logo

Privacy Policy for MTD Cloud

Last updated: 6 February 2026

Version: 1.0

This Privacy Policy explains how MTD CLOUD SRL (“MTD Cloud”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit our websites, communicate with us, or use our products and services (together, the “Services”).

Where you use the Services on behalf of an organization (for example, your employer or your customer), that organization may act as the data controller for certain processing activities. In those cases, MTD Cloud may act as a data processor and will process personal data only under the organization’s instructions and the applicable contract (including a Data Processing Agreement, where relevant).

1. Data Controller

Controller: MTD CLOUD SRL

Registered address: Str. Falticeni Nr. 1, Bărăști, Boroaia, Suceava, România.

Trade Register / VAT: RO46085226

Email: privacy@mtdcloud.com

2. Policy Coverage

This policy applies to personal data processed in connection with:

  • website visits and marketing pages,

  • sales and business communications,

  • customer onboarding and account administration,

  • support, troubleshooting, and operational communications,

  • security monitoring and logging related to the Services.

This policy does not apply to third-party websites, apps, or services you access via links or integrations. Those third parties have their own privacy policies.

3. Personal Data Collected

A. Data you provide to us

We may collect personal data that you choose to provide, such as your name, business contact details (email, phone), company name, job title, your messages to us, and information you submit when you request a demo, create an account, sign a contract, or open a support ticket.

B. Data we collect automatically

When you use our websites or Services, we may collect technical and usage data such as IP address, device and browser information, timestamps, pages viewed, approximate location derived from IP (city/region level), and similar analytics information. In the Services, we may also collect operational logs and audit events (for example, authentication events, admin actions, API calls, resource lifecycle events) for security, reliability, and compliance.

C. Customer Content processed on behalf of customers

When customers use MTD Cloud infrastructure and platform services, we may process content and data uploaded, stored, or generated within customer environments (“Customer Content”). Customer Content may include personal data. In these situations, the customer determines the purposes and means of processing (as controller) and MTD Cloud acts as a processor.

4. Personal Data Collection Purpose

We process personal data for the following purposes:

  • Service delivery and administration. To create and manage accounts, provide the Services, authenticate users, provision resources, and deliver requested functionality.

  • Support and customer communication. To respond to inquiries, manage support tickets, provide updates, and communicate about incidents, maintenance, or changes affecting the Services.

  • Security and abuse prevention. To protect the Services, our customers, and users, including monitoring, detection, prevention, and investigation of security incidents, fraud, and misuse.

  • Billing and contract management. To manage contracts, invoicing, payments (where applicable), and related accounting obligations.

  • Service improvement. To understand how the Services perform, diagnose issues, improve reliability, and develop new features.

  • Marketing and business development (where permitted). To communicate product updates, events, and offers, in accordance with applicable law and your preferences.

  • Legal compliance. To comply with legal obligations and respond to lawful requests.

We do not sell personal data.

5. GDPR

Where the GDPR applies, we rely on the following legal bases:

  • Performance of a contract (Article 6(1)(b)) where processing is necessary to provide the Services or support under a contract.

  • Legitimate interests (Article 6(1)(f)) such as keeping our Services secure, preventing abuse, improving performance and reliability, and conducting proportionate B2B marketing where permitted.

  • Consent (Article 6(1)(a)) where required (for example, certain cookies or marketing communications in some jurisdictions).

  • Legal obligation (Article 6(1)(c)) where we must comply with applicable laws (e.g., tax/accounting obligations).

  • Vital interests (Article 6(1)(d)) only in rare situations where necessary to protect someone’s life.

For Customer Content, MTD Cloud generally processes personal data as a processor on behalf of the customer, and the customer is responsible for determining the relevant legal basis.5. Security

We implement appropriate technical and organizational measures to protect your information.

6. How we share personal data

We may share personal data in the following situations:

A. Service providers (sub-processors).

We use trusted vendors to help operate the Services (for example, hosting, monitoring, customer support tooling, email delivery, or security services). These providers may process personal data only under our instructions and are contractually required to protect it.

B. Corporate transactions.

If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, personal data may be disclosed as part of that transaction, subject to appropriate safeguards.

C. Legal and safety requirements.

We may disclose personal data where required by law, regulation, court order, or where necessary to protect rights, safety, and security, or to prevent fraud and abuse.

Sub-processor transparency.

A current list of sub-processors is available upon request at privacy@mtdcloud.eu.

Questions about this privacy policy? Contact us on email at privacy@mtdcloud.eu

7. International data transfers

We aim to process and store personal data in [EEA / Romania / specified regions]. If personal data is transferred outside the EEA, we use appropriate safeguards such as EU Standard Contractual Clauses and, where relevant, supplementary technical and organizational measures.

8. Data retention

We keep personal data only as long as necessary for the purposes described in this policy, including:

  • Account and customer relationship data: for as long as the relationship is active, and for a reasonable period afterward as needed for compliance and dispute resolution.

  • Billing and accounting records: for the period required by applicable law.

  • Support communications: for as long as needed to resolve requests and maintain support history, typically [e.g., 24 months], unless longer retention is required.

  • Security logs and audit trails: 365 days, unless required longer for investigations or compliance.

Customer Content retention and deletion are governed by customer configuration and the applicable contract.

9. Security

We maintain technical and organizational measures designed to protect personal data, including access controls, least-privilege policies, encryption in transit (TLS), security monitoring, logging, incident response processes, and secure development practices. While no system can be guaranteed to be completely secure, we continuously improve our security controls and respond to emerging threats.

10. Cookies and similar technologies

Our websites may use cookies and similar technologies for essential functions, analytics, and (where permitted) marketing. You can manage cookie preferences through our cookie banner/settings and through your browser.

11. Your rights

Depending on your location and applicable law, you may have rights to:

  • access your personal data,

  • correct inaccurate data,

  • delete data (where applicable),

  • restrict or object to processing,

  • receive a copy of your data (data portability),

  • withdraw consent (where consent is the basis),

  • lodge a complaint with a supervisory authority.

To exercise these rights, contact us at privacy@mtdcloud.eu. We may need to verify your identity.

If we process your data as a processor on behalf of a customer, please contact the customer directly. We will assist our customers in responding to requests as required.

12. Marketing preferences

If you receive marketing communications from us, you can opt out at any time using the unsubscribe link or by contacting us. Even if you opt out of marketing, we may still send important service-related messages (such as security notices, invoices, or operational updates).

13. Children

Our Services are not intended for children under 16 (or the age defined by applicable local law). We do not knowingly collect personal data from children.

14. Changes to this policy

We may update this Privacy Policy periodically. The “Last updated” date at the top will reflect the latest version. If changes are material, we will provide notice via our website or other appropriate channels.

Stay Ahead of the Cloud Managed Services Curve

Join our newsletter for exclusive insights and updates on the latest Cloud and AI trends.