Introduction:
We are dedicated to serving our customers and contacts to the best of our abilities. Part of our commitment involves the responsible management of personal information collected through our website cloudpatterns.app, and any related interactions. Our primary goals in processing this information include:
Enhancing the user experience on our platform by understanding customer needs and preferences.
Providing timely support and responding to inquiries or service requests.
Improving our products and services to meet the evolving demands of our users.
Conducting necessary business operations, such as billing and account management.
Legal Basis for Processing:
We process your personal data on the following legal bases under GDPR:
Contract (Article 6(1)(b) GDPR): When processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract, such as when you use our Cloud architecture editor.
Legitimate Interests (Article 6(1)(f) GDPR): When processing is necessary for our legitimate interests or those of third parties, such as for analytics to improve our services and website functionality.
Legal Obligation (Article 6(1)(c) GDPR): When processing is necessary for compliance with our legal obligations under Polish and EU law, such as maintaining business records for tax purposes.
Consent (Article 6(1)(a) GDPR): When you have given explicit consent to the processing of your personal data for specific purposes, such as receiving marketing communications.
Scope and Application:
This privacy policy applies to all personal information processed by us, whether you are:
A visitor to our website cloudpatterns.app
A user of our Cloud architecture editor
A customer or potential customer
A recipient of our communications
Data Collection and Processing:
We collect and process the following types of personal data:
Technical Data: IP address, browser type and version, time zone setting, operating system, and platform (collected through our analytics tools)
Usage Data: Information about how you use our website and services (collected through Google Analytics 4, PostHog, and Vercel Analytics)
Account Data: Your email address and any other information you provide when creating an account (stored via Supabase)
Session Data: Anonymous session identifiers and authentication tokens when you use our services (managed via Supabase)
Communication Data: Information you provide when contacting us or responding to our communications
Data Storage and Protection:
Data Storage:
We store your personal data primarily within the European Economic Area (EEA). Our primary data hosting providers are:
Vercel (vercel.com) - for website hosting and analytics
PostHog (posthog.com) - for product analytics
Google Analytics 4 (analytics.google.com) - for website analytics. Google may process data in the US under EU-US Data Privacy Framework
Supabase (supabase.com) - for authentication and database services (EU region)
Data Protection Measures:
Encryption: We use industry-standard encryption for data in transit and at rest
Access Controls: Access to personal data is strictly limited to authorized personnel
Regular Security Reviews: We conduct periodic security assessments of our systems
Data Retention:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
Account data: For the duration of your account plus 3 months after deletion
Analytics data: 26 months
Communication records: 3 years from last interaction
Financial records: 5 years (as required by Polish law)
Your Rights Under GDPR:
You have the following rights regarding your personal data:
Right of Access (Article 15 GDPR): You can request a copy of your personal data
Right to Rectification (Article 16 GDPR): You can request corrections to your personal data
Right to Erasure (Article 17 GDPR): You can request deletion of your personal data
Right to Restrict Processing (Article 18 GDPR): You can request limits on how we use your data
Right to Data Portability (Article 20 GDPR): You can request a copy of your data in a machine-readable format
Right to Object (Article 21 GDPR): You can object to certain types of processing
To exercise any of these rights, please contact us at contact@cloudpatterns.app. We will respond to your request within one month.
You can also file a complaint with the Polish Data Protection Authority:
Urząd Ochrony Danych Osobowych
ul. Stawki 2
00-193 Warszawa
Tel. 22 531 03 00
Website: https://uodo.gov.pl
Cookies and Tracking Technologies:
We use cookies and similar technologies to improve your experience on our website. For detailed information about the cookies we use and how to control them, please see our separate Cookie Policy.
Data Breach Procedures:
In the event of a personal data breach, we will:
Notify the Polish Data Protection Authority (UODO) within 72 hours if the breach poses a risk to your rights and freedoms
Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
Document all breaches, including their effects and remedial action taken
International Data Transfers:
When we transfer your data outside the EEA, we ensure adequate safeguards are in place through:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions issued by the European Commission where applicable
Changes to This Privacy Policy:
We reserve the right to update this Privacy Policy at any time. Any changes will be posted on this page with an updated effective date. Significant changes will be notified to you through a prominent notice on our website or by email.
Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us at:
Email: privacy@cloudpatterns.app