CloudArmy GDPR Compliance

Cloud Army Network Inc. (CloudArmy) values privacy and is committed to full compliance with the European General Data Protection Regulation (GDPR).

Data We Collect and Protect

CloudArmy collects four categories of data:

  • Customer Content used to create test designs in our Reactor Portal
  • Personal information entered in our Reactor Portal pertaining to the users of the portal who create and analyze tests
  • Results from respondents who take tests on our Reactor platform
  • Contact information gathered from various sources and used for marketing purposes
  • IP addresses collected from all web users for security and platform maintenance

CloudArmy does not collect sensitive personal data as defined by the GDPR, such as criminal records, sexual preferences, religious views, etc.

Customer Content: The CloudArmy terms of service specify that no personally identifiable data may be included in test designs created on the Reactor platform.

Respondent Data: The CloudArmy terms of service specify that no personally identifiable data may be collected by tests run on the Reactor platform. In addition, CloudArmy neither solicits nor accepts any personally identifiable information about respondents from panel providers. Therefore, CloudArmy respondent data never includes any personally identifiable information.

Customer Personal Data: CloudArmy obtains unambiguous consent before collecting personal data from our customers and portal users.

Marketing Data: Whenever CloudArmy collects data for marketing purposes we always get unambiguous consent first and we always provide the option to unsubscribe from any marketing channels, including email lists.

System Diagnostics: CloudArmy gathers and stores diagnostic data which includes  Internet Protocol (IP) addresses and error messages from all web users who access our services. This data is held for between 14 days and 1 year and is used only to diagnose and handle issues related to the security and integrity of our services.

Data Protection

CloudArmy does not act as a processor for our customers, and when we process personal data as a controller, we minimize the amount collected and keep it as safe as possible through pseudonymization and other security measures.

Respecting Rights

CloudArmy has mechanisms and processes in place to allow customers to exercise their rights under the GDPR:

  • The Right to be Forgotten: CloudArmy will delete any piece of personal data that it has received on the basis of consent within a reasonable period of time as long as it does not conflict with our other legal obligations.
  • The Right to Data Portability: Upon request, CloudArmy will send within a reasonable period of time and in a machine-readable format any personal data received by consent from that individual.

Privacy Policy and Terms of Service

CloudArmy has a Privacy Policy and Terms of Service that reflect the requirements of the GDPR and our compliance with it.

Cookies

CloudArmy does not store personal data in cookies without explicit consent.