Cloud Spectra is a self-hosted networking appliance: it is deployed by you, from the AWS Marketplace or a CloudFormation template, into your own AWS account and VPC. Production network traffic, configuration, logs, and TLS keys remain inside your AWS account. Cloud Spectra LLC operates no infrastructure in your data path and receives no telemetry from deployed appliances. This shapes everything below: most "customer data" in the traditional SaaS sense never reaches us.
1. Who we are
Cloud Spectra LLC ("Cloud Spectra", "we", "us") is the data controller for personal data we collect through this website and our sales process. Registered address: 1957 Limewood Dr, San Jose, CA 95132, USA. Privacy contact: privacy@cloudspectra.ai.
2. What we collect
2.1 Website visitors
- Technical data served by our edge provider (Cloudflare): IP address, user agent, request timestamps and basic security/anti-abuse logs.
- Third-party embeds: fonts and background imagery are self-hosted on this domain, so a normal page load contacts no third party other than our edge provider. The Calendly scheduler is loaded only after you consent via our cookie banner, or when you explicitly open a scheduling widget; it may then receive your IP address. See our Cookie Policy.
2.2 Prospects and customers
- Contact & scheduling data you submit via email or Calendly (name, email, company, meeting notes).
- Billing/entitlement data processed by AWS Marketplace when you subscribe; we receive limited subscription metadata from AWS, not your payment-card details.
2.3 The cost scanner (savings page)
Our optional read-only cost scanner uses an IAM role you create to read AWS Cost Explorer / billing aggregates in your account. It reads cost figures, not your network payloads. Results are returned to your browser; we describe its exact permissions on the Trust Center.
3. How we use it
- To respond to enquiries, schedule and conduct sales/onboarding conversations.
- To provision, support, and bill Marketplace subscriptions and licenses.
- To secure the website and prevent abuse.
- To meet legal, tax, and accounting obligations.
4. Legal bases (GDPR)
Where the EU/UK GDPR applies, we rely on: legitimate interests (running and securing our site, responding to B2B enquiries), performance of a contract (delivering and supporting a subscription you purchased), consent (non-essential cookies/embeds, where required), and legal obligation (tax/records).
5. Service providers / sub-processors
| Provider | Purpose | Data |
|---|---|---|
| Amazon Web Services | Marketplace billing/entitlement, software distribution | Subscription metadata |
| Cloudflare, Inc. | DNS, CDN, edge security, cost-scanner worker | IP, request metadata |
| Calendly, LLC | Meeting scheduling (after consent / on interaction) | Name, email, meeting details |
| GitHub, Inc. (Pages) | Static website hosting | IP, request metadata |
A current list is maintained here and in our DPA. We will give notice of material changes to sub-processors that process customer personal data.
6. International transfers
Our providers are primarily US-based. Where personal data is transferred out of the EEA/UK, we rely on the applicable Standard Contractual Clauses / UK IDTA offered by those providers. Counsel to confirm the transfer mechanism and any supplementary measures.
7. Retention
We keep enquiry and customer-relationship data for as long as needed for the relationship and then for the period required by tax/legal obligations, after which it is deleted or anonymized.
8. Your rights
Depending on your location (GDPR / UK GDPR / CCPA-CPRA and similar), you may have rights to access, correct, delete, port, or restrict processing of your personal data, to object to processing, and to withdraw consent. We do not sell or "share" personal information as those terms are defined under the CCPA/CPRA. To exercise any right, email privacy@cloudspectra.ai; we will respond within the timeframes required by applicable law.
9. Security
We apply appropriate technical and organizational measures to the limited personal data we hold. Security questions or reports: security@cloudspectra.ai (see also our responsible disclosure policy).
10. Children
The website and product are intended for businesses; they are not directed to children and we do not knowingly collect data from anyone under 16.
11. Changes & contact
We may update this policy; the "last updated" date above reflects the current version. Questions: privacy@cloudspectra.ai or 1957 Limewood Dr, San Jose, CA 95132, USA.