We take your privacy seriously. This policy explains what information we collect, how we use it, and what rights you have. We've tried to keep it simple and jargon-free.
The Short Version
- We only collect what we need to provide the service
- We never sell your data
- We don't look at your backed-up files
- We don't share your information with third parties (except for payment processing)
- You can request deletion of your data at any time
What We Collect
Account Information
When you sign up, we collect:
- Your name
- Email address
- Billing address
- Payment information (processed securely through Stripe/PayPal)
Backup Metadata
To manage your backups, we track:
- Computer names connected to your account
- Backup sizes and timestamps
- File counts (not file contents)
- Backup success/failure status
Your Backed-Up Files
Your actual backup data is stored on our servers. Here's what's important:
- We don't access your files unless you specifically ask us to help restore something
- We can't read encrypted backups if you enable client-side encryption
- Your data stays on our servers in Norman, Oklahoma — not scattered across random data centers
Technical Data
Our servers automatically log:
- IP addresses connecting to the service
- Connection timestamps
- Error logs for troubleshooting
How We Use Your Information
We use your data to:
- Provide the backup service
- Process payments
- Send important service notifications (outages, maintenance, billing issues)
- Respond to support requests
- Monitor system health and troubleshoot problems
What We Don't Do
- Sell your information — Never. Not to advertisers, data brokers, or anyone else.
- Read your files — Your backups are your business.
- Send marketing spam — We might send occasional updates about new features, but that's it.
- Share with third parties — Except for payment processing (Stripe/PayPal), we keep your data to ourselves.
Data Storage & Security
Where Your Data Lives
Your backups are stored on servers physically located in Norman, Oklahoma. We use:
- Enterprise-grade hard drives with 5-year warranties
- RAIDZ2 redundancy (survives 2 simultaneous drive failures)
- Uninterruptible power supply (UPS) protection
- Regular integrity checks
Encryption
- In transit: All data transferred using TLS encryption
- At rest: Stored on encrypted filesystems
- Optional client-side encryption: You can enable this so even we can't read your data
Access Controls
- Only the service administrator has access to the backup infrastructure
- We use strong passwords and SSH keys
- Systems are protected by firewalls and intrusion detection
Data Retention
While You're a Customer
We retain your backups according to your plan's retention policy (typically 30 days of file history).
After You Cancel
- 30 days: Your data is retained in case you change your mind
- After 30 days: Your data is permanently deleted
- Immediate deletion: Available upon request
Account Information
We retain basic account records (name, email, payment history) for 7 years for tax and legal purposes, even after cancellation.
Your Rights
Access Your Data
Want to know what we have on file? Just ask. We'll send you a summary of your account information.
Correct Your Data
If any of your account information is wrong, let us know and we'll fix it.
Delete Your Data
You can request deletion of:
- Your backed-up files (immediate)
- Your account (we'll retain basic records for legal requirements)
Export Your Data
Need to move to another service? We can help you export your backups.
Opt Out of Communications
You can opt out of non-essential emails. We'll still send critical service notifications (like "your payment failed" or "service maintenance tonight").
To exercise any of these rights, email [email protected].
Third-Party Services
Payment Processing
- Stripe and/or PayPal handle payments
- We never see or store your full credit card number
- Their privacy policies: Stripe, PayPal
- We use standard email to communicate with you
- Transactional emails (receipts, alerts) may be sent through email service providers
We don't use:
- Analytics trackers
- Advertising networks
- Data brokers
- Social media integrations
Children's Privacy
Our service is not intended for children under 13. We don't knowingly collect information from children. If you believe a child has signed up, please contact us and we'll delete the account.
California Residents (CCPA)
If you're a California resident, you have additional rights:
- Right to know what personal information we collect
- Right to delete your personal information
- Right to opt out of sale of personal information (we don't sell data, so this doesn't apply)
- Right to non-discrimination for exercising your privacy rights
Changes to This Policy
We may update this policy occasionally. If we make significant changes, we'll:
- Email you at least 30 days before changes take effect
- Post the updated policy on our website
- Update the "Last Updated" date at the top
Contact Us
Questions about privacy? Reach out:
Mail: Short Stack Cloud Services LLC (DBA CorgiCloud), Norman, OK 73072
The Bottom Line
We're a small backup company operating as CorgiCloud, a DBA of Short Stack Cloud Services LLC. We don't have a complex data monetization strategy because we don't want one. You pay us to back up your data, and that's the extent of our business relationship. Simple as that.
Thanks for trusting us with your data.