ITCloud LLC
From Tashkent tech hub 🇺🇿 to Canadian enterprises 🇨🇦

Privacy Policy

This Privacy Policy explains how ITCloud LLC collects, uses, discloses, and protects personal information when providing cloud hosting, cybersecurity, software development, DevOps, and IT consulting services to customers in Canada and other jurisdictions. We operate from the Republic of Uzbekistan while serving Canadian businesses under PIPEDA and follow GDPR/ePrivacy 2026 principles for cross-border processing.

Company identity and contact

ITCloud LLC, Company registration number: 30512789, 45 Navoi Street, Tashkent 100000, Republic of Uzbekistan. Canada Toll-Free: 1-800-IT-UZBEK | Phone: +998 71 200-5678 | Email: [email protected]

Personal information we collect

We collect contact details (name, email, phone), billing and payment information processed via Stripe Canada (in CAD), project metadata, account credentials, API keys required for service integration, logs and telemetry for performance and security, and support correspondence. For payments we receive limited billing data through Stripe Canada; full card data is handled by Stripe and not stored on our systems.

How we use data

We use personal data to provide and bill for services, manage subscriptions, provision cloud resources, respond to incidents, and improve products. We may use aggregated telemetry to analyze performance, detect security threats, and for anonymized analytics. We will only use your information for the purposes described at collection or as permitted by applicable law.

Cross-border transfers and safeguards

Service delivery and processing take place in Uzbekistan and, where necessary, in Canada and other trusted locations. Transfers from Uzbekistan to Canada for Canadian customers are subject to documented safeguards that meet PIPEDA requirements and GDPR/ePrivacy 2026 principles: contractual data processing agreements, encryption in transit and at rest, access controls, and limited sub-processor lists. Where transfers involve third-party processors such as Stripe Canada or hosting partners, we ensure those processors provide adequate protection through contractual terms and technical controls.

Billing, Stripe Canada and API keys

Billing is conducted in CAD. Stripe Canada processes card payments; sensitive card data is handled by Stripe and not stored on ITCloud servers. API keys and service credentials you provide are used only to provision or integrate services and are stored encrypted with strict access controls. If you provide test or production API keys for integrations, you are responsible for ensuring those keys relate only to accounts you control.

Legal bases and PIPEDA/GDPR rights

For Canadian individuals, PIPEDA governs personal data processing; for EU data subjects GDPR/ePrivacy 2026 applies where relevant. Processing is based on contractual necessity, legitimate interests for service security and improvement, and consent where required. Data subjects have rights to access, correction, erasure, portability, restriction, and objection. To withdraw consent or exercise rights, contact [email protected]. Withdrawal of consent will not affect processing conducted on other legal bases such as contract performance or legal obligations.

Retention and deletion

We retain personal data as long as needed to provide services, fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. Non-essential analytics cookies are retained for up to 12 months. Preference cookies (such as dashboard theme and CAD preference) are retained for up to 30 days. You can request deletion in accordance with applicable law; deletion requests are subject to verification and lawful retention obligations.

Security measures

ITCloud operates ISO 27001 aligned controls across our infrastructure. Data is encrypted in transit (TLS) and at rest. We implement role-based access, multi-factor authentication for administrative access, vulnerability management, and regular third-party audits. Incident response procedures include notification timelines consistent with PIPEDA and GDPR breach notification requirements.

Disclosure to third parties

We may disclose personal information to processors and sub-processors necessary to deliver services, such as cloud hosting partners, payment processors (Stripe Canada), and analytics providers. All third parties are bound by contractual commitments to protect data and process only as instructed. We do not sell personal information.

Children and minors

Our services are business-oriented and not directed at children. We do not knowingly collect information from minors. If we learn we have collected personal information of a minor without verification of parental consent, we will delete it.

Quebec French language notice

If you are a resident of Quebec, you have the right to receive communication from us in French. Vous pouvez communiquer avec nous en français; nos communications aux clients du Québec sont disponibles en français sur demande en envoyant un courriel à [email protected].

Changes to this policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will post the revised policy and update the "Last updated" date. Significant changes affecting Canadian customers will be communicated by email where required.

Contact and enforcement

To exercise your rights or ask questions, contact: [email protected] or Canada Toll-Free 1-800-IT-UZBEK. Canadian data subjects may file complaints with the Office of the Privacy Commissioner of Canada; EU data subjects may contact their supervisory authority. Our designated privacy officer can be reached at the above email address.