CloudPuter
CloudPuter
Legal
The data controller responsible for your personal data is:
We do not currently have a designated Data Protection Officer (DPO), as we are not required to appoint one under Article 37 GDPR based on the nature and scale of our processing activities. For all data protection matters, please contact us at the email above.
We collect only the minimum personal data necessary to operate our services. Depending on how you interact with us, this may include:
We do not collect payment card data, government-issued identification, or special category data (such as health, biometric, or racial/ethnic origin data). Our open-source software products (Corelamo and Cactus) run on your own infrastructure — we do not access or process data stored within them.
Under Article 6 of the GDPR, we process your personal data on the following legal bases:
| Purpose | Legal basis |
|---|---|
| Responding to your enquiries | Legitimate interests (Art. 6(1)(f)) — to communicate with prospective customers and partners |
| Security and fraud prevention | Legitimate interests (Art. 6(1)(f)) — to protect our systems and users |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
| Essential cookies | Legitimate interests (Art. 6(1)(f)) |
| Non-essential analytics cookies (if used) | Consent (Art. 6(1)(a)) |
Where we rely on legitimate interests, we have considered and balanced those interests against your rights and freedoms. You may object to processing based on legitimate interests at any time (see Section 9).
We use the personal data we collect to:
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
We do not sell your personal data. We do not share it with third parties for their own marketing purposes.
We may share your data with carefully selected third-party service providers (data processors) who act strictly on our instructions and under appropriate data processing agreements. These may include:
We may also disclose your data where required by law, court order, or governmental authority, or to protect the rights and safety of CloudPuter, our users, or the public.
We retain personal data only for as long as necessary for the purposes described in this policy, or as required by applicable law.
When data is no longer needed, we delete or anonymise it securely.
Cookies are small text files placed on your device by websites you visit. Our websites may use the following types of cookies:
| Type | Purpose | Basis |
|---|---|---|
| Strictly necessary | Required for the website to function (e.g. session management, security) | Legitimate interests |
| Preference | Remembering your settings (e.g. dark mode preference on documentation pages) | Legitimate interests |
| Analytics | Understanding how visitors use our website (only if analytics are enabled) | Consent |
Our websites embed links to third-party platforms including LinkedIn and GitHub. These platforms may set their own cookies when you interact with their content. We have no control over third-party cookies and recommend reviewing the privacy policies of those platforms.
You can control and delete cookies through your browser settings. Disabling cookies may affect the functionality of some parts of our websites.
SIA CloudPuter is based in Latvia (EU). Where we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place in accordance with Chapter V of the GDPR — including the use of Standard Contractual Clauses (SCCs) approved by the European Commission, or by transferring only to countries with an adequacy decision.
Our hosting and email infrastructure may involve processors based in the United States or other third countries. We ensure these transfers are lawful and protected under appropriate mechanisms.
As a data subject under the GDPR, you have the following rights:
To exercise any of these rights, please contact us at gints@siets.com. We will respond within 30 days. We may need to verify your identity before processing your request.
You will not be charged a fee for exercising your rights unless your request is manifestly unfounded or excessive.
Our services are not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we do, we will update the "Last updated" date at the top of this page.
For material changes that significantly affect how we use your data, we will make reasonable efforts to notify you directly. We encourage you to review this policy periodically.
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:
We take privacy complaints seriously and will respond within 30 days.
If you are not satisfied with our response, or if you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Latvian supervisory authority:
You may also lodge a complaint with the supervisory authority in your country of residence or place of work if it differs from Latvia.