Privacy Policy

Last updated: March 28, 2026

1. Introduction

Cloud ("we", "our", or "us") operates the Cloud platform, a software licensing and authentication service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, dashboard, APIs, and SDK integrations.

By accessing or using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our services.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect:

  • Email address
  • Username
  • Hashed password (we never store plaintext passwords)
  • OAuth provider data (Google or Discord) if you use social login

2.2 Usage Data

We automatically collect certain information when you use our platform:

  • IP address
  • Browser type and version
  • Pages visited and features used
  • Timestamps of access
  • API request metadata (endpoints called, response codes)

2.3 Hardware Identifiers (HWID)

Our SDK collects hardware identifiers from end-user devices for license binding purposes. These identifiers are hashed with a per-application salt before transmission and are never stored in plaintext. We collect:

  • CPU brand string (via CPUID)
  • Volume serial number
  • SMBIOS UUID (when available)

These are combined and hashed using BLAKE3 to produce a single irreversible fingerprint. The raw hardware data never leaves the end-user's device.

2.4 Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers, CVVs, or full payment details. We only retain your Stripe customer ID and subscription status.

3. How We Use Your Information

  • Service delivery: To provide, maintain, and improve our platform
  • Authentication: To verify your identity and manage sessions
  • License validation: To enforce license terms and prevent unauthorized use
  • Communication: To send transactional emails (account verification, password resets)
  • Security: To detect fraud, abuse, and unauthorized access
  • Analytics: To understand usage patterns and improve our services

4. Data Sharing

We do not sell your personal data. We may share information with:

  • Stripe: For payment processing
  • Resend: For transactional email delivery
  • Law enforcement: When required by law or to protect our legal rights

Your application data (licenses, users, variables) is accessible only to you and any team members you explicitly authorize.

5. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, we remove your personal data within 30 days, except where retention is required by law. Event logs are retained for 90 days. Hashed HWIDs are retained for the lifetime of the associated license.

6. Data Security

We implement industry-standard security measures including:

  • Passwords hashed with bcrypt
  • JWT tokens with stateful session verification
  • HTTPS/TLS encryption for all communications
  • Ed25519 signatures and XChaCha20-Poly1305 encryption for DRM payloads
  • Anti-replay protection via nonce verification
  • Rate limiting on all API endpoints

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Withdraw consent for optional data processing

To exercise these rights, contact us at privacy@anewvision.fr.

8. International Transfers

Our servers are located in the European Union. If you access our services from outside the EU, your data may be transferred to and processed in the EU. We ensure appropriate safeguards are in place in compliance with GDPR.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance.

11. Contact

If you have questions about this Privacy Policy, please contact us at privacy@anewvision.fr.