Last updated: August 2024
Your privacy is important to us. Cloudangles and its group companies (Cloudangles,’) is committed to respecting your privacy while using our website. This Cloudangles Data Privacy Policy (“Policy”) defines the requirements to ensure compliance with the applicable data privacy laws and regulations applicable to Cloudangles’s collection, use, and transmission of Personal Data and Sensitive Personal Data for information collected by us about you.
Protecting the privacy rights of data subjects and safeguarding their Personal Data is now being treated as a basic right of an individual and a legal requirement in many parts of world. Cloudangles, being a global organization, respects the privacy of data subjects and is committed to complying with the applicable data privacy laws and legislations (including but not limited to EU General Data Protection Regulation 2016/679, California Consumer Privacy Act, The Privacy Act 1988 (Australia) including the Australian Privacy Principles (APP), Data Protection Act 2018 (UK), Information Technology Act 2000 read along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and Personal Data Protection Act 2012 (Singapore) and other applicable privacy laws to the extent that they apply to Cloudangles’s data processing and business operations) (the “Data Privacy Laws”).
This Policy is designed to explain and set out Cloudangles’s procedures and policies when processing Personal Data and Sensitive Personal Data (the meaning of which are set out below) by the organization. This Policy defines the requirements to ensure compliance with the Data Privacy Laws applicable to Cloudangles’s collection, use, and transmission of Personal Data and Sensitive Personal Data.
The scope of this Policy applies to Cloudangles, its affiliates, business partners, employees, and Third Parties providing services to Cloudangles (together “Cloudangles”, “we” or “us”). It covers Processing (including but not limited to collection, storage, usage, transmission and destruction) of Personal Data and Sensitive Personal Data of Cloudangles’s current and previous employees, prospective candidates, current, prospective and previous customers, current and previous partners/vendors, website visitors, sub-contractors and visitors, (together “you”/ “your”) by Cloudangles during the course of its business activities.
Cloudangles acts as a Data Controller with respect to any Personal Data or Sensitive Personal Data it holds about you. Cloudangles is responsible for ensuring that it uses your Personal Data in compliance with the Data Privacy Laws. The relevant entities that may act as the Data Controller are listed in Section 23 of this Policy.
This Policy sets out the basis on which any Personal Data, Personal Information and Sensitive Personal Data about you that you provide to us, that we create, or that we obtain about you from other sources, will be processed by us.
The meaning of some of the terms in use in the Policy are explained below:
| Term | Description |
|---|---|
Personal Data | Any information of Data Subject which can reasonably associate or link to an identifiable natural person or could include anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, economic, cultural or social identity of that natural person. |
Personal Information (applicable only to California residents) | Information pertaining to residents of California that identifies, relates to, de-scribes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, but does not include information that is lawfully made available from federal, state or local government records, nor does it include “deidentifed” or “aggregate customer information” as those terms are defined pursuant to the CCPA. Cloudangles does not collect Personal Information from California residents that are under the age of 16. |
Sensitive Personal Data | Defined as any information revealing an identified or identifiable natural per-son’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of genetic information, biometric information for the purpose of uniquely identifying a natural person, data concerning health, or information concerning an individual’s sex life or sexual orientation, and data relating to offenses, or criminal convictions. With respect to California residents, in addition to the preceding, the term also includes national origin or ancestry, sexual orientation, sex (including, gen-der, gender identity, and gender expression), pregnancy, childbirth and med-ical conditions related to same, age, physical or mental disability, veteran status, genetic information and citizenship. |
Process, Processes, Processed or Processing | Means any operation or set of operations which is performed on Personal Data or Personal Information or Sensitive Personal Data or on sets of Personal Data or Personal Information or Sensitive Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Consent | Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which the Processing of their Personal Data, Personal Information and/or Sensitive Personal Data via a statement or by a clear affirmative action, signifies agreement to the processing of their Personal Data, Personal Information and/or Sensitive Personal Data. |
