Privacy Policy
Effective Date: January 24, 2026
Topology Cloud ("we," "our," or "us") operates the topology.cloud platform, including the web application at app.topology.cloud and related services. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our services.
1. Information We Collect
1.1 Information You Provide
- Account Information: Name, email address, and password when you create an account.
- Profile Information: Optional profile details such as company name, job title, and phone number.
- Payment Information: Billing address, payment method details (processed securely by Stripe; we do not store full card numbers).
- User Content: Property data, room layouts, component configurations, maintenance logs, notes, and any other content you create within the platform.
- Communications: Information you provide when contacting support, submitting feedback, or corresponding with us.
1.2 Information Collected Automatically
- Usage Data: Pages viewed, features used, actions taken, time spent, and interaction patterns within the application.
- Device Information: Browser type and version, operating system, device type, screen resolution, and language preferences.
- Log Data: IP address, access times, referring URLs, and error logs.
- Cookies and Similar Technologies: Session cookies for authentication, preference cookies for settings, and analytics cookies (see Section 6).
1.3 Information from Third Parties
- Authentication Providers: If you sign in via Google, we receive your name, email, and profile picture from Google.
- Payment Processor: Stripe provides us with transaction status, subscription state, and partial payment details (last four digits of card, expiration date).
2. How We Use Your Information
We use your information for the following purposes:
- Provide and maintain the Service: Operate the platform, process your requests, and deliver features you use.
- Account management: Create and manage your account, authenticate your identity, and manage your subscription.
- Billing and payments: Process payments, send invoices, and manage subscription status.
- Communication: Send service-related notifications, security alerts, support responses, and (with your consent) marketing communications.
- Improvement: Analyze usage patterns to improve the platform, develop new features, and fix issues.
- Security: Detect, prevent, and address fraud, abuse, and security issues.
- Legal compliance: Comply with legal obligations, resolve disputes, and enforce our agreements.
3. How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
- Service Providers: We share information with third-party providers who perform services on our behalf, including:
- Google Cloud Platform (hosting and infrastructure)
- Stripe (payment processing)
- SendGrid (transactional emails)
- Collaboration: When you share properties or maps with other users, those users can view the content you have shared with them.
- Team Members: If you are part of a team, other team members with appropriate permissions may access shared team resources.
- Legal Requirements: We may disclose information if required by law, legal process, or government request, or to protect the rights, safety, or property of Topology Cloud, our users, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Data Storage and Security
4.1 Storage
Your data is stored on Google Cloud Platform infrastructure located in the United States (us-central1 region). Data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2+.
4.2 Security Measures
- Encryption at rest and in transit
- Secure authentication with JWT tokens
- Role-based access controls
- Regular security reviews
- Automated vulnerability scanning
- Secure secret management via Google Cloud Secret Manager
4.3 Data Breach Notification
In the event of a data breach that affects your personal information, we will notify you and any applicable regulatory authorities within 72 hours of becoming aware of the breach, as required by applicable law.
5. Data Retention
- Account data: Retained for as long as your account is active, plus 30 days after deletion to allow for recovery.
- User content: Retained for as long as your account is active. Deleted within 30 days of account deletion.
- Billing records: Retained for 7 years for tax and legal compliance purposes.
- Usage logs: Retained for 90 days for operational purposes.
- Support communications: Retained for 2 years after resolution.
6. Cookies and Tracking
We use the following types of cookies:
| Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, session management | Session / 24 hours |
| Functional | User preferences, language, theme settings | 1 year |
| Analytics | Usage patterns, feature adoption, error tracking | 1 year |
You can control cookies through your browser settings. Disabling essential cookies may prevent you from using the Service.
7. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information.
- Deletion: Request deletion of your personal information (subject to legal retention requirements).
- Portability: Request your data in a structured, machine-readable format.
- Objection: Object to processing of your data for certain purposes.
- Restriction: Request restriction of processing in certain circumstances.
- Withdraw consent: Withdraw consent for optional processing at any time.
To exercise any of these rights, contact us at privacy@topology.cloud. We will respond within 30 days.
8. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Opt out of the sale of personal information (we do not sell personal information).
- Non-discrimination for exercising your privacy rights.
9. International Data Transfers
If you access the Service from outside the United States, your information will be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses where required.
10. Children's Privacy
The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn that we have collected information from a child under 16, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@topology.cloud.
11. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice within the application or sending an email to your registered address. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.
13. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, contact us at:
- Email: privacy@topology.cloud
- Website: https://topology.cloud