Privacy policy

Last Updated: 04.01.2026

This Privacy Policy explains how personal data is processed in connection with Ocelot-Cloud services and websites.

1. Scope

This Privacy Policy applies to:

  • The Ocelot-Cloud website
  • The maintainer-hosted Ocelot App Store
  • The license verification service
  • Communications required for legal contact purposes

Use of self-hosted Ocelot-Cloud instances is outside the scope of this Privacy Policy and is governed by the operator of the respective instance.

2. General Principles

We do not intentionally collect, analyze, or track personal data beyond what is technically necessary to operate the services.

We do not use tracking, analytics, advertising technologies, or profiling. We do not sell personal data or use it for marketing or AI training purposes.

2.1 Software Telemetry

The Ocelot-Cloud software and App Store client software do not include analytics, tracking, telemetry, or profiling functionality.

No personal data is transmitted to the Maintainer as part of normal software operation, except where explicitly required for license verification or App Store account functionality.

3. Technical Logs

The website is delivered via standard web server infrastructure.

When accessing the Ocelot-Cloud website or other maintainer-hosted services (such as the App Store), technical data is processed automatically as part of normal server operation.

  • IP address
  • Date and time of access
  • Requested resources or actions
  • Technical request metadata

These logs are used solely for ensuring security, stability, and abuse prevention and are not used for analytics, profiling, or tracking.

Logs generated by self-hosted Ocelot-Cloud instances remain entirely under the control of the respective operator and are not accessible to the Maintainer.

The processing of this data is based on Art. 6(1)(f) GDPR (legitimate interest) to ensure security, stability, and abuse prevention of the website and services.

Where authentication is required (e.g. App Store services), internal user identifiers such as usernames and associated email addresses may also be processed as part of normal operation.

4. Cookies

Website

The website does not use cookies.

App Store and Ocelot-Cloud Interfaces

Session cookies may be used where technically necessary to provide authentication and session management for the App Store and Ocelot-Cloud user interfaces. These cookies are required for the operation of the services and are not used for tracking.

5. App Store Accounts

To use the App Store, an account is required.

The following data is processed:

  • Maintainer name (username)
  • Email address

This data is used solely for:

  • Account management
  • Abuse prevention
  • Authentication
  • Identification of content maintainers within the App Store

Usernames may be publicly visible within the App Store as part of app listings and maintainer attribution.

6. License Verification Service

For license verification, a license key is processed by a license server.

  • License keys are stored in hashed form.
  • No IP addresses, device identifiers, or user profiles are stored.
  • License verification is performed solely to confirm license validity and prevent misuse.

No personal data is intentionally processed by the license verification service.

7. Payments

We do not receive or store payment details. Paddle processes payment data independently and is responsible for invoicing, taxes, and statutory consumer rights.

For details, please refer to Paddle’s Privacy Policy at https://www.paddle.com/legal/privacy.

8. Self-Hosted Deployments and Third-Party Software

When you deploy Ocelot-Cloud on your own infrastructure, you are solely responsible for all personal data processed within your instance.

This includes:

  • User accounts
  • Application data
  • Logs
  • Third-party applications or containers installed through Ocelot-Cloud

The Maintainer does not have access to data processed in self-hosted deployments and does not act as a data controller for such data.

9. Data Sharing and Processors

Personal data may be processed by service providers acting as processors, including:

  • Hosting providers
  • Email providers used for legally required contact purposes
  • Paddle for payment processing

Data is not shared with third parties for advertising or marketing purposes.

10. Data Retention

Personal data is retained only as long as necessary for the purposes described in this Privacy Policy or as required by law.

Technical logs are retained for a limited period necessary for security, troubleshooting, and abuse prevention, and are regularly deleted or rotated.

11. Your Rights

Under applicable data protection laws, you may have rights including access, rectification, and deletion of personal data.

Where possible, these rights can be exercised through self-service features (such as account deletion). In cases where no personal data is stored or identifiable, such requests may not be applicable.

12. Contact

Contact details required by law are provided in the Imprint.

Contact information is provided for legal communication purposes only. Messages that are not legally required inquiries, including support or assistance requests, may not receive a response.