Data Subject | Relates to a particular natural person (i.e. an identified or identifiable natural person to whom the Personal Data relates. In case of a minor/ individual with mental disabilities, the data subject would be represented by a legal representative (parent/ guardian). For the purpose of clarity of this Policy, “Data Subject” means Cloudangles current and previous employees, prospective candidates, current, prospective and previous customer personnel, current and previous partner/vendor personnel, website visitors, sub-contractors and visitors. Cloudangles does not collect Personal Data/ Personal Information and Sensitive Personal Information from Data Subjects that are under the age of 18. For the purpose of CCPA, Data Subject shall include California residents. |
Data Controller | Means a person or organization who (either alone, or jointly, or in common) determines the purposes for which and the manner in which any Personal Data are, or are to be, Processed. For the purposes of this Policy, references to Data Controller shall mean references to Cloudangles and its affiliates, where relevant. |
Data Processor | Is a person or organization who Processes the Personal Data on behalf of and under the instruction of the Data Controller. |
Third Party | In relation to Personal Data or Personal Information or Sensitive Personal Data means any person other than the Data Subject, the Data Controller, or any Data Processor or other person authorized to process data for the Data Controller. |
“Sell,” “selling,” “sale,” or “sold,” | Means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s Personal Data or Personal Information by the business to another business or a Third Party for monetary or other valuable consideration. |
“Protected Health Information” or “PHI” | means any written, oral, or electronic health information that is created by and/or received from a Covered Entity or a Business Associate of a Covered entity; PHI includes, but is not limited to, any of the following documentation, if the documentation reveals an Individual’s identity and the Individual’s health status or payment issues:
|
“Individual” | means the person who is the subject of the protected health information. |
“Covered Entity” | means any health plan or any healthcare clearinghouse, or any healthcare provider who transmits PHI as per the standards developed by the Department of Health & Human Services (“HHS”) in electronic form. |
“Business Associate” | means an entity that performs or assists a Covered Entity with a function or service involving the use or disclosure of PHI. The term Business Associate also applies to subcontractors of a Business Associate entity who perform PHI-related functions. |
“Electronic Media” | means:
|
While using Our Service, we may ask you to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable data may include, but is not limited to the following:
| Data Elements / Categories | How we collect your data |
|---|---|
Customer Personal Data or Personal Information in Projects | Directly from you while Cloudangles providing services to you. |
Business Partner/Vendor Personal Data or Personal Information | Directly from you while Cloudangles is receiving services from you. |
Prospective Candidates | From Third Parties or other sources (for example via recruitment agencies or Cloudangles employee referral but in each case only as far as legally permissible and only as far as is necessary to fulfil the position in question), which may also include public sources such as professional networking platforms or job portals. Directly from you in case you have directly applied through the website; |
Employee Data | Directly from you during the course of your employment; |
Visitor information | Directly from you at the time of visiting our premises. |
Website Data | Directly from you when you voluntarily fill out your information on the website through specific provided forms to receive information from us or contact you. The information that you are required to fill in the website are your identity information and contact details (e.g. First Name, Last Name, Work Email, Company Name). In general, you may browse our website without providing any Personal Data about yourself. In the website, we do not collect any of your Sensitive Personal Information. |
Website Cookies | Refer to our Cookie Policy for information about our website cookies |
Marketing Data, Events and Initiatives | Directly from you when you contact (or you have been contacted) or interact with any Cloudangles representative, via Cloudangles website or events or conferences or workshops or Surveys that you attend, by telephone, email, online portal or in person or from professional networking platforms like Linkedin, Twitter. |
Prospective Customers and business partners/ vendors | Other customer/ business partner and vendor referral. Also refer to “website data”, “Marketing Data, Events and Initiatives”. |
For California residents only and in addition to the preceding, if such Personal Information is collected from other electronic sources, over the internet, using a pen and paper, through an algorithm, or through any other means.
Your Personal Data may be stored and processed by us in the following ways and for the following lawful purposes:
Internal Research: We may Process Personal Information for internal research for technological development and demonstration.
Transactional: We may transfer Personal Information as an asset through a merger, acquisition, bankruptcy or other transaction in which a Third Party assumes control of the business in whole or in part. In such event, the Third Party cannot materially alter how it uses or shares the acquired Personal Information subject to certain exceptions.
