Legal · Privacy Policy

Privacy Policy

Last updated: 1 June 2025 · Effective: 1 June 2025

      Cloudiva is committed to protecting your personal data. This policy explains what we collect, why we collect it, how we use it, and your rights under the GDPR and applicable Macedonian data protection law.
    

1. Data Controller

The data controller is Cloudiva, operating from North Macedonia. For data-related enquiries, contact us at privacy@cloudiva.mk.

2. Data We Collect

2.1 Information You Provide

Account data: name, email address, password (hashed)
Billing data: billing address, payment method (processed by Stripe — we do not store card details)
Communications: messages you send us via contact forms or email
SEO project data: keywords, website URLs, competitor domains, and any other data you enter into the platform

2.2 Data We Collect Automatically

Usage data: pages visited, features used, timestamps, actions taken
Technical data: IP address, browser type, operating system, referrer URL
Cookies: session cookies (required for login), and optional analytics cookies (see section 7)

3. Legal Basis for Processing

Purpose	Legal Basis
Providing and operating the Service	Performance of contract (Art. 6(1)(b) GDPR)
Billing and fraud prevention	Legal obligation / Legitimate interests (Art. 6(1)(c)(f))
Sending transactional emails (receipts, alerts)	Performance of contract
Sending marketing emails	Consent (Art. 6(1)(a)) — you can opt out at any time
Analytics & product improvement	Legitimate interests (Art. 6(1)(f))
Legal compliance & dispute resolution	Legal obligation / Legitimate interests

4. How We Use Your Data

To create and manage your account
To provide the SEO tools and features you have subscribed to
To process payments and send billing documents
To send service notifications, security alerts, and support responses
To improve our platform based on aggregated usage patterns
To comply with legal obligations

5. Data Sharing & Third Parties

We do not sell your personal data. We may share data with the following categories of trusted processors:

Stripe — payment processing (PCI DSS compliant)
Email delivery providers — transactional and marketing emails
Hosting & infrastructure providers — servers located in the EU or adequately protected jurisdictions
Analytics tools — aggregated, anonymised usage data only

We require all processors to maintain appropriate security measures and to process data only on our documented instructions.

6. Data Retention

We retain your account data for as long as your account is active, plus up to 3 years after termination for legal and accounting purposes. Billing records may be kept for up to 7 years as required by law. You may request deletion of your data at any time (see section 8).

7. Cookies

We use the following types of cookies:

Essential cookies: required for login sessions and security. Cannot be disabled.
Analytics cookies: used to understand how the platform is used. You can opt out in your account settings.

We do not use advertising or cross-site tracking cookies.

8. Your Rights (GDPR)

If you are in the EU/EEA or are covered by GDPR, you have the right to:

Access — request a copy of your personal data
Rectification — correct inaccurate data
Erasure — request deletion of your data ("right to be forgotten")
Restriction — limit how we process your data
Portability — receive your data in a machine-readable format
Object — object to processing based on legitimate interests
Withdraw consent — for any processing based on consent

To exercise any of these rights, email privacy@cloudiva.mk. We will respond within 30 days.

9. Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords, access controls, and regular security reviews. No method of transmission over the internet is 100% secure, but we take all reasonable steps to protect your data.

10. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you by email or in-app notice before material changes take effect. The "Last updated" date at the top reflects the most recent revision.

12. Contact & Complaints

For privacy enquiries: privacy@cloudiva.mk or via our contact page.

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the competent supervisory authority in North Macedonia or your country of residence.