Hoskes Cloud
All legal documents

Privacy Policy

How Hoskes Cloud handles personal data.

Last updated: 2026-06-11Version: 1.0

HOSKES DESENVOLVIMENTO DE SISTEMAS LTDA · CNPJ 53.371.345/0001-18 · São Paulo, SP, Brazil

1. Data controller

Controller: HOSKES DESENVOLVIMENTO DE SISTEMAS LTDA, CNPJ 53.371.345/0001-18, São Paulo, SP, Brazil.

Data protection contact: privacy@hoskes.cloud

This Policy describes how we process personal data when you use Hoskes Cloud at https://hoskes.cloud.

2. Data we collect

  • Account: email, username, name, avatar, password hash (if applicable)
  • OAuth: Google/GitHub identifiers and tokens required for authentication and repository access
  • Billing: Stripe customer and subscription identifiers, payment status (we do not store full card numbers)
  • Projects: repository URLs, branches, subdomains, environment variables, build and runtime logs
  • Databases (paid plans): database configuration and encrypted credentials
  • API keys: MCP and API tokens you create
  • Collaboration: project membership, invitations, permission settings
  • Technical: IP address, browser type, cookies, server logs

3. Purposes and legal bases

We process data to provide and improve the Service, authenticate users, deploy and operate your projects, process payments, prevent abuse, and comply with law.

Legal bases under LGPD include contract performance, legitimate interest (security, fraud prevention), consent (where required), and legal obligation.

4. Sharing and subprocessors

We share data only as needed to operate the Service, with subprocessors bound by confidentiality and data protection obligations:

  • Google — OAuth authentication
  • GitHub — OAuth and repository access
  • Stripe — payment processing
  • Oracle Cloud Infrastructure — application and database hosting
  • Hostinger — DNS management

5. International transfers

Your data may be processed on servers outside Brazil. When we transfer data internationally, we apply appropriate safeguards consistent with LGPD requirements.

6. Retention

We retain personal data while your account is active and as needed for legal, security, and billing purposes. Project data may be deleted after account termination following a reasonable grace period.

You may request deletion by contacting privacy@hoskes.cloud.

7. Your rights (LGPD)

Under LGPD, you may request:

  • Confirmation of processing and access to your data
  • Correction of incomplete or inaccurate data
  • Anonymization, blocking, or deletion of unnecessary or unlawfully processed data
  • Portability to another provider, where applicable
  • Information about sharing and refusal of consent, where consent is the basis
  • Revocation of consent

8. Security

We use encryption for sensitive credentials, access controls, and industry practices to protect data. No method is 100% secure; report concerns to security@hoskes.cloud.

9. Cookies

We use essential cookies for authentication and locale preference. See our Cookie Policy.

10. Children

The Service is not directed to children under 18. We do not knowingly collect data from minors.

11. Changes

We may update this Policy. The "Last updated" date reflects the current version. Material changes will be posted on this page.

12. Contact and ANPD

Privacy: privacy@hoskes.cloud

You may also lodge a complaint with the Autoridade Nacional de Proteção de Dados (ANPD), Brazil's data protection authority.

This document is provided for transparency. It does not constitute legal advice. For formal questions, contact our legal team.