SeraVault CloudSync logo

Legal

Privacy Policy

Effective date: June 7, 2026

1. Who we are

SeraVault CloudSync ("CloudSync", "we", "us") is a desktop application for Linux developed by SeraVault. You can reach us at cloudsync@seravault.com.

2. What data we collect

2.1 Data stored only on your machine

The following information never leaves your computer and is never transmitted to SeraVault:

  • Cloud account credentials — OAuth tokens for Google Drive, Dropbox, OneDrive, Amazon S3, Backblaze B2, and Cloudflare R2 are stored in your local configuration directory (~/.config/cloudsync/) with file permissions set to owner-read-only (600). We never see, store, or transmit these credentials.
  • Sync configuration — folder paths, sync intervals, and conflict resolution settings are stored locally in the same configuration directory.
  • Your files — CloudSync transfers files directly between your local filesystem and your cloud storage provider. SeraVault never has access to the contents of your files.

2.2 Data transmitted to SeraVault

The only data transmitted to SeraVault servers is:

  • Email address — when you sign in to activate a subscription, your email address is sent to our subscription validation service to verify your purchase status. This is the only personal data we receive.
  • Subscription status — our server returns whether your subscription is active and when it renews. No other data is exchanged.

2.3 Data collected by third parties

  • Stripe — subscription payments are processed by Stripe. When you purchase a subscription, Stripe collects your payment information in accordance with Stripe's Privacy Policy. SeraVault never receives or stores your payment card details.
  • Cloud storage providers — your chosen cloud provider (Google, Dropbox, Microsoft, Amazon, Backblaze, Cloudflare) processes your files according to their own privacy policies.

3. How we use your data

Your email address is used solely to verify that you have an active subscription. We do not use it for marketing, share it with third parties, or store it beyond what is necessary to provide the subscription service.

4. Data retention

Your email address and subscription status are cached locally on your machine and re-validated with our servers at most once per week. You can remove this data at any time by signing out in Preferences → Subscription → Sign Out, or by deleting ~/.config/cloudsync/license.json.

5. Google API services

CloudSync's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only request access to the Google Drive files you explicitly choose to sync.
  • Google Drive data is used only to perform the sync operations you configure — it is not used for any other purpose.
  • We do not share Google Drive data with any third parties.
  • We do not use Google Drive data for advertising.
  • Google OAuth tokens are stored locally on your machine and are never transmitted to SeraVault servers.

6. Security

All credential files are stored with owner-read-only permissions (chmod 600). Communication with our subscription validation service uses HTTPS. We do not store your cloud provider credentials on any SeraVault server.

7. Children's privacy

CloudSync is not directed at children under the age of 13. We do not knowingly collect personal information from children.

8. Changes to this policy

We may update this policy from time to time. Changes will be posted at this URL with an updated effective date. Continued use of the app after changes constitutes acceptance of the revised policy.

9. Contact

Questions about this policy? Email us at cloudsync@seravault.com.