Privacy Policy

1. Introduction and Scope

Welcome to GPUCloudList ("we", "our", or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website gpucloudlist.com (the "Site"), use our services, or interact with us in any way. We are committed to protecting your privacy and ensuring the security of your personal data.

This policy applies to all users of our Site, including visitors who browse without registering, users who subscribe to our newsletter, and individuals who engage with our content or affiliate links. By accessing or using our Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms outlined herein, please discontinue use of the Site immediately.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We encourage you to review this page periodically to stay informed about how we protect your information.

2. Information We Collect

We collect several types of information to provide and improve our services. The categories below describe the information we may collect about you.

2.1 Personal Information

Personal information is data that can be used to identify you as an individual. We may collect the following personal information when you voluntarily provide it to us:

• Full name
• Email address (when you subscribe to our newsletter or contact us)
• Account credentials if you create a user account
• Payment information processed through our payment provider (we do not store full credit card numbers)
• Any other information you choose to provide through forms, surveys, or direct communication

2.2 Usage Data

When you access and interact with our Site, we automatically collect information about how you use it. This includes:

• Pages visited and content viewed
• Time spent on the Site and specific pages
• Navigation paths and click-through patterns
• Search queries performed on the Site
• Referring websites or sources that brought you to our Site
• Interaction with affiliate links and advertisements
• Newsletter open and click rates (if you are a subscriber)

2.3 Device and Connection Information

We automatically collect certain information about the device and network you use to access our Site, including:

• IP address (which may be used to determine your approximate geographic location)
• Browser type and version
• Operating system (Windows, macOS, Linux, iOS, Android, etc.)
• Device type (desktop, tablet, mobile phone)
• Screen resolution and display settings
• Internet Service Provider (ISP) or mobile carrier
• Language preferences and time zone settings

2.4 Cookies and Tracking Technologies

We use cookies, web beacons, pixels, local storage, and similar tracking technologies to collect information and enhance your experience. These technologies serve several purposes:

• Essential cookies: Required for the Site to function properly, such as remembering your preferences and language settings
• Analytics cookies: Help us understand how visitors interact with our Site by collecting anonymous usage statistics
• Advertising cookies: Used by us and our advertising partners to serve relevant advertisements and measure campaign effectiveness
• Affiliate tracking cookies: Track referrals from our Site to partner providers for commission attribution purposes

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of the Site and your overall user experience.

3. How We Use Your Information

We use the information we collect for legitimate business purposes, including:

• Operating, maintaining, and improving our Site and services
• Providing you with accurate and up-to-date information about GPU cloud providers, pricing, and availability
• Sending newsletter updates, product announcements, and marketing communications (only if you have opted in)
• Analyzing usage patterns to optimize the Site structure, content, and user experience
• Responding to your inquiries, support requests, or feedback
• Monitoring and analyzing trends, usage, and activities to improve our services
• Detecting, investigating, and preventing fraudulent transactions, abuse, and other harmful activities
• Complying with legal obligations and enforcing our Terms of Service
• Tracking affiliate referrals and calculating commissions from our partner programs
• Personalizing content and recommendations based on your browsing behavior
• Conducting research and generating aggregated, anonymized statistics for internal use or public reporting

4. Data Sharing and Third-Party Services

We do not sell your personal information. However, we may share your data with trusted third-party service providers who assist us in operating our Site and delivering our services. These parties are contractually obligated to use your information only for the purposes specified by us and in compliance with applicable data protection laws.

4.1 Infrastructure and Hosting

Vercel: Our Site is hosted on Vercel's infrastructure. Vercel may collect and process server logs, performance metrics, and deployment-related data. Vercel acts as a data processor on our behalf and is bound by their own privacy policy and applicable data processing agreements.

4.2 Analytics Services

Vercel Analytics: We use Vercel Analytics to monitor Site performance, page load times, and user interactions. This service collects anonymized data about your visits, including pages viewed, session duration, and navigation paths. The data is aggregated and does not identify individual users.

Google Analytics: We use Google Analytics to analyze traffic patterns and user behavior on our Site. Google Analytics uses cookies and similar technologies to collect information, which may include your IP address, device identifiers, and browsing activity. Google may combine this information with other data they hold. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on available at tools.google.com/dlpage/gaoptout.

4.3 Database and Storage

Supabase: We use Supabase as our primary database and backend infrastructure provider. Supabase stores user account information, newsletter subscriptions, preference settings, and other application data. Supabase is SOC 2 Type II certified and complies with GDPR requirements. Data is encrypted both in transit and at rest.

4.4 Email Communications

Resend: We use Resend as our email delivery service to send newsletters, notifications, and transactional emails. When you subscribe to our newsletter, your email address and name (if provided) are stored with Resend. Resend processes this information solely on our behalf and does not use it for their own marketing purposes.

4.5 Payment Processing

Stripe: If you make purchases through our Site (such as premium subscriptions or featured listings), payment processing is handled by Stripe. We do not store your full credit card numbers or sensitive payment details on our servers. Stripe collects and processes payment information in accordance with their own privacy policy, available at stripe.com/privacy. Stripe is PCI DSS Level 1 certified, the highest level of payment security compliance.

