Privacy Policy

1. Definitions

• Account — a registered user identity authenticated via Firebase Authentication.
• Audit Log — the append-only record of all significant actions performed within a Project.
• Device — a machine (desktop, laptop) registered with the Service via the Desktop Application.
• Personal Data — any information relating to an identified or identifiable natural person, as defined by GDPR Art. 4(1).
• Processing — any operation performed on personal data, including collection, storage, use, and deletion.
• Project — a collaborative workspace containing folders, files, branches, and team members.
• Ritsea / we / us — Ritsea SRL, registered in Romania, the data controller for all personal data described herein.
• Service — collectively: the web application, Desktop Application, CLI tool, VS Code Extension, UE5 Plugin, API, and real-time sync infrastructure operated by Ritsea.
• Trash — the 30-day recoverable deletion state before files are permanently purged.
• User / you — any natural person who has been granted an Account and uses the Service.

2. Data We Collect

2.1 Account Data

Collected when you register and throughout your use of the Service:

• Email address — your primary identifier, used for authentication and account-related notifications
• Display name — shown to collaborators within shared Projects
• Account creation date, last login timestamp, and account role (Admin / Editor / Viewer)
• Firebase UID — an opaque identifier assigned by Firebase Authentication; never disclosed externally

Note on passwords: Passwords are managed exclusively by Firebase Authentication (Google). Ritsea never stores, receives, or has access to your raw password.

2.2 Device Data (Desktop Application Only)

When you connect a workspace in the Desktop Application, the following device information is automatically collected and stored against your Account:

• Device UUID — a unique identifier generated locally on your machine at first connection
• Platform — your operating system (Windows, macOS, Linux, or Browser)
• Hostname — your machine's network name
• Workspace root path — the local filesystem path of your connected workspace directory
• CPU core count and total RAM — collected once at registration to inform concurrency settings
• Application version — used for compatibility checks and update targeting
• Last seen timestamp — updated each time your device connects to the Service

You can view and remove registered devices at any time from Settings → Devices inside the application.

2.3 File and Folder Data

• File names, folder names, and the directory hierarchy within your Projects
• File contents — stored encrypted in Cloudflare R2 object storage
• File sizes, MIME types, and SHA-256 checksums (used for integrity verification and deduplication)
• Upload and modification timestamps, and the identity (user ID) of the uploader
• Cloudflare R2 storage key — the internal object path for each file version

2.4 Version History

Every time a file is uploaded or modified, a new version record is created. Each version contains: version number, file size, MIME type, SHA-256 checksum, R2 storage key (pointing to the binary content), the user who created it, and the timestamp. Version history is retained for as long as the parent file exists, unless version pruning is configured by a project administrator.

2.5 Audit Log Data

Every significant action performed in the Service generates an audit log entry. Each record contains:

• User ID and device ID of the actor
• Action type — e.g., upload, download, delete, rename, move, lock, unlock, branch create, merge, pull request opened/merged/rejected
• File or folder affected — ID, name, and path
• Timestamp of the action
• IP address of the originating request
• Approximate geographic location — country and city, derived from Cloudflare network headers

Audit logs are used for security monitoring, compliance auditing, and providing you with a verifiable history of all access to your data. Legal basis: GDPR Art. 6(1)(f) — legitimate interests.

2.6 Collaboration and Project Data

• Project membership records, member roles, and team assignments
• Folder-level permission overrides (granted or restricted per user or team)
• Project invitations — including the invitee's email address, invitation token, and acceptance status
• Branch records, branch protection rules, and pull request records (title, description, status, review comments)
• File comments and pull request inline comments authored by you
• File locks — lock holder's user ID, device ID, and lock expiry timestamp

2.7 Real-Time Presence Data

When you are connected to a Project, your user ID and display name are temporarily shared in real time with other online members of that Project as a "presence indicator." This data is held exclusively in memory within Cloudflare Durable Objects and is never written to the database. It disappears the moment you disconnect or close the application.

2.8 Usage and Billing Data

• Monthly operations score — a weighted count of API operations per project owner, used for billing and limit enforcement
• Storage consumption in bytes — tracked per Project and aggregated per owner
• These metrics are accumulated in real time and reset on the first day of each calendar month

2.9 Webhook Configuration Data

If you configure webhooks, we store:

• The webhook URL, associated Project, configured event types, and a webhook secret (stored hashed)
• Delivery logs — HTTP status code, response body excerpt, and timestamp — retained for 30 days

2.10 Support and Error Data

• Support ticket text, status, and our responses — retained for 2 years
• Application error reports: error message, stack trace, client type (web / desktop / CLI / VS Code / UE5), and version

2.11 UI Preferences

• Theme (light / dark) — stored in your browser's or Desktop App's localStorage; never sent to our servers
• Language preference (English / Romanian / Ukrainian) — synced to our database so it persists across your devices
• Column widths and panel layout — stored in localStorage on your device only

3. How We Use Your Data

We use your personal data solely to:

