Cloud Technology Solutions Ltd
Last modified September 2019
We have created this privacy statement in order to demonstrate our firm
and continuing commitment to the privacy of personal information
provided by our customers when installing and using CloudM Manage a
Solution of Cloud Technology Solutions Ltd. We hold the privacy of your
personal information in the highest regard. The following discloses our
information gathering and dissemination practices for CloudM Manage.
We recognize the importance of protecting your privacy and our policy is
designed to assist you in understanding how we collect, use and
safeguard the personal information you provide to us and to assist you
in making informed decisions when using CloudM Manage. This policy will
be continuously assessed against new technologies, business practices
and our Customers’ needs.
CloudM Manage are committed to protect Customer Subjects’ privacy and the
confidentiality of Customer Subject data to the maximum extent permitted
by law and/or accepted by industry standards.
- What information we collect and why we collect it.
- How we use that information.
- How you can opt-in or opt-out.
The Customer is the Data Controller.
Cloud Technology Solutions Ltd. is the Data Processor.
CloudM Manage will only store information about Customer Subjects where
the Customer has chosen to install, activate and configure CloudM Manage
within their Google G Suite Domain.
It is the Customer’s responsibility to (a) ensure that Personal
Information is dealt with in a way that is compliant with Article 1(1)
of the GDPR; and (b) to justify the processing of the 2 Personal
Information is in accordance with Article 6(1) of the GDPR, and
communicate that justification to each Customer Subject in accordance
with relevant laws. It is also the Customer’s responsibility to have
appropriate privacy policies in place with Customer Subjects, and to
otherwise comply with applicable law as a Data Controller.
During installation of CloudM Manage the Customer is notified of the
access to Personal Information required by CloudM Manage and must accept
that access before completing the installation.
Installation does not automatically synchronise or store user data, and
subsequent configuration actions must be completed by the Customer to
The Customer can opt-out at any time and remove CloudM Manage from their G
What Information Do We Collect?
There are three types of information collected and processed to provide
the CloudM Manage Services:
- Device Information
We collect IP addresses of
devices connecting to CloudM Manage.
- Log Information
When you use CloudM Manage we
automatically collect and store certain information in server logs.
- User ID of users logging into CloudM Manage (including their
username and login).
- Details of how you use the service.
- Customer Subject Information
We may process the
following data that you provide to us about Customer Subjects:
- Job title
- Company name
- Mobile telephone number
- E-mail address
- IP address and browser information
- Job Title
- Web links
- Profile photograph
- Instant Message address
This information is not used by Cloud Technology Solutions Ltd. for any
purpose other than to facilitate and support the Customer’s use of
CloudM Manage, and shall only be kept for as long as it is relevant to
that purpose for which it was collected or for as long as required by
As the data owner a Customer has control over which data it collects
about Customer Subjects. Therefore, additional Personal Information may
be held and processed by us if CloudM Manage is configured to do so by
Who is collecting the data
The data is collected from Customer Subjects by the Customer.
do we collect the data
The data is collected or added by the Customer using one or more of the
- Data upload by the Customer (spreadsheet) relating to Customer
- Manual input by the Customer’s Subjects
Why is it the data being collected
The data is collected in order to provide the functionality of
CloudM Manage required by the Customer.
How will the data be
The data is used by the Customer to manage their G Suite Domain or
access/use additional functionality provided by CloudM Manage. Data
collected by Cloud Technology Solutions Ltd. is used to provide the
CloudM Manage Service and better develop the product.
Who will the
data be shared with
CloudM Manage will not access, view or review any accessible Customer
Subject data unless:
- either Customer or a government agency or regulatory body
specifically requests us to do so;
- when performing routine backup and restore operations, virus scan
and virus removal, spam and content filtering; or
- if such access, view or review is urgent and necessary to protect
personal safety, perform troubleshooting, restore systems operation
in the event of a server failure, remove illegal or offending (e.g.
pornographic, violating our policies, etc.) content or prevent a
server failure, Service outage or other damage.
