← Back
Your Privacy Matters: At PugWorks, we are committed to protecting your privacy and securing your backup data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our cloud backup services.
1. Information We Collect
1.1 Account Information
When you create an account with PugWorks Cloud Backup, we collect:
- Name and email address
- Company or organization name
- Billing address
- Phone number (optional)
- Account credentials (encrypted passwords)
1.2 Backup Data
The Service stores your backup data, which may include:
- Files, folders, and documents you choose to backup
- System configurations and settings
- Database backups
- Application data
- Metadata about your files (names, sizes, timestamps, file structure)
Important: Your backup data is encrypted using military-grade AES-256 encryption before transmission and storage. We cannot access the contents of your encrypted backup data without your encryption keys.
1.3 Payment Information
For billing purposes, we collect:
- Credit card information (processed securely through our payment processor)
- Billing history and transaction records
- Tax identification information (if applicable)
Note: We do not store complete credit card numbers on our servers. Payment processing is handled by PCI-DSS compliant third-party payment processors.
1.4 Usage and Technical Information
We automatically collect technical information about your use of the Service:
- IP addresses and device information
- Browser type and version
- Operating system and hardware specifications
- Backup agent version and configuration
- Backup job logs (success/failure status, data volumes, timestamps)
- Service usage patterns and performance metrics
- Error logs and diagnostic information
1.5 Communications
We retain records of:
- Customer support interactions
- Email communications with our team
- Feedback and survey responses
2. How We Use Your Information
2.1 Service Delivery
We use your information to:
- Provide, maintain, and improve the backup service
- Process and store your backup data securely
- Authenticate your access to the Service
- Monitor backup job status and send notifications
- Restore your data when requested
- Manage storage allocation and capacity
2.2 Billing and Administration
We process your information to:
- Process subscription payments
- Generate invoices and receipts
- Manage your subscription plan
- Calculate storage usage and billing
- Detect and prevent payment fraud
2.3 Customer Support
We use your information to:
- Respond to support requests
- Troubleshoot technical issues
- Provide guidance on service usage
- Investigate and resolve service problems
2.4 Service Improvement and Analytics
We analyze usage data to:
- Monitor service performance and reliability
- Identify and fix bugs
- Develop new features and improvements
- Optimize backup efficiency
- Understand user behavior patterns (in aggregate)
2.5 Communications
We may use your contact information to send:
- Service notifications (backup status, errors, warnings)
- Billing and payment reminders
- Security alerts
- Service updates and maintenance notices
- Marketing communications (only with your consent, and you may opt-out anytime)
3. Data Security and Encryption
3.1 Encryption
We implement multiple layers of encryption to protect your data:
- Data in Transit: All data transferred between your systems and our servers is encrypted using TLS 1.3
- Data at Rest: All backup data stored on our servers is encrypted using AES-256 encryption
- End-to-End Encryption: Your backup data is encrypted on your device before transmission
- Encryption Keys: You control your encryption keys, and we cannot decrypt your backup data without them
3.2 Security Measures
We maintain comprehensive security controls:
- Regular security audits and penetration testing
- Access controls and authentication requirements
- Network security and firewalls
- Intrusion detection and prevention systems
- Regular security updates and patches
- Employee security training
- Incident response procedures
3.3 Data Centers
Your data is stored in secure, certified data centers with:
- 24/7 physical security and monitoring
- Redundant power and cooling systems
- Fire suppression systems
- SOC 2 Type II certification
- Geographic redundancy for Enterprise plans
4. Data Retention
4.1 Active Accounts
For active subscriptions:
- Backup data is retained according to your plan's retention policy (30-365 days)
- Account information is maintained for the duration of your subscription
- Billing records are retained for tax and accounting purposes (typically 7 years)
4.2 Canceled or Terminated Accounts
After account cancellation or termination:
- Backup data is retained for 30 days to allow for account reactivation
- After 30 days, backup data is permanently deleted
- Account information may be retained for legal and accounting purposes
- Billing records are retained as required by law
4.3 Legal Holds
Data may be retained longer if required by:
- Legal proceedings or investigations
- Regulatory requirements
- Compliance obligations
5. Data Sharing and Disclosure
5.1 We Do Not Sell Your Data
PugWorks does not sell, rent, or trade your personal information or backup data to third parties.
