Not Cloud Storage
How It Works Privacy Commitment Use Cases Devices & Pricing FAQ
Sign In Get Started Free
Last Updated: May 2026

Privacy Policy

We believe privacy is a fundamental right. This policy explains exactly what data we collect, how we use it, and the measures we take to keep it safe.

1. Introduction

Not Cloud Storage ("we", "our", "us") provides a service that transfers your selected digital files from cloud storage providers or local devices onto certified physical hardware, which is then shipped to your chosen address. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and all related services (collectively, the "Service").

We are committed to protecting your privacy and handling your data in an open and transparent manner. We never sell, rent, or share your personal information with third parties for their own marketing purposes. Our business model is straightforward: you pay us for a service, and we perform that service with the utmost respect for your data.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Registration: When you create an account, we collect your email address and a password (hashed). If you choose to sign up without a cloud account, this email serves as your unique identifier.
  • Order & Delivery Information: To fulfill your order, we collect your full name, shipping address, phone number (optional), and payment details. Payment card numbers are processed exclusively by our PCI‑compliant payment processor and are never stored on our servers.
  • File Selection Data: You tell us exactly which files (or file references) you want transferred. We record these selections solely to execute your order.
  • Communications: If you contact our support team, we retain the content of your messages to resolve your inquiries and improve our service.

2.2 Information from Cloud Service Integrations

You may optionally link your cloud storage account (Google Drive, Microsoft OneDrive, Dropbox). When you do, we use industry‑standard OAuth to request limited, scoped access.

  • Google Drive: We request the https://www.googleapis.com/auth/drive.file scope. This grants us access only to files that you explicitly authorize our app to use, such as those you select for transfer. We cannot access, list, or download any other files in your Drive. Additionally, we request basic profile information (your name) and your email address so we can identify your account and communicate with you.
  • Microsoft OneDrive & Dropbox: Similar limited, per‑file scopes are used, granting temporary access solely to files you have chosen.

We never receive your cloud storage password. OAuth provides us with a revocable access token that is securely stored and used exclusively for the purpose of performing your requested transfer. You may revoke this access at any time through your cloud provider’s security settings.

2.3 Automatically Collected Information

Like most websites, we collect standard technical data automatically when you visit our site. This includes your IP address, browser type, operating system, referring URLs, and pages visited. We use this information for security monitoring, to analyze trends, and to improve the overall experience. None of this data is tied to your personal identity in our analytics.

3. How We Use Your Information

We use the information we collect exclusively to:

  • Provide the Service: Authenticate your account, display your file lists, download selected files, write them to hardware, generate shipping labels, and deliver your order.
  • Communicate with You: Send order confirmations, status updates, delivery notifications, and respond to support inquiries.
  • Improve Our Platform: Analyze anonymized, aggregate usage patterns to identify bugs, enhance performance, and develop new features.
  • Ensure Security & Compliance: Monitor for fraudulent activity, enforce our Terms of Service, and comply with legal obligations.

We do not use your files, file metadata, or personal information for advertising purposes. Our only revenue comes from the service fees you pay.

4. How We Share Your Information

We do not sell, rent, or trade your personal data. We only share information in the limited circumstances described below:

  • Service Providers: We engage trusted third parties who help us operate our business. This includes cloud infrastructure providers (where we temporarily store files during processing), payment processors, and shipping couriers. These partners are contractually bound to use your data only as necessary to provide the contracted service and to maintain the same level of privacy protection that we do.
  • Legal Obligations: We may disclose information if required by law, court order, or governmental regulation. We will notify you of such requests unless prohibited by law.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.
  • With Your Consent: We may share information for any other purpose with your explicit consent.

Specifically, your file content is never shared with shipping carriers. They only receive the delivery address and package weight necessary for logistics.