We are entitled to process your Personal Data, Personal Information or Sensitive Personal Data in these ways because of the following reasons:
| Data Elements / Categories | Purpose of Collection | Lawful Basis |
|---|---|---|
Cloudangles Customer’s data/Customer’s customer data that is shared with Cloudangles to be processed in the role of a Processor / Sub-processor | Providing services to fulfil the contractual obligations with Cloudangles’s customers in the role of a Processor. This data will not be shared/processed for any other purpose other than what is stated in the contract between Cloudangles and its Customers | Performance of the contract or business purpose |
Partner/Vendor Personal Data or Personal Information | Receiving Services from Vendor/ Partner: to receive products and services from you; | Performance of the contract or business purpose |
Prospective Candidates | Employment Opportunities: Where you have applied for a role with us, to review and process your job application with us and (only where legally permissible and where strictly necessary to assess your suitability for the relevant role) to conduct background screening checks on you (when permitted or required by the applicable law); | Legitimate interest of Cloudangles or business purpose |
Employee Data | Employment related activities: To carry out activities relating to your employment contract with us; | Performance of contract, compliance with laws and legitimate interest or business purpose |
Visitor information | Security Purposes: Where you are a visitor to our premises, to record and monitor your use of our premises and/or IT systems in order to maintain their security and protect them against fraud or unauthorised entry. | Legitimate interest or business purpose |
Marketing Data, Website Data, initiatives, survey and Events | Marketing purposes: To engage in marketing and business development activities in relation to our products and services. This may include email and SMS marketing, other marketing communications as well as organising events. Use it for our legitimate business interests, such as operating our website, managing the efficient management and operation of our business, conducting marketing activities designed to improve the products and services we offer to you, and administering the security of our business. | Consent, Legitimate Interest or business purpose |
Website Cookies | Marketing purposes: Where you use functionality or visit our website including, subject to acquiring your prior consent where legally necessary, the use of cookies on our website (see our Cookie Policy for more information) | Consent, Legitimate Interest |
We may, where legally permissible, process your Sensitive Personal Data on the following lawful bases:
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
We may process Personal Data or Sensitive Personal Data of any individuals below the age of 18 years only for travel and immigration purposes. If we are required to process Personal Data or Sensitive Personal Data of such individuals, then we shall do so by taking explicit written consent from their legal guardians. If it comes to your knowledge that we have unintentionally collected or received Personal Data or Sensitive Personal Information about an individual below the age of 18 years directly from them, then immediately notify Us in the contact details provided in this Policy and we will accordingly delete such information.
Note: If you are below the age of 18 years, then we do not want you to provide any of your Personal Data in our website.
For direct marketing, we will be using your Personal Data/ Personal Information in the following ways (to the extent in compliance with applicable local laws).
We organize and participate in events and initiatives. In such cases this Policy applies to participants and speakers together with any other supplementary information that is provided in relation with each event. In the event we appoint any Third Parties to conduct or organize such events and initiatives, your Personal Data or Personal Information shall be shared to such Third Parties under contractual obligations with such Third Parties in compliance with applicable Data Privacy Laws. The processing of Personal Data/ Personal Information by such Third Parties shall however be governed by the respective parties’ privacy policies and the contractual obligations entered with us.
How long we continues to hold your Personal Data/ Personal Information will vary depending principally on:
We may transfer Personal Data/ Personal Information/ Sensitive Personal Information between our group companies and data centres for the purposes described in this Policy. We may also transfer Personal Data/ Personal Information/ Sensitive Personal Information to our Third Party suppliers, customers or business partners in different geographic locations.
Where we transfer your Personal Data/ Personal Information/ Sensitive Personal Information outside of the European Economic Area (“EEA”), we will ensure that it is protected and transferred in a manner consistent with applicable Data Privacy Laws. This can be done in a number of different ways, for instance:
In other circumstances, Data Privacy Laws may permit us to use other transfer mechanism to transfer your Personal Data/ Personal Information/ Sensitive Personal Information outside of Europe. In all cases, however, any transfer of your Personal Data/ Personal Information/ Sensitive Personal Information will be compliant with applicable Data Privacy Laws.
You can obtain more details of the protection given to your Personal Data/ Personal Information/ Sensitive Personal Information when it is transferred outside the EEA (including a sample copy of the safeguards) by contacting us using the details set out within this Policy.
In order to comply with our data security obligations under applicable Data Privacy Laws, we has adopted the following physical, technical and organizational security measures to ensure the security of your Personal Data/ Personal Information and Sensitive Personal Data and PHI:
We have also implemented an incident and breach management procedure to ensure exceptions in data privacy compliance are promptly reported to the Office of Data Privacy.
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:
Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser.
We use both Session and Persistent Cookies for the purposes set out below:
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
You have certain rights relating to your Personal Data/ Sensitive Personal Data provided for under applicable Data Protection Laws.