4.6 Affiliate Partners

We participate in affiliate marketing programs with cloud GPU providers and related services. When you click on an affiliate link on our Site, a tracking cookie is placed to attribute any subsequent purchase to our referral. The affiliate partner's own privacy policy governs how they handle your information after you leave our Site. We recommend reviewing the privacy policies of any third-party websites you visit through our links.

4.7 Advertising Partners

We may display advertisements on our Site through partners such as Google AdSense, Carbon Ads, or other ad networks. These partners may use cookies and similar technologies to serve ads based on your browsing activity across the internet. You can opt out of personalized advertising by visiting your Ad Settings or visiting aboutads.info.

4.8 Legal Requirements

We may disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or regulatory inquiries). We may also disclose information to protect our rights, property, or safety, or that of our users and the public.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods vary depending on the type of data:

• Account data: Retained for as long as your account remains active, plus up to 30 days after account deletion for backup purposes
• Newsletter subscriptions: Retained until you unsubscribe or request deletion, after which data is removed within 30 days
• Usage and analytics data: Aggregated and anonymized analytics data may be retained indefinitely; raw logs are typically deleted after 14 months
• Communication records: Emails and support inquiries are retained for up to 2 years for reference and quality assurance
• Payment records: Transaction history is retained for a minimum of 7 years to comply with tax and accounting obligations
• Affiliate tracking cookies: Typically expire between 30 to 90 days, depending on the affiliate partner's program terms

When data is no longer needed, it is securely deleted or anonymized using industry-standard methods to prevent reconstruction or unauthorized access.

6. Data Security Measures

We take the security of your personal information seriously and implement a comprehensive set of technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security) protocol (HTTPS)
• Encryption at rest: Sensitive data stored in our databases is encrypted using AES-256 encryption standards
• Access controls: We enforce strict role-based access controls (RBAC) so that only authorized personnel can access personal data, and only when necessary
• Regular security audits: We conduct periodic security assessments and vulnerability scans of our infrastructure
• Secure development practices: Our codebase follows secure coding standards, and we perform regular code reviews to identify and remediate security issues
• Monitoring and logging: We maintain audit logs of access to sensitive systems and monitor for suspicious activity
• Incident response: We have an established incident response plan to address any potential data breaches promptly and notify affected users as required by law
• Third-party vetting: We carefully select our service providers and ensure they meet our security and privacy standards through contractual agreements and due diligence

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security posture and minimize risks.

7. Your Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information. We are committed to complying with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA), the California Consumer Privacy Act (CCPA) for California residents, and other applicable data protection laws worldwide.

7.1 GDPR Rights (European Users)

If you are located in the EEA, you have the following rights:

• Right of Access: You can request a copy of the personal data we hold about you, along with information about how it is processed
• Right to Rectification: You can request correction of any inaccurate or incomplete personal data
• Right to Erasure ("Right to be Forgotten"): You can request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes it was collected
• Right to Restrict Processing: You can request that we limit the processing of your personal data in specific situations
• Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have it transferred to another controller
• Right to Object: You can object to the processing of your personal data, including for direct marketing purposes
• Right to Withdraw Consent: If we rely on your consent as the legal basis for processing, you can withdraw that consent at any time without affecting the lawfulness of processing before withdrawal

7.2 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information is being collected, used, shared, or sold
• Know whether your personal information is sold or disclosed and to whom
• Opt out of the sale of personal information (we do not sell personal information)
• Access your personal information
• Request deletion of your personal information
• Equal service and price, even if you exercise your privacy rights (non-discrimination)

7.3 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@gpucloudlist.com. We will respond to your request within 30 days and may ask for additional information to verify your identity. You also have the right to lodge a complaint with a supervisory authority in your jurisdiction if you believe your rights have been violated.

8. Children's Privacy

GPUCloudList is not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13, in compliance with the Children's Online Privacy Protection Act (COPPA) and similar regulations worldwide.

If we become aware that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will take immediate steps to delete that information from our servers. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at privacy@gpucloudlist.com, and we will investigate and take appropriate action.

9. International Data Transfers

GPUCloudList is operated from the United States. If you are accessing our Site from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.

For transfers from the EEA, United Kingdom, or Switzerland to countries outside these regions, we rely on the following legal mechanisms to ensure an adequate level of protection for your personal data:

• Standard Contractual Clauses (SCCs): We enter into SCCs approved by the European Commission with our service providers located outside the EEA
• Adequacy Decisions: Where applicable, we transfer data to countries recognized by the European Commission as providing an adequate level of data protection
• Data Processing Agreements: We maintain contractual agreements with all third-party processors that include data protection obligations consistent with applicable law

By using our Site or providing us with your personal information, you consent to the transfer of your data to the United States and other countries in accordance with this Privacy Policy and applicable legal frameworks.

10. Changes to This Privacy Policy

We reserve the right to modify, update, or amend this Privacy Policy at any time to reflect changes in our data practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page.

For significant changes, we will make reasonable efforts to notify you through a prominent notice on our Site, via email (if you are a registered user), or through other appropriate communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information.

Your continued use of the Site after any modifications to this Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, please discontinue use of the Site.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us using the information below:

For data protection inquiries from users in the European Economic Area, you also have the right to lodge a complaint with your local supervisory authority. A list of data protection authorities in the EEA is available at edpb.europa.eu.