All Tools
About
GDPR Compliant

Your Data, Protected by European Law

We believe privacy is a fundamental right. Our platform is built to minimize data collection, process files securely in memory, and comply fully with EU regulations.

Effective Date: May 1, 2025

0

Files Stored

Deleted immediately after processing completes

EEA

Server Location

All infrastructure located within the EU only

Zero

Trackers Used

No analytics, cookies, or third-party profiling

GDPR

Compliant

Fully compliant with EU data protection law

What Data We Handle

A clear breakdown of what we collect, what we process temporarily, and what we never touch.

Usage Data (Automatic)
  • Server logs: IP address, browser type, requested pages
  • Retained for maximum 7 days, then permanently deleted
  • Used solely for security monitoring and abuse prevention
  • Not linked to any personal identifier
Uploaded Files (Temporary)
  • Held in server memory only during processing
  • Never written to persistent storage
  • Deleted immediately after result is returned
  • No copies retained on our servers
We Never Collect
  • No name or identity information
  • No email address (unless you contact us)
  • No payment or billing information
  • No tracking cookies or advertising IDs

Analytics

We use privacy-focused analytics to understand how our tools are used.

Analytics are only enabled with your consent.

No analytics data is transferred to third parties.

Google Privacy Policy

Advertising

We display non-intrusive ads to fund the platform. Ads are contextual — served based on page content, not your identity. We do not allow ad partners to track you across websites or build profiles from your visits.

Privacy by Design

Four core principles guide how we handle every byte of data.

Minimal Data Collection

We collect only what is strictly necessary — no names, emails, or personal identifiers unless you contact us directly.

Memory-Only Processing

Files are processed in server RAM and never written to disk. They are deleted instantly after processing completes.

EEA-Exclusive Hosting

All servers are located in Germany. Your data never leaves the European Economic Area.

Consent-First Analytics

Any analytics are only activated after you provide clear, informed consent — never by default.

Your GDPR Rights

As an EU/EEA resident, you have full control over your personal data.

Right of Access

Request a copy of personal data we hold about you

Right to Rectification

Correct inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Restriction of Processing

Limit how we use your data while rights are exercised

Data Portability

Receive your data in a machine-readable format

Right to Object

Object to processing based on legitimate interests

Exercise Your Rights

Email us at any time to exercise any GDPR right. Since we collect minimal data, most requests can be fulfilled immediately.

[email protected]

GDPR Compliance

We meet the highest standards set by the General Data Protection Regulation.

Consent (Art. 7)

We request consent only where legally required and never use pre-ticked boxes. Consent is always withdrawable.

Data Subject Rights (Art. 15-22)

You have the right to access, rectify, erase, restrict processing, and port your data. Contact us to exercise any right.

Security (Art. 32)

We implement appropriate technical measures: TLS encryption, isolated processing, and restricted server access.

Breach Notification (Art. 33-34)

In the unlikely event of a data breach affecting your rights, we will notify the supervisory authority within 72 hours.

Data Protection Officer

As a small solo-operated platform, we do not have a formal DPO appointment obligation under Art. 37 GDPR. However, privacy matters are handled with the same diligence by our team.

Privacy Contact

[email protected]

Records of Processing Activities

AllCloudTools maintains records of processing activities in accordance with Art. 30 GDPR. These records are available to supervisory authorities upon request.

Processing Activities Register (Art. 30)

ActivityPurposeRetention Period
File ProcessingProcess user files as requestedDuring processing only
Server LogsSecurity and abuse prevention7 days maximum
Newsletter SubscriptionSend updates and announcementsUntil unsubscribe
AnalyticsUnderstand how our tools are used14 months

International Transfers

All processing occurs exclusively within the EEA. We do not transfer personal data to third countries outside the EEA.

All data stays within the EEA

Security Measures

All connections use HTTPS/TLS encryption. File processing happens in isolated server processes with restricted access. Server logs are automatically purged after 7 days.

TLS 1.3HTTPS OnlyIsolated Processing

Cookies & Local Storage

We use only essential local storage for your theme preference (light/dark mode). This data never leaves your device.

View Cookie Policy

Supervisory Authority

You have the right to lodge a complaint with your national supervisory authority if you believe our processing violates GDPR.

German Federal Commissioner for Data Protection (BfDI)

Policy Updates

We may update this policy occasionally. Material changes will be indicated by a new effective date at the top of this page.

Contact Us

For privacy enquiries, data rights requests, or breach notifications, contact our privacy team directly.

[email protected]