5. Data Security

We implement industry‑standard technical and organizational measures to protect your information:

  • Encryption: All data in transit is protected with TLS 1.2 or higher. Files are stored using industry‑standard encryption and security controls.
  • Access Control: Our operations team follows the principle of least privilege. Access to customer file data is logged, auditable, and strictly limited to the duration required to fulfill your order.
  • Infrastructure: Our cloud infrastructure is hosted with providers who maintain SOC 2, ISO 27001, and other relevant certifications.
  • Security Practices: We employ monitoring, access controls, and security practices designed to protect customer data.

While we strive to protect your data, no method of transmission or storage is 100% secure. In the unlikely event of a data breach, we will promptly notify affected users and relevant authorities in accordance with applicable law.

6. Data Retention and Deletion

We retain information only for as long as needed to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

  • File Content: Your selected files are temporarily stored on our secure servers solely during the processing of your order. Upon order completion, we are committed to permanently deleting the transferred file data from our active systems. Residual copies that may exist in automated backups are overwritten and destroyed according to standard deletion cycles.
  • Order Metadata: Details such as order number, device type, delivery address, and timestamped activity logs are kept for customer support and warranty purposes. This metadata does not include the actual content of your files.
  • Account Information: Your account remains active until you request deletion. You may delete your account at any time by contacting support. Upon deletion, all associated personal data will be removed within 30 days, except for information we are legally required to retain.
  • Cloud Access Tokens: OAuth credentials and access tokens are securely stored only for as long as necessary to complete authorized transfers or until access is revoked by the user. Once the associated order is fulfilled (or after a reasonable period of inactivity), the tokens are deactivated and removed.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access & Portability: You can request a copy of the personal data we hold about you in a structured, machine‑readable format.
  • Rectification: You may correct any inaccurate or incomplete personal data.
  • Erasure: You may request the deletion of your personal data, subject to legal retention requirements.
  • Restrict Processing: You may ask us to limit how we process your data in certain circumstances.
  • Objection: You may object to processing based on legitimate interests.
  • Revoke Cloud Access: You can disconnect your cloud account at any time from your cloud provider’s settings. This immediately stops our ability to access new files, though it does not affect orders already in progress.

To exercise any of these rights, please contact us at privacy@notcloudstorage.com. We will respond within the timeframes required by applicable law. You also have the right to lodge a complaint with your local data protection authority.

8. Google OAuth & Limited Use Disclosure

Our Service integrates with Google Drive using the Google API Services. In compliance with the Google API Services User Data Policy, we provide the following disclosures:

  • Limited Use: Not Cloud Storage’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
  • Permissions Requested: We request limited Google account permissions including basic profile information (your name), your email address, and access only to files that you explicitly select for use with our application (via the drive.file scope). We do not request access to your email, calendar, contacts, or any other Google service.
  • Purpose: We use Google user data solely to list files you have authorized and to download only the files you explicitly select for transfer. We do not read, scan, or access any file content unless you specifically select that file as part of your order.
  • No Advertising: Google user data is not used for advertising purposes. We do not build advertising profiles, retarget audiences, or allow any third‑party advertiser to use your data.
  • Human Review: Customer file content is not routinely reviewed by employees and is only accessed when operationally necessary to fulfill or troubleshoot a requested service (for example, to resolve a download error). Such access is logged and auditable.
  • Data Storage & Deletion: All Google Drive data (file lists and file content) is stored temporarily on secure servers during order processing and is deleted after your order is completed, as described in Section 6.
  • Scope of Access: Our app’s OAuth consent screen lists the exact permissions we request. You can review them at the time of connection.
  • Revocation: You can disconnect Not Cloud Storage from your Google Account at any time via Google’s permissions page.

For full details, please review the Google API Services User Data Policy.

9. Third-Party Links

Our website may contain links to third‑party websites (for example, cloud provider login pages). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any information.

10. Children’s Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of material changes by email (to the address associated with your account) or by a prominent notice on our website prior to the change becoming effective. The “Last Updated” date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to our dedicated privacy team:

Email: info@notcloudstorage.co.ke
Postal Address: Nairobi,Off Uhuru Highway Luther Plaza, Kenya Call: +254 708 888 042

We aim to acknowledge and resolve all privacy‑related inquiries within 48 hours.