sharing: We may share the minimum information necessary with payment processors, cloud and SMS service providers, analytics (after de-identification), and otherdata processors; we enter into agreements that bind their processing activities.
5.2 Transfer: If a merger, separation, or asset transfer involves personal information, we will require the new holder to continue to be bound by this policy, or re-obtain your consent.
5.3 Disclosure: We do not publicly disclose personal information as a rule. We may disclose information as required by law, litigation, or to protect significant legitimate interests such as life and property in an emergency.
6. Cross-border Transfers & Storage Locations
6.1 Nuvcloud is a global service. Your information may be stored in data centers operated by us or our service providersglobally (including but not limited to Asia-Pacific, North America, and Europe). When transferring personal information across borders, we take appropriate safeguards in compliance with applicable laws, including but not limited to: executing Standard Contractual Clauses (SCCs), relying on adequacy decisions, or other GDPR and local law-compliant transfer mechanisms.
6.2 For EU/EEA users, we commit to providing a level of protection equivalent to GDPR requirements when transferring personal data to third countries.
6.3 Your selected data center region may affect where data is actually processed. Seeplan detailsand the ordering description for details.
7. Retention Period
7.1 We retain information for the period necessary to fulfil the purposes described in this policy, unless a longer period is required by law (e.g., tax, audit).
7.2 After the retention period, we will delete or anonymize the information, unless otherwise required by law.
8. Your Rights
Depending on the laws applicable in your region, you may exercise some or all of the following rights regarding your personal information:
- Access and copy: learn what personal information we hold about you and obtain a copy;
- Correction: request that we correct inaccurate information;
- Deletion: request deletion of your personal information when the legal conditions are met;
- Withdraw consent: withdraw consent-based processing at any time, without affecting the lawfulness of processing before withdrawal;
- Restriction or objection(GDPR users): request restriction of processing or object in specific circumstances;
- Data portability(GDPR users): receive your personal data in a machine-readable format;
- Not subject to automated decisions: not be subject to decisions based solely on automated processing that produce legal effects;
- Lodge a complaint: file a complaint with the data protection authority in your region (EU users may complain to the relevant DPA).
You may submit requests viaContact Usor through the account and ticket entry points in the console. We will respond within the time period prescribed by applicable law (typically 30 days under GDPR). We may ask you to verify your identity to ensure security.
9. Protection of Minors
The Service is primarily intended for users aged 18 or older (or the legal age of majority in your region). If you are a minor, please read this policy and obtain parental/guardian consent before using the Service. If we discover that we have collected information from a minor without parental consent, we will delete it or take other protective measures as soon as possible. We do not knowingly collect personal information from children under 13 in the United States (in compliance with COPPA).
10. Information Security
We take management and technical measures consistent with international best practices (such as access controls, TLS transmission encryption, encryption at rest, and regular security audits) to protect your information. Please understand that no system can guarantee absolute security. In the event of a security incident, we will promptly notify you and report to the relevant authorities in accordance with the requirements of applicable law in your region (including the GDPR 72-hour notification obligation).
11. Policy Updates
We may revise this policy and publish updated versions in a prominent location on the website. For material changes, we may provide notice via pop-up, email, or other means. If you continue to use the Service, you are deemed to accept the update. If you disagree, please stop using the Service and contact us to handle your account and data.
12. Contact Us
If you have any questions, comments, or requests about this policy, please contact us through the channels listed atContact UsorHelp.