Privacy Policy

Darmi Cloud operates the darmicloud.tech deployment platform and is the data controller for the personal data described in this policy. You can reach us at privacy@darmicloud.tech.

We collect the minimum information needed to operate the Service:

• Account data from GitHub OAuth: your name, email address, avatar, GitHub user ID and username.
• A GitHub access token, stored encrypted at rest on our servers, used only to read and clone the repositories you choose to deploy.
• Project and deployment data you create: repository references, branches, framework settings, build commands, deployment logs and status.
• Environment variables you add to your projects (values you mark as sensitive are hidden in the interface after saving).
• Technical data such as IP address, request and security logs needed to operate and protect the Service.

We use your information solely to provide and secure the Service: authenticating you, cloning and building your repositories, running your applications in isolated containers, routing traffic to them, showing you logs and status, and preventing abuse.

We do not sell your personal information, and we do not use it for advertising or third-party tracking.

Where the GDPR or similar laws apply, we process your data to perform our contract with you (providing the Service), to pursue our legitimate interests (securing and improving the Service), and to comply with legal obligations.

Your GitHub access token is stored server-side and is never exposed to the browser. All calls to GitHub are made from our servers and only to access the repositories you deploy. You can revoke our access at any time from your GitHub account settings under Applications.

Environment variables are stored so they can be injected into your application containers at runtime. Variables marked as sensitive are not displayed again in the interface after saving. We treat secrets as confidential, but you remain responsible for the values you choose to store.

We host the Service on infrastructure providers and use components such as PostgreSQL, Redis and a reverse proxy to operate it. GitHub is used for authentication and source code access. These providers process data only to enable the Service.

We retain your account, project, deployment and log data for as long as your account exists or as needed to provide the Service. When you delete a project, its deployments, logs, environment variables and domains are removed and its container is stopped. When you delete your account, we delete or anonymize your personal data within 30 days, except where retention is required by law.

We apply safeguards including encrypted token storage, HTTPS everywhere, ownership checks on every request, input validation, rate limiting, and isolated, resource-limited, non-privileged containers for deployed applications. No method of transmission or storage is completely secure, but we work to protect your data.

Depending on your location, you may have the right to access, correct, export, restrict or delete your personal data, and to object to certain processing. You can delete projects from the dashboard, revoke GitHub access from GitHub, and request account deletion or exercise other rights by emailing privacy@darmicloud.tech. You also have the right to lodge a complaint with your local data protection authority.

Your data may be processed in countries other than your own. Where required, we rely on appropriate safeguards such as standard contractual clauses for international transfers.

The Service is not directed to children under 16, and we do not knowingly collect their personal data.

We may update this Privacy Policy from time to time. We will post the updated version here and revise the date above. Material changes will be communicated where appropriate.

For privacy questions or requests, contact us at privacy@darmicloud.tech.