Privacy Policy
Last updated: March 7, 2026
1. Introduction
Back My Cloud ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our backup service for SaaS applications.
2. Information We Collect
We collect information that you provide directly to us:
- Account Information: Email address, name, company name, and billing information when you create an account
- SaaS Application Access: OAuth tokens and API credentials to access your connected SaaS applications (Notion, Microsoft 365, Google Workspace, Jira, etc.)
- Backup Data: The content and metadata from your connected SaaS applications that you choose to back up
- Usage Information: Logs of backup operations, restore requests, and service interactions
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our backup service
- Perform automated daily backups of your connected SaaS applications
- Enable you to restore data when needed
- Send you service notifications, updates, and administrative messages
- Monitor and analyze usage patterns to improve service reliability
- Process billing and manage your subscription
- Comply with legal obligations and protect against security threats
4. Data Storage and Security
Your backup data is stored in encrypted form in European datacenters (EU data residency). We implement industry-standard security measures:
- Encryption: All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3
- Access Controls: Strict access controls and authentication mechanisms protect your data
- Regular Audits: We conduct regular security audits and vulnerability assessments
- Backup Retention: Backups are retained according to your subscription plan (typically 30-90 days)
5. Data Sharing and Disclosure
We do not sell your personal information. We may share your information only in the following circumstances:
- Service Providers: With third-party service providers who perform services on our behalf (hosting, payment processing)
- Legal Requirements: When required by law, regulation, or legal process
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- With Your Consent: When you explicitly authorize us to share specific information
6. Your Rights (GDPR Compliance)
Under the General Data Protection Regulation (GDPR), you have the right to:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate or incomplete data
- Erasure: Request deletion of your personal data ("right to be forgotten")
- Restriction: Request restriction of processing under certain circumstances
- Data Portability: Request transfer of your data to another service provider
- Object: Object to processing of your personal data
- Withdraw Consent: Withdraw your consent at any time
7. Data Retention
We retain your information for as long as necessary to provide our services. Backup data is retained according to your subscription plan. After account deletion, we securely delete your data within 30 days, except where retention is required by law.
8. International Data Transfers
Your data is stored in European datacenters. If we transfer data outside the EU, we ensure adequate safeguards are in place in accordance with GDPR requirements.
9. Cookies and Tracking
We use essential cookies to provide our service and analytics cookies to understand how you use our platform. You can control cookie preferences through your browser settings.
10. Children's Privacy
Our service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through our service.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:
Email: privacy@backmy.cloud
Data Protection Officer: dpo@backmy.cloud