Legal
Privacy Policy
Effective date: March 23, 2026. This Privacy Policy explains how Monal Cloud, Inc. collects, uses, stores, and discloses personal data when you use our websites, cloud console, APIs, and support channels.
1. Data We Collect
- Identity and account data: name, work email, company, account role, and billing contact details.
- Billing and transaction data: invoices, payment status, and service purchase records.
- Service usage data: logs, metrics, API requests, project metadata, and diagnostic signals.
- Support and communication data: tickets, chat transcripts, and incident response communications.
- Security and compliance data: authentication records, audit events, abuse indicators, and fraud detection data.
2. Sources of Personal Data
- Directly from you and your authorized users.
- Automatically from your interaction with services and websites.
- From service providers such as payment processors and anti-fraud vendors.
3. How We Use Personal Data
- Provide, maintain, secure, and improve services.
- Provision accounts, enforce quotas, and process billing.
- Detect abuse, investigate incidents, and protect platform integrity.
- Communicate about account activity, support, legal notices, and policy changes.
- Comply with legal obligations and enforce our agreements.
4. Legal Bases for Processing
- Contract performance to deliver and support services.
- Legitimate interests for security, fraud prevention, analytics, and product reliability.
- Legal obligations such as tax, accounting, and compliance.
- Consent where required by applicable law.
5. Cookies and Similar Technologies
We use cookies and similar technologies for session management, security, performance analytics, and user preferences. Browser settings may allow you to manage cookie behavior, but disabling certain cookies may affect service functionality.
6. Data Sharing and Disclosures
We may disclose personal data to trusted service providers and subprocessors for hosting, payments, communications, support tooling, and security operations, subject to contractual safeguards.
We may also disclose data when required by law, legal process, or to protect rights, safety, or platform security.
7. Data Retention
We retain personal data for as long as needed to provide services, resolve disputes, enforce agreements, comply with legal obligations, and maintain security records. Retention periods vary by data type and legal requirements.
8. Security
We implement administrative, technical, and organizational safeguards, including encryption in transit, role-based access controls, logging, and vulnerability management. No method of transmission or storage is completely secure.
9. International Transfers
Personal data may be processed in the United States or other countries where our providers operate. Where required, we use contractual and legal transfer safeguards.
10. US State Privacy Rights
Residents of certain US states may have rights to access, correct, delete, obtain a copy of personal data, and opt out of certain processing activities, subject to legal exceptions.
Monal Cloud does not sell personal data for monetary consideration.
11. EEA and UK Rights
If you are located in the EEA or UK, you may have rights to access, rectify, erase, restrict, object, and request portability of personal data, and to lodge a complaint with a supervisory authority.
12. How to Exercise Rights
To submit a privacy request, contact privacy@monal.cloud. We may verify your identity and authority before fulfilling requests. Authorized agents may submit requests where permitted by law.
13. Children
Services are not directed to children under 16, and we do not knowingly collect personal data from children under 16.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted with an updated effective date and additional notice where required.
15. Contact
Privacy questions: privacy@monal.cloud. Security reports: security@monal.cloud. Legal notices: legal@monal.cloud.