losclouds
Privacy

Privacy Policy

What losclouds collects, why it’s collected, and how long it’s kept — mapped to the product behavior today, not a generic template. Last updated April 20, 2026.

This policy describes what losclouds collects, why it's collected, and how long it's kept. It maps to the behavior of the product today — not a generic template.

Account data from Google sign-in

When you sign in with Google, losclouds receives your Google account identifier, email, and display name. We store the email and display name so the dashboard and alerts can address you. We do not receive your Google password, contacts, calendar, or files.

Sessions and cookies

losclouds uses first-party cookies scoped to the losclouds domain to keep you signed in. Theme preference is stored locally in your browser so the public site can remember dark or light mode without an account. Session tokens are stored server-side and expire automatically. We do not use advertising cookies.

Alert destinations

When you subscribe to alerts, losclouds stores the destination address (email, Slack webhook URL, or Discord webhook URL) along with notification preferences and a verification state so we can confirm ownership before delivering alerts. Unsubscribe tokens are generated per subscription and can be rotated by editing or deleting the subscription.

API key metadata and usage

API keys created from the dashboard are stored hashed. losclouds records key metadata, last-used timestamps, and account/tier usage summaries so you can monitor consumption and revoke leaked keys. Raw key values are shown only once at creation time; keys are credentials and do not have independent quota.

User report metadata

User status reports are associated with the signed-in user when available. To prevent abuse and deduplicate signal, each report also stores a salted hash of the reporter IP and the coarse-grained country and city derived from the request IP at report time.

  • Raw IP addresses are not stored alongside reports.
  • Country and city are derived for grouping only and are never attached to your public profile.
  • Hashed IP plus target plus recent-window rate limiting is used to detect and reject duplicate submissions.
  • Public report feeds may include synthetic or demo entries when losclouds is testing the product, and those entries are labeled on the public surface.

Operational and observability data

losclouds logs request paths, status codes, and error traces for the purpose of keeping the service running. Access logs and error traces are retained for a rolling window and are used to debug incidents, not to profile users.

Retention, deletion, and export

Deleting your account from Account → Danger Zone immediately removes your user record, active sessions, alert destinations, API keys, and status reports tied to your account or email. Request an export or ask a data question by emailing us.

Privacy questions or deletion requests? Email us at [email protected].