Privacy Policy
CloutPilot Privacy Policy
Effective Date: May 4, 2025
Preamble: CloutPilot, a Belgian entity (hereinafter "CloutPilot," "We," "Us," or "Our"), is committed to safeguarding the privacy of individuals and entities (hereinafter "User," "You," or "Your") utilizing our desktop application (hereinafter "Service"). This Privacy Policy elucidates Our practices concerning the collection, processing, storage, and disclosure of Personal Data in connection with the Service, which enables marketing agencies to automate iPhone functionalities through natural language processing. This Policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By accessing or using the Service, You consent to the practices described herein.
1. Definitions
1.1. Personal Data: Any information relating to an identified or identifiable natural person, as defined under GDPR. 1.2. Service: The CloutPilot desktop application, facilitating iPhone automation via natural language prompts. 1.3. Third-Party Services: External platforms integrated into the Service, including Stripe (payment processing) and MongoDB (data storage). 1.4. Workflow: A configurable sequence of automated tasks created by the User within the Service.
2. Data Controller
CloutPilot, headquartered in Belgium, is the data controller responsible for the processing of Personal Data under this Policy. For inquiries, contact Us at:
Email: support@cloutpilot.com
Telegram: cloutpilot_support
3. Categories of Data Collected
We collect and process the following categories of data: 3.1. User-Provided Data:
Contact information, including email addresses and Telegram usernames (e.g., cloutpilot_support).
Billing information (e.g., payment details processed via Stripe for paid subscriptions). 3.2. Service-Generated Data:
Natural language prompts and vision data utilized by the Service’s artificial intelligence to automate iPhone functionalities.
Workflow configurations, including task sequences and metadata created by Users. 3.3. Automatically Collected Data:
Technical data, such as IP addresses, device identifiers, and usage logs, to ensure Service functionality and security.
4. Purposes of Data Processing
Personal Data is processed for the following purposes: 4.1. Service Provision: To enable automation of iPhone tasks, execute User workflows, and deliver the Service’s core functionalities. 4.2. Account Management: To register, authenticate, and manage User accounts, including subscription and billing processes. 4.3. Communication: To respond to User inquiries, provide support, and send Service-related notifications (e.g., updates to Terms or this Policy). 4.4. Security: To monitor, detect, and prevent unauthorized access, fraud, or other prohibited activities. 4.5. Improvement: To analyze usage patterns and enhance the Service’s performance, features, and user experience. 4.6. Legal Compliance: To fulfill obligations under applicable laws, including GDPR, and respond to lawful requests from authorities.
5. Legal Basis for Processing
We process Personal Data based on the following legal grounds under GDPR: 5.1. Contractual Necessity (Art. 6(1)(b)): Processing is necessary to perform the contract governing Your use of the Service (see Terms and Conditions). 5.2. Legitimate Interests (Art. 6(1)(f)): Processing is necessary for Our legitimate interests, such as improving the Service and ensuring security, provided such interests are not overridden by Your rights. 5.3. Consent (Art. 6(1)(a)): Where applicable, processing is based on Your explicit consent, which may be withdrawn at any time without affecting the lawfulness of prior processing. 5.4. Legal Obligation (Art. 6(1)(c)): Processing is necessary to comply with legal obligations, such as tax or data protection regulations.
6. Data Storage and Security
6.1. Storage: Personal Data is securely stored using MongoDB, a third-party database provider, in data centers compliant with GDPR requirements. 6.2. Security Measures: We implement industry-standard technical and organizational measures, including encryption, access controls, and regular security audits, to protect Personal Data from unauthorized access, loss, or alteration. 6.3. Retention: Personal Data is retained only for as long as necessary to fulfill the purposes outlined herein or as required by law. Upon account termination, data is deleted within a reasonable period, subject to GDPR retention obligations.
7. Data Sharing and Third-Party Services
7.1. Third-Party Processors: We engage Third-Party Services to support the Service:
Stripe: Processes payment data for subscription transactions. Stripe’s privacy practices are governed by its own policies.
MongoDB: Stores User data securely. MongoDB’s data handling is subject to its privacy terms. 7.2. Other Disclosures: Personal Data may be disclosed:
To comply with legal obligations or respond to lawful requests from public authorities.
To protect Our rights, property, or safety, or that of Users or third parties.
In connection with a merger, acquisition, or sale of assets, subject to equivalent privacy protections. 7.3. No Sale of Data: We do not sell, rent, or otherwise monetize Personal Data for purposes unrelated to the Service.
8. International Data Transfers
Where Personal Data is transferred outside the European Economic Area (EEA), We ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to maintain GDPR-compliant protection levels. Third-Party Services (e.g., Stripe, MongoDB) may involve such transfers, and Users are encouraged to review their respective privacy policies.
9. User Rights Under GDPR
As a User, You have the following rights regarding Your Personal Data, subject to applicable law: 9.1. Access: Request confirmation of whether Your Personal Data is processed and obtain a copy thereof. 9.2. Rectification: Request correction of inaccurate or incomplete Personal Data. 9.3. Erasure: Request deletion of Personal Data, subject to legal retention obligations. 9.4. Restriction: Request restriction of processing under specific circumstances. 9.5. Portability: Request receipt or transfer of Your Personal Data in a structured, commonly used, and machine-readable format. 9.6. Objection: Object to processing based on legitimate interests, including for direct marketing purposes. 9.7. Withdraw Consent: Withdraw consent at any time, without affecting prior lawful processing. 9.8. Complaint: Lodge a complaint with a supervisory authority, such as the Belgian Data Protection Authority (Autorité de Protection des Données).
To exercise these rights, contact Us at support@cloutpilot.com or via Telegram at cloutpilot_support. We will respond within one (1) month, subject to extensions for complex requests.
10. Cookies and Tracking Technologies
The Service may use cookies or similar technologies to enhance functionality, security, and user experience. Users may manage cookie preferences through their browser settings, though disabling cookies may impair Service performance. Technical logs and usage data are collected solely for operational and security purposes.
11. Modifications to This Policy
We reserve the right to amend this Privacy Policy at Our discretion. Material changes will be communicated via email to Your registered email address or through a Service notification. Continued use of the Service following such changes constitutes acceptance of the revised Policy. Users are responsible for maintaining accurate contact information.
12. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of Belgium. Any disputes arising hereunder shall be subject to the exclusive jurisdiction of the competent courts of Brussels, Belgium.
13. Contact Information
For questions, concerns, or to exercise Your data protection rights, contact CloutPilot at:
Email: support@cloutpilot.com
Telegram: cloutpilot_support
Acknowledgment: By using the Service, You acknowledge that You have read, understood, and consent to the collection, processing, and storage of Your Personal Data as described in this Privacy Policy.