Privacy Policy

Last updated: May 19, 2026

Privacy Policy Terms of Use General Terms and Conditions of Sale Legal Notice GDPR Data Processing Agreement

Introduction

Cloud-PBS, operated by LenoIT, takes the protection of your privacy seriously. This policy explains what personal data we collect, how we use it, and how we protect it. It is complemented by our GDPR page, which details our compliance.

Data Controller

LenoIT, a limited liability company with its registered office at 1 rue Anita Conti, 56000 Vannes, France, is the controller of the data described below. Contact: .

Two distinct roles

LenoIT acts in two capacities:

  • as a data controller for the data related to your account and your use of the service;
  • as a data processor for the data you back up through the service. That data belongs to you: LenoIT processes it solely on your behalf and on your instructions, within the scope of the subscribed service.

Data We Collect

Account information

  • Name, email address, company name
  • Billing information, processed by our payment provider

Service data

  • Backup metadata (sizes, timestamps, retention settings)
  • Connection logs, for security purposes
  • Dashboard usage data

The content of your backups

Your backups may contain personal data. When client-side encryption is enabled, LenoIT has no access to their content. This content is processed as a data processor, never for LenoIT’s own purposes.

Website data

  • Standard web server logs
  • Privacy-friendly analytics

How We Use Your Data

  • To provide and maintain the service
  • To process payments and manage your account
  • To communicate about the service (updates, maintenance)
  • To improve the service
  • To comply with our legal obligations

Hosting and location

The data of customers established in the European Union is hosted exclusively in data centers located within the European Union (France and Germany). The data of a European customer is never transferred outside the European Union. Servers located in the United States are reserved for customers established in the United States.

Data Retention

  • Account data: kept while your account is active, then for 30 days after its deletion
  • Backup data: kept according to the retention policy you configure
  • Logs: kept for 12 months for security purposes

Sub-processors

We rely on a limited number of sub-processors, all contractually bound to comply with the GDPR:

  • Stripe for payment processing
  • OVHcloud, Hetzner and Equinix for infrastructure hosting
  • AuthSMTP for sending the service’s emails

The GDPR page covers this point.

Your Rights

Under the GDPR, you have rights of access, rectification, erasure, portability, restriction and objection regarding your personal data. The GDPR page explains each of these rights and how to exercise them.

Cookies

Our website uses only the cookies strictly necessary for it to function. The analytics in use are privacy-friendly and do not require consent.

Changes to This Policy

We may update this policy. Significant changes will be communicated by email or through the dashboard.

Contact

For any question regarding the protection of your data, write to us at .

Terms of Use → General Terms and Conditions of Sale → Legal Notice → GDPR → Data Processing Agreement →