Legal

Privacy Policy

Last updated: March 15, 2026

1. Overview

Zlycloud ("we", "our", or "us") operates a global CDN, cloud security, and infrastructure platform at zlycloud.io. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our services, website, or APIs.

By accessing or using Zlycloud services, you agree to this Privacy Policy. If you do not agree, please discontinue use of our services.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, company name, phone number when you register or contact us
  • Payment information: billing address, payment method details (processed by our payment partners — we do not store raw card data)
  • Support communications: messages, tickets, and emails you send to our support team
  • Configuration data: domain names, DNS records, origin IPs, and other settings you configure in our dashboard

2.2 Information Collected Automatically

  • Traffic logs: IP addresses, request headers, URLs, timestamps, response codes, and byte counts for traffic routed through our network
  • Usage data: dashboard interactions, API calls, feature usage statistics
  • Device information: browser type, operating system, referrer URL, and language preferences
  • Security data: threat signatures, attack patterns, and bot fingerprints detected by our systems

2.3 Information from Third Parties

  • IP geolocation providers for routing optimization
  • Threat intelligence feeds for security protection
  • Payment processors (SePay, Stripe) for transaction verification

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain our CDN and security services
  • Process payments and manage your account
  • Detect, mitigate, and analyze DDoS attacks, bot traffic, and other threats
  • Send transactional communications (invoices, alerts, service updates)
  • Improve service performance through aggregated analytics
  • Comply with legal obligations and enforce our Terms of Service
  • Respond to support requests and provide technical assistance

We do not sell your personal data to third parties. We do not use your traffic content for advertising profiling.

4. Data Sharing & Disclosure

We may share your information with:

  • Service providers: hosting, billing, analytics, and support tools operating under data processing agreements
  • Network partners: upstream transit providers and IX partners for traffic routing (metadata only, no content)
  • Law enforcement: when required by valid legal process, court order, or to protect the safety of our users or the public
  • Business transfers: in connection with a merger, acquisition, or sale of all or substantially all of our assets

We require all third-party processors to implement appropriate security measures and prohibit them from using your data for their own commercial purposes.

5. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

  • Account data: for the duration of your account and 30 days after deletion
  • Traffic logs: 30 days rolling for standard plans; up to 90 days for Enterprise plans
  • Security event logs: up to 12 months for threat analysis and compliance
  • Billing records: 7 years as required by financial regulations

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: request a copy of personal data we hold about you
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of your data (subject to legal retention requirements)
  • Portability: receive your data in a machine-readable format
  • Objection: object to certain processing activities
  • Restriction: request that we limit how we use your data

To exercise any of these rights, contact us at privacy@zlycloud.io. We will respond within 30 days.

7. Security

We implement industry-standard security measures to protect your data, including:

  • TLS 1.2+ encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Role-based access control and audit logging for internal systems
  • Regular third-party security audits and penetration testing
  • SOC 2 Type II compliance for our core infrastructure

No method of transmission or storage is 100% secure. We notify affected users promptly in the event of a data breach affecting their personal information.

8. Cookies & Tracking

Our website uses the following types of cookies:

  • Essential: session authentication, security tokens, load balancing
  • Analytics: aggregated usage statistics (no cross-site tracking)
  • Preference: language, theme, and dashboard layout settings

You can disable non-essential cookies via your browser settings. Essential cookies cannot be disabled without affecting service functionality.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us at privacy@zlycloud.io and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or a prominent notice on our website at least 14 days before taking effect. Continued use of our services after the effective date constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related inquiries, requests, or complaints: