GDPRコンプライアンス
最終更新日: April 4, 2026
This page is specifically for users in the European Union and European Economic Area (EU/EEA). The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) gives you enhanced rights over your personal data. UK users are also covered by the UK GDPR (as retained in UK law by the European Union (Withdrawal) Act 2018).
1. Data Controller
For GDPR purposes, CloudPrice is the data controller for personal data collected through this website. You can contact us via the Contact page for any data-related requests. We aim to respond to all data subject requests within 30 days as required by Article 12 GDPR.
2. Legal Basis for Processing
We process personal data only when we have a lawful basis to do so under Article 6 GDPR:
- Consent (Art. 6(1)(a)) — Price alert subscriptions: you explicitly opt in by providing your email.
- Consent (Art. 6(1)(a)) — Google Analytics: usage tracking cookies require your prior consent. We do not load analytics until consent is given.
- Consent (Art. 6(1)(a)) — Google AdSense: advertising cookies require consent for personalized ads in the EU/EEA.
- Legitimate interests (Art. 6(1)(f)) — Security and abuse prevention: IP addresses are processed transiently for rate limiting and fraud protection.
- Contract performance (Art. 6(1)(b)) — Responding to contact, feedback, and feature request submissions you initiate.
3. Personal Data We Collect
| Data | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Email (price alerts) | Send price drop notifications | Consent | Until deletion requested |
| Name + Email (contact forms) | Respond to enquiries | Contract / Legitimate interest | 12 months from receipt |
| IP address | Rate limiting / security (transient, not logged) | Legitimate interest | In-memory only, cleared automatically |
| Usage / analytics data | Aggregate site analytics | Consent | 26 months (Google Analytics default) |
| Cookie / ad data | Ad personalization | Consent | Per Google policy |
4. Your GDPR Rights
As an EU/EEA or UK resident you have the following rights under GDPR Articles 15–22:
- Right of access (Art. 15) — Request a copy of the personal data we hold about you.
- Right to rectification (Art. 16) — Request correction of inaccurate data.
- Right to erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten").
- Right to restrict processing (Art. 18) — Request that we limit how we use your data.
- Right to data portability (Art. 20) — Receive your data in a structured, machine-readable format.
- Right to object (Art. 21) — Object to processing based on legitimate interests.
- Right to withdraw consent (Art. 7(3)) — Withdraw consent at any time without affecting prior processing.
- Right to lodge a complaint (Art. 77) — File a complaint with your national data protection authority.
To exercise any of these rights, contact us via the Contact page. We will respond within 30 days (extendable to 3 months for complex requests with notice).
5. Cookies & Consent
Under GDPR and the ePrivacy Directive ("Cookie Law"), non-essential cookies require your prior, freely given, specific, informed, and unambiguous consent in the EU/EEA. This includes:
- Google AdSense cookies — used for ad personalization.
- Google Analytics cookies — used for usage tracking.
These third-party scripts are not loaded until you have given consent. You can manage or withdraw your cookie preferences at any time through your browser settings. Withdrawing consent does not affect the lawfulness of processing before withdrawal.
6. International Data Transfers
CloudPrice uses Google services (AdSense, Analytics) which may transfer data outside the EU/EEA, including to the United States. Google LLC participates in the EU-U.S. Data Privacy Framework (adequacy decision of July 10, 2023) and uses Standard Contractual Clauses (SCCs) as a supplementary safeguard. For more information, see Google's Privacy Policy.
7. Data Security
We implement appropriate technical and organizational measures (TOMs) to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Price alert emails are stored in an encrypted MySQL database with access controls. Connections are secured over TLS. We apply the principle of data minimization and only collect what is strictly necessary.
8. Children's Data
CloudPrice is not directed at minors. Under GDPR Article 8, processing of a child's personal data based on consent is lawful only if the child is at least 16 years old (or the minimum age set by the relevant EU member state, which may be as low as 13). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without verified parental consent, we will delete it promptly.
9. Supervisory Authorities
If you believe we have not handled your data lawfully, you have the right to lodge a complaint with your local supervisory authority without prejudice to any other legal remedy:
- EU/EEA: A list of national supervisory authorities is available at edpb.europa.eu.
- UK: The Information Commissioner's Office (ICO) — ico.org.uk
10. Contact
For GDPR or UK GDPR enquiries, use our Contact page. We aim to acknowledge your request within 5 business days and provide a full response within 30 days.