Following are the rights applicable to the respective jurisdictions
| Data Subject Rights | Europe including UK | US | Mexico | Australia | Singapore | India |
|---|---|---|---|---|---|---|
Right to Information / Access | Yes | Yes | Yes | Yes | Yes | |
Right to withdraw consent (opt out) | Yes | Yes | Yes | Yes | Yes | |
Right to Object processing | Yes | Yes | ||||
Right to Restrict processing | Yes | Yes | ||||
Right to Erasure (to be Forgotten) | Yes | Yes | Yes | |||
Right to Rectification | Yes | Yes | Yes | Yes | Yes | |
Right of Data Portability | Yes | Yes | Yes | |||
Right not subject to automated decision making/profiling | Yes | |||||
Right to Complain to the Supervisory authority | Yes | Yes | Yes | Yes | Yes | |
Right not to be subject to discrimination for the exercise of rights | California Residents | |||||
Opt out of sale of data | California Residents | |||||
Right to raise a request to cancel processing of your Personal Data | Yes | |||||
Right to have onsite access of your Personal Data | Yes |
To exercise the rights outlined above in respect of your Personal Data/ Sensitive Personal Data or to receive more details, you may raise a request by contacting cloudangles@cloudangles.com
The CCPA provides California residents with the right to request disclosure of the categories and specific pieces of Personal Information that the business collects, sells or discloses concerning California residents and we shall provide such information without charge to the requesting California resident after verifying the request. We are required to provide such information no more than twice in a 12-month period. Under the CCPA, “collects” includes information bought, rented, gathered, obtained received and accessed whether actively, passively or by observing the California resident, provided, however, that we are limited in terms of what we can disclose when such information is Sensitive Personal Data.
Please contact the Data Privacy Officer if you are attempting to fulfill any of the above requests by writing to cloudangles@cloudangles.com.
California residents who provide Personal Information are entitled to request information about themselves that we shared with Third Parties for their own direct marketing purposes (if applicable), including the categories of information and the names and addresses of those businesses. We do not currently share the Personal Information of California residents with Third Parties for their own direct marketing purposes.
We do not use any automated decision making (including profiling) to process your Personal Data/ Personal Information/ Sensitive Personal Data.
This section describes Cloudangles’s obligations as a Business Associate under the Health Insurance Port-ability and Accountability Act (“HIPAA”).
II. Cloudangles’s Data Protection Officer (as specified in Section 21 of this Policy) shall also act as the Privacy Officer and single point of contact for all queries on HIPAA-related matters for Cloudangles. The Privacy Officer is also responsible for:
IV. Business Associate Agreements
V. Cloudangles does not receive, access, use or otherwise process PHI without a Business Associate Agreement (BAA). The BAA ensures that the PHI received from a Covered Entity or Business Associate (“customer”) is properly safeguarded in accordance with the applicable provisions of the HIPAA Privacy Rule, Security Rule, and the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”).
VI. The Privacy Officer shall maintain a log of all BAAs and manage any compliance requirements specified in such BAAs.
VII. Upon termination of a BAA, Cloudangles will return or destroy all PHI that it received and maintains from the customer, and no copies of such information will be retained. If return or destruction is not feasible, Cloudangles shall continue to protect such PHI in accordance with the terms of the BAA and applicable law, until such time as the PHI remains in its possession and custody.
VIII. Use and Disclosure of Protected Health Information
XII. Training
XV. Violations of Policies and Procedures
XVI. Cloudangles takes the policies and procedures regarding PHI very seriously. These policies and procedures are developed and implemented not only to ensure that PHI is used and maintained in a manner that is consistent with Cloudangles’s commitment to privacy and protection of PHI, but also in a manner that is consistent and compliant with its obligations under the BAA and applicable law.
XVII. In the event that a Cloudangles employee fails to comply with their obligations under the abovementioned policies and processes, they may be subject to sanctions, including warnings (verbal or written), and further disciplinary action up to and including termination of employment.
XVIII. Security Officer
XIX. Cloudangles’s Chief Information Security Officer (CISO) shall act as the Security Officer for ensuring compliance with the security obligations prescribed in this section. The Security Officer will coordinate Cloudangles’s security activities with the Privacy Officer.
Changes to this Privacy Policy
If you have any questions about this Privacy Policy, you can contact us:
By email: info@cloudangles.com
At theHeart of Deep Tech
Made with
in San Francisco, USA
All rights reserved © 2025Cloudangles.