Under no other circumstances will CloudM Manage access Customer Subject
data or share Customer Subject data with any third parties without
Customer prior permission, except to the extent required by law or
governmental or regulatory body or necessary to render our services to
How CloudM Manage secures any information
CloudM Manage is hosted within the Google App Engine platform and
therefore benefits from the security measures provided by Google. In
addition, to protect the data we process CloudM Manage has been designed
with the following Security features:
CloudM Manage is built within the Google App Engine environment and as
such takes advantage of the extensive controls and practices Google has
to protect the security of Customer information. Google applications run
in a multi-tenant, distributed environment. Rather than segregating each
Customer’s data onto a single machine or set of machines, Google data
from all Google customers (consumers, business, and even Google’s own
data) is distributed amongst a shared infrastructure composed of
Google’s many homogeneous machines and located across Google’s many data
Access by CloudM Manage administrative engineers to production
environments is similarly controlled. A centralized group and role
management system is used to define and control engineers’ access to
production services, using an extension of the above-mentioned security
protocol that authenticates engineers through the use of a personal x509
certificate that is issued to them.
Data in Transit
- HTTPS enforced between end user device and service provider
- Encrypted transmissions between Google servers
- SSL for Google APIs
Asset protection and resilience
Datacentre locations are available on public Google maps.
All datacentres restricted and covered by Statement on Standards for
Attestation Engagements (SSAE) No. 16 Type II / International Standards
for Assurance Engagements (ISAE) No. 3402 report (or a comparable
report) and ISO/IEC 27001
After a termination of the contract CloudM Manage data is held for 28 days
within Google's systems. After 28 days this data is deleted permanently
from the systems.
CloudM Manage Terms & Conditions
Google Cloud & the General Data Protection Regulation (GDPR)
Google CloudPlatform Model Contract Clauses
Google Cloud Platform ISO27001 Certificate and Scope
Google US Privacy Shield Framework Active Participant Entry
From time to time we may make changes to this policy to reflect any
changes to our privacy practices in accordance with changes in
legislation, best practice enhancements. We will notify you about
material changes to this policy by sending a notice to the email address
you provided to us or by placing a prominent notice on our website.
A set of functions and procedures that allow the creation of applications
which access the features or data of an operating system, application,
or other service.
In this policy, references to “you” or the “Company” refers to the
organisation who submits data to us.
An individual in respect of whom the Customer provides to us the Personal
Information, and who will usually be an employee of the Customer.
A device is a computer that can be used to access Google services. For
example, a device could be a desktop, tablet or smartphone.
The General Data Protection Regulation (EU 2016/679)
Google App Engine
Google App Engine (often referred to as GAE or simply App Engine) is a
web framework and cloud computing platform for developing and hosting
web applications in Google-managed data centers.
G Suite Domain
Your domain host is the Internet hosting service that stores the records
you need to update when you set up G Suite. These DNS records control
where you receive your email, your web addresses, and settings for your
Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of
HTTP, the protocol over which data is sent between your browser and the
website that you are connected to.
Every device connected to the Internet is assigned a number known as an
Internet protocol (IP) address. These numbers are usually assigned in
geographic blocks. An IP address can often be used to identify the
location from which a device is connecting to the Internet.
Multi-tenancy is an architecture in which a single instance of a software
application serves multiple customers
This is information that you provide to us which personally identifies
you, such as your name, email address or IP Address.
Role Based Access
Role-based access control (RBAC) is a method of regulating access to
computer or network resources based on the roles of individual
CloudM Manage stores information for the operation and troubleshooting of
the Service. This includes IP Address, user ID, errors, and access
SSL (Secure Sockets Layer) is the standard security technology for
establishing an encrypted link between a web server and a browser.
A unique sequence of characters used to identify a user and allow access
to CloudM Manage.
An X.509 certificate is a digital certificate that uses the widely
accepted international X.509 public key infrastructure (PKI) standard to
verify that a public key belongs to the user, computer or service
identity contained within the certificate.