RateLimitShieldEnterprise Docker Proxy

Privacy Policy

Last updated: January 15, 2025

1. Information We Collect

Account Information

When you create an account, we collect your email address, name, and company information. This information is used to provide and improve our services.

Usage Data

We collect information about how you use our service, including:

  • Docker image pull requests and metadata
  • API usage patterns and frequency
  • Performance metrics and error logs
  • IP addresses and user agent information

Payment Information

Payment processing is handled by Stripe. We do not store credit card information on our servers.

2. How We Use Your Information

We use your information to:

  • Provide and maintain our Docker Hub proxy service
  • Process payments and manage your account
  • Monitor service performance and troubleshoot issues
  • Communicate with you about service updates and support
  • Improve our services and develop new features
  • Comply with legal obligations and protect against fraud

3. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties, except:

  • With your explicit consent
  • To trusted service providers who assist in operating our service
  • When required by law or to protect our rights and safety
  • In connection with a business transfer or acquisition

4. Data Security

We implement enterprise-grade security measures to protect your data, including:

  • End-to-end encryption of data in transit and at rest (AES-256)
  • Regular security audits and penetration testing by third-party experts
  • Multi-factor authentication and role-based access controls
  • Secure by design architecture with industry-standard practices
  • Secure data centers with 24/7 monitoring and physical security
  • Zero-trust network architecture with continuous monitoring
  • Automated vulnerability scanning and patch management

5. Data Retention and Deletion

We retain your personal information only as long as necessary to provide our services and fulfill legal obligations:

  • Account data: Duration of subscription plus 90 days for billing and support
  • Usage logs: 12 months for performance optimization and security analysis
  • Payment records: 7 years as required by financial regulations
  • Marketing communications: Until you opt out or request deletion
  • We provide secure data deletion upon account closure or upon request

6. Your Rights

Subject to applicable law and verification of your identity, you have the right to:

  • Access and update your personal information
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Request information about data processing

We may charge reasonable fees for excessive or repetitive requests and may deny requests that are technically infeasible or would compromise the security of our systems.

7. GDPR & CCPA Compliance

We are committed to compliance with international privacy regulations:

  • Legal basis for processing: Contract performance and legitimate interests
  • Data subject rights: Access, rectification, erasure, portability, and objection
  • Data Protection Officer: Available for privacy-related inquiries
  • Breach notification: We notify authorities and affected users within 72 hours
  • Privacy by design: Data protection built into all systems from the ground up

8. Cookies and Tracking

We use cookies and similar technologies to improve your experience:

  • Essential cookies: Required for basic functionality and security
  • Analytics cookies: Help us understand usage patterns (anonymized)
  • Preference cookies: Remember your settings and preferences
  • No third-party tracking: We don't use invasive tracking technologies
  • Cookie control: Manage preferences through your browser settings

9. International Transfers

Our company is based in Thailand, and your data may be processed in Thailand or other countries as necessary to provide our services. We ensure appropriate safeguards are in place to protect your information through Standard Contractual Clauses (SCCs) and adequacy decisions in accordance with applicable data protection laws.

10. Third-Party Services

We work with trusted third-party service providers who have signed data processing agreements:

  • Payment processing: Stripe (PCI DSS compliant)
  • Analytics: Privacy-focused analytics tools only
  • Infrastructure: Enterprise cloud providers with security compliance
  • Support: Customer service tools with data residency controls

11. Changes to This Policy

We may update this privacy policy at any time at our sole discretion. For material changes, we will provide at least 30 days notice by email or through our service. For minor changes, we may provide shorter notice or update immediately. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.

12. Disclaimers

While we implement reasonable security measures, no system is 100% secure. We cannot guarantee the absolute security of your data and disclaim liability for security breaches beyond our reasonable control. You use our service at your own risk.

13. Contact Us

If you have questions about this privacy policy, please contact us:

Email: privacy@ratelimitshield.io

Address: Bangkok, Thailand