At CloudNexus, we are committed to transparency regarding the data we process. This section details the specific categories of information we collect, the methods of collection, and the operational contexts in which your data is gathered. We only collect information that is necessary to provision, secure, and optimize our cloud infrastructure and hosting services.
Important: As a global cloud provider, certain technical and operational data collection is mandatory to maintain service reliability, prevent abuse, and comply with international hosting regulations. You can review our data retention and minimization practices in Section 5.
Information You Provide Directly
When you register, purchase services, or interact with our platform, we collect the following:
- Account Credentials: Username, primary email address, and password (stored as salted hashes using industry-standard encryption).
- Identity & Contact Details: Full legal name, company/organization name, billing address, phone number, and designated support contacts.
- Configuration Preferences: Selected service tiers, regional deployment preferences, security group rules, and dashboard customizations.
- Support & Documentation Submissions: Information provided via support tickets, feature request forms, compliance questionnaires, or onboarding documentation.
Information Collected Automatically
Our systems automatically record technical data when you access the CloudNexus control panel, APIs, CLI tools, or public documentation:
- Device & Browser Information: IP address, device type, operating system, browser version, and screen resolution.
- Access & Navigation Logs: Timestamps, pages visited, referral URLs, and clickstream data on web interfaces.
- Security & Authentication Data: Login attempts, failed authentication events, geographic location, and risk-assessment flags used to protect accounts from unauthorized access.
- Cookie & Tracking Signals: Session identifiers and preference cookies essential for platform functionality. We do not use third-party advertising cookies on our core infrastructure pages.
System & Infrastructure Telemetry
To maintain infrastructure performance, provide resource monitoring, and prevent service degradation, we collect operational metrics from your deployed environments:
- Resource Utilization: CPU load, memory allocation, storage IOPS, and network throughput metrics.
- Instance Health & Uptime: Service status, boot times, replication health, backup completion rates, and failure alerts.
- API & Command Activity: CLI and API request logs (including endpoint names, timestamps, rate limits, and success/failure status). We strictly do not log request payloads, authentication tokens, or sensitive configuration parameters.
- Network Routing Data: Latency measurements, packet loss rates, and DNS resolution logs used to optimize our global anycast network.
All infrastructure telemetry is aggregated and anonymized where feasible to improve capacity planning and regional load balancing.
Payment & Billing Information
CloudNexus does not store raw payment credentials on our servers. All financial transactions are routed through PCI-DSS Level 1 compliant third-party payment processors. We retain only what is necessary for invoicing and compliance:
- Tokenized payment method references (for recurring subscription billing)
- Invoice records, tax identification numbers, and billing contact details
- Subscription tier history, renewal dates, and usage-based metering data for transparent billing
Communication Records
When you correspond with CloudNexus, we retain records to ensure continuity, quality assurance, and technical resolution:
- Support ticket histories, agent notes, and resolution documentation
- Email correspondence and secure live chat transcripts
- Consent records for marketing, security alerts, and service notifications (including opt-in/opt-out status)
Data from Third Parties
We may receive or integrate data from external sources to enhance service delivery, security, and enterprise compliance:
- Identity Providers: SSO attributes (e.g., SAML 2.0, OIDC) when you authenticate via enterprise identity management systems.
- Monitoring & Observability: Performance data from integrated third-party tools (only if you explicitly enable and configure them in your stack).
- Compliance & Fraud Prevention: Risk scores, verification data, or threat intelligence from trusted security partners to protect our platform and user ecosystems.
Purpose of Collection
Collected data is strictly processed for the following legitimate business and operational purposes:
- Provisioning, maintaining, securing, and scaling your cloud environment
- Processing payments, managing subscriptions, and issuing tax invoices
- Providing technical support, troubleshooting, and incident response
- Monitoring infrastructure health, preventing abuse, and enforcing fair-use policies
- Complying with legal, tax, audit, and regulatory obligations
- Improving platform performance, developing new features, and optimizing network routing
We do not sell, rent, lease, or trade your personal information to third parties for marketing or advertising purposes.
Questions About Data Collection?
If you need clarification on what we collect, how it's stored, or how to exercise your data rights, please reach out to our dedicated Privacy & Compliance team:
1200 Cloud District, Suite 400
San Francisco, CA 94107, USA