• Provide the Service — Store, version, sync, and deliver your files; authenticate your identity; manage Projects and team memberships
• Enable Collaboration — Display your name and comments to team members; maintain real-time presence and file lock state; send Project event notifications
• Enable Desktop Sync — Associate your desktop workspace with your Account and synchronise files across your registered devices
• Maintain Security — Detect and prevent unauthorised access, fraud, and abuse via rate limiting, audit logs, access controls, and file locking
• Billing and Usage — Track storage and operation usage to enforce limits and calculate billing
• Support and Reliability — Diagnose and resolve technical issues; respond to support requests; monitor Service health
• Compliance — Maintain audit logs to help you and your organisation demonstrate compliance with applicable regulations

4. Legal Basis for Processing (GDPR Art. 6)

The table below sets out the legal basis for each category of processing activity:

Where we rely on legitimate interests, we have assessed that our interests do not override your fundamental rights and freedoms. You may object to processing based on legitimate interests at any time — see Section 9.

5. Data Retention

We retain personal data for only as long as necessary for the purposes described in this policy. The following table details retention periods for each data category:

6. Third-Party Data Processors

We share personal data only with the following sub-processors, which are strictly necessary to operate the Service. We have Data Processing Agreements (DPAs) in place with all sub-processors. We do not sell data to, or share data with, any advertising networks, analytics companies (beyond the disclosure in Section 8), or data brokers.

All other application code, business logic, and data processing is performed solely within Cloudflare's infrastructure by Ritsea. No other sub-processors have access to your personal data. If we engage additional sub-processors in the future, we will update this policy and notify affected users as required.

7. International Data Transfers

Ritsea SRL is registered in Romania, a member state of the European Union. Our sub-processors Cloudflare and Google operate infrastructure globally, including in the United States and other countries outside the European Economic Area (EEA).

All transfers of personal data outside the EEA are governed by Standard Contractual Clauses (SCCs) approved by the European Commission under GDPR Art. 46(2)(c). These clauses provide appropriate safeguards ensuring that your data receives equivalent protection regardless of where it is processed.

You may request a copy of the relevant SCCs and DPAs by contacting us at privacy@cloudverest.com.

8. Cookies and Local Storage

The Service uses browser localStorage and indexedDB — not traditional HTTP cookies — for the following strictly necessary and functional purposes:

9. Your Rights Under GDPR

If you are located in the European Economic Area or the United Kingdom, you have the following rights under GDPR (Regulation (EU) 2016/679) and Romanian Law no. 190/2018:

10. Automated Decision-Making and Profiling

Cloudverest does not use automated decision-making or profiling (GDPR Art. 22) that produces legal effects or similarly significant effects on users. No algorithmic decisions with legal or significant impact are made about you without human review. Rate limiting decisions are automated and based on request volume from your IP address or account — these are operational security measures, not decisions about your legal rights or status.

11. Children's Privacy

The Service is not directed at children under 16 years of age. Under GDPR Art. 8 and Romanian Law no. 190/2018, the minimum age for digital consent is 16. We do not knowingly collect personal data from individuals under 16. Access to the Service requires a valid invitation token issued by an authorised administrator — this invitation-only model provides a practical barrier to underage use.

If you become aware that a child under 16 has created an Account, please contact us immediately at privacy@cloudverest.com. We will delete the Account and all associated data promptly upon verified notification.

12. Security Measures

We implement the following technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, and destruction:

• Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS 1.3, enforced via Cloudflare
• Encryption at rest: All files stored in Cloudflare R2 are encrypted at rest using AES-256
• Authentication: Firebase Authentication handles credential management with industry-standard security; all API requests require a cryptographically verified Firebase JWT (RS256)
• Token revocation: Logout immediately invalidates your session by adding the token to a revocation list in Cloudflare KV
• Role-based access control: Project-level, folder-level, and branch-level permissions prevent horizontal access between users and Projects
• File locking: Pessimistic file locking prevents concurrent conflicting writes
• Rate limiting: Per-IP and per-account rate limiting prevents brute-force and denial-of-service attempts
• HMAC-signed WebSocket tickets: Internal WebSocket authentication uses short-lived HMAC-signed tickets (30-second expiry) to prevent token leakage via URLs
• Input validation: All API inputs are validated server-side using Zod schemas; file names are sanitised to prevent path traversal attacks
• Security headers: HSTS, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Content-Security-Policy are enforced on all responses
• Strict CORS: API responses include a strict CORS allowlist — only authorised origins may make cross-origin requests
• Audit trail: All significant actions are immutably logged with timestamps, user identity, and IP address

No security system is impenetrable. If you discover a security vulnerability in Cloudverest, please report it responsibly and privately to security@cloudverest.com rather than disclosing it publicly. We will acknowledge receipt within 2 business days and work with you to resolve it.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, the Service, or applicable law. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify you via email to your registered address at least 14 days before material changes take effect
• Display an in-app notification for active users

Your continued use of the Service after the effective date of the updated policy constitutes your acceptance of the changes. If you do not agree with the updated policy, you may request Account deletion under Section 9.

14. Contact and Supervisory Authority

Data Controller

Contact Channels

Supervisory Authority (Romania)