5.2 Service Providers
We may share limited information with trusted service providers who assist us in operating our business:
- Cloud Infrastructure Providers: AWS (Amazon Web Services) for hosting and storage
- Payment Processors: For processing credit card payments
- Email Service Providers: For sending service notifications
- Analytics Tools: For understanding service usage (aggregate data only)
All service providers are bound by confidentiality agreements and are prohibited from using your data for any purpose other than providing services to PugWorks.
5.3 Legal Requirements
We may disclose information if required by law or legal process:
- In response to valid court orders or subpoenas
- To comply with legal obligations
- To protect the rights, property, or safety of PugWorks, our users, or the public
- To detect, prevent, or address fraud or security issues
Note: Due to encryption, we cannot access the contents of your backup data even if legally compelled to do so.
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and your options regarding your data.
6. Your Privacy Rights
6.1 Access and Portability
You have the right to:
- Access your account information and backup data at any time
- Download your backup data
- Export your data in common formats
- Request a copy of your personal information
6.2 Correction and Updates
You can:
- Update your account information through the dashboard
- Correct inaccurate personal information
- Modify your backup configurations
6.3 Deletion
You have the right to:
- Delete specific backup data
- Cancel your account and request deletion of your data
- Request deletion of your personal information (subject to legal retention requirements)
6.4 Opt-Out Rights
You can opt-out of:
- Marketing communications (unsubscribe links in emails)
- Non-essential notifications
- Analytics cookies (through browser settings)
Note: You cannot opt-out of essential service communications (backup status, security alerts, billing notifications).
6.5 GDPR Rights (EU Residents)
If you are a resident of the European Union, you have additional rights under GDPR:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
6.6 CCPA Rights (California Residents)
If you are a California resident, you have rights under the California Consumer Privacy Act:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to deletion of personal information
- Right to non-discrimination for exercising CCPA rights
6.7 Exercising Your Rights
To exercise any of these rights, please contact us at privacy@pugworks.com. We will respond to your request within 30 days.
7. Cookies and Tracking Technologies
7.1 Cookies We Use
We use the following types of cookies:
- Essential Cookies: Required for authentication and service functionality
- Preference Cookies: Remember your settings and preferences
- Analytics Cookies: Help us understand how you use the Service (aggregate data)
7.2 Managing Cookies
You can control cookies through your browser settings. Note that disabling essential cookies may impair service functionality.
7.3 Do Not Track
Our Service does not respond to Do Not Track signals as we do not track users across third-party websites.
8. International Data Transfers
Your information may be transferred to and stored on servers located in the United States and other countries. By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.
For EU residents, we ensure appropriate safeguards are in place for international transfers, including:
- Standard Contractual Clauses approved by the European Commission
- Compliance with Privacy Shield principles (where applicable)
- Other legally approved transfer mechanisms
9. Children's Privacy
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that we have collected information from a child, we will promptly delete it.
10. Data Breach Notification
In the event of a data breach that affects your personal information or backup data:
- We will investigate the incident promptly
- We will notify affected users within 72 hours of discovery
- We will provide details about the nature of the breach and steps being taken
- We will notify relevant regulatory authorities as required by law
- We will take immediate action to prevent further unauthorized access
11. Third-Party Services and Links
The Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to third-party websites or services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you use.
12. Business Accounts and Administrator Access
For business accounts:
- Company administrators can manage user accounts and access permissions
- Administrators may have access to backup data for users within their organization
- Administrators can view usage reports and activity logs
- The company/organization is the data controller for business accounts
- Individual users should direct privacy requests to their company administrator
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes:
- We will update the "Last Updated" date at the top of this policy
- We will notify you via email or through the Service
- For material changes, we may require you to accept the updated policy
- Your continued use of the Service after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically.
14. Data Protection Officer
For privacy-related inquiries or to exercise your privacy rights, you may contact our Data Protection Officer at:
Email: privacy@pugworks.com
Subject Line: Privacy Request - [Your Request Type]
15. Compliance Certifications
PugWorks Cloud Backup maintains compliance with:
- GDPR (General Data Protection Regulation)
- CCPA (California Consumer Privacy Act)
- SOC 2 Type II (for Enterprise plans)
- Industry-standard security practices