Privacy Policy

This Privacy Policy describes how PyRun collects, uses, and shares information about you when you use our PyRun platform.

Last Updated: [April 01, 2025]

1. Introduction

Welcome to PyRun! This Privacy Policy explains how PyRun ("PyRun", "we", "us", or "our") collects, uses, discloses, and protects information about individuals ("Personal Data") who use our website (https://pyrun.cloud), the PyRun application (https://app.pyrun.cloud), and associated services, features, software, and documentation (collectively, the "Service").

We are committed to protecting your privacy. Please read this policy carefully to understand our practices regarding your Personal Data. By accessing or using the Service, you acknowledge you have read and understood this Privacy Policy.

Our Terms of Service govern your use of the Service and should be read in conjunction with this Privacy Policy.

2. Data Controller

For the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws, the data controller is:
PyRun
Email: pyruncloud@gmail.com

3. Information We Collect

We collect Personal Data in the following ways:

3.1. Information You Provide Directly:

  • Account Registration: When you create a PyRun account, we collect information such as your username, email address, and password.
  • Communications: If you contact us directly (e.g., for support, feedback, inquiries), we may collect your name, email address, phone number (optional), the contents of your message, and any other information you choose to provide.
  • Payment Information (Future): If we introduce paid features, we may collect payment and billing information through a secure third-party payment processor. PyRun itself will not typically store your full credit card details.

3.2. Information Collected Automatically:

  • Usage Data: When you access or use the Service, we automatically collect certain information about your device and interaction with our Service. This may include your IP address, device type, operating system, browser type, unique device identifiers, pages visited, time spent on pages, interaction patterns (clicks, scrolls), crash data, performance metrics, and referring website addresses.
  • Cookies and Similar Technologies: We use cookies (small text files placed on your device) and similar tracking technologies (like web beacons, pixels) to operate and personalize the Service, analyze usage, track user activity, and for potential marketing purposes. Please see Section 8 ("Cookies and Tracking Technologies") for more details.

3.3. Cloud Provider Metadata:

  • When you connect your Cloud Provider Account (e.g., AWS) to PyRun, we collect necessary configuration metadata required to orchestrate resources. This typically includes your Cloud Provider account identifier (e.g., AWS Account ID), the configured region, and the ARN (Amazon Resource Name) of the IAM role created during the setup process via CloudFormation. This metadata is used solely to manage resources on your behalf as part of the Service functionality. We do not store or have access to your Cloud Provider secret keys.

3.4. User Content (Code and Data):

  • You upload or create code, scripts, configurations (like `environment.yml`), and potentially data within your PyRun Workspace ("User Content"). We process this User Content solely to execute your jobs as instructed by you through the Service. This processing is typically ephemeral – the User Content resides temporarily on the infrastructure (managed by PyRun or within your Cloud Provider Account) required for execution and display in the monitoring interface. We do not access the substance of your User Content unless strictly necessary for providing support requested by you, troubleshooting technical issues, or if required by law, and always with appropriate safeguards. You are the controller of any Personal Data contained within your User Content.

4. How We Use Your Personal Data

We use the Personal Data we collect for the following purposes:

  • To Provide and Maintain the Service: Operate the PyRun platform, authenticate users, manage Workspaces, execute jobs, provide monitoring, and process Cloud Provider interactions.
  • To Improve and Personalize the Service: Understand usage patterns, analyze performance, troubleshoot issues, develop new features, and enhance user experience.
  • To Communicate With You: Respond to inquiries, provide support, send administrative messages (e.g., account updates, security alerts, policy changes), and provide information about the Service.
  • For Security and Fraud Prevention: Monitor for suspicious activity, prevent abuse, protect the integrity of the Service, and enforce our Terms of Service.
  • For Legal Compliance: Comply with applicable laws, regulations, legal processes, or governmental requests.
  • For Marketing (with Consent): Send promotional communications about PyRun features, updates, or offers, but only where we have your explicit consent to do so. You can opt-out at any time.
  • To Process Transactions (Future): Facilitate billing and payment for subscription services, if applicable.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), Switzerland, or the UK, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it:

  • Performance of a Contract: We process Personal Data necessary to provide the Service you requested, such as your account information and User Content processing, based on our contract with you (our Terms of Service).
  • Legitimate Interests: We process some Personal Data based on our legitimate interests, provided these interests are not overridden by your data protection interests or fundamental rights and freedoms. This includes using Usage Data for service improvement, security monitoring, fraud prevention, and certain non-intrusive communications. We conduct balancing tests for processing based on legitimate interests.
  • Consent: We will obtain your consent before collecting Personal Data for certain purposes, such as sending marketing emails or using non-essential cookies. You can withdraw your consent at any time.
  • Legal Obligation: We may process Personal Data where necessary to comply with a legal obligation, such as responding to lawful requests from authorities.

6. How We Share Your Information

We do not sell your Personal Data. We may share your information in the following limited circumstances:

  • Service Providers: We share information with trusted third-party companies and individuals who perform services on our behalf (data processors), such as cloud hosting providers (e.g., AWS for PyRun's own infrastructure), analytics providers, customer support tool providers, email delivery services, and potentially payment processors. These providers are contractually obligated to protect your data and only use it to perform the services we've requested.
  • Legal Requirements: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: If PyRun is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, or sale of all or a portion of our assets, your Personal Data may be transferred as part of that transaction, subject to standard confidentiality arrangements. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your Personal Data.
  • With Your Consent: We may share your information with third parties when we have your explicit consent to do so.
  • Cloud Provider Interaction: As described, the Service interacts with your connected Cloud Provider Account using the granted permissions. This involves sending instructions and receiving status/monitoring data via the Cloud Provider's APIs but does not involve sharing your Personal Data from PyRun with the Cloud Provider, beyond the metadata necessary for orchestration.
  • Aggregated or De-identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for purposes such as statistical analysis, research, or reporting.

7. User Content Processing

When you use PyRun to process your User Content (code, data), you are the Data Controller for any Personal Data contained within that User Content, and PyRun acts as the Data Processor on your behalf. You are responsible for ensuring that your processing of Personal Data within User Content complies with applicable data protection laws. Our processing of such data is governed by these Terms and potentially a separate Data Processing Addendum (DPA) if required by law and requested by you. We implement technical and organizational measures to protect User Content during processing but rely on you to manage the security and legality of the data you choose to process using PyRun.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect Usage Data, operate the Service, remember your preferences, and analyze performance. The types of cookies we may use include:

  • Essential Cookies: Necessary for the Service to function properly (e.g., authentication, security). These cannot be disabled.
  • Performance and Analytics Cookies: Help us understand how users interact with the Service, identify errors, and improve performance (e.g., Google Analytics).
  • Functionality Cookies: Remember your preferences and choices (e.g., username, language, region) to provide a more personalized experience.

You can manage your cookie preferences through your browser settings and potentially through a cookie consent tool provided on our website. Blocking some types of cookies may impact your experience of the site and the services we are able to offer.

9. Data Security

We implement appropriate technical and organizational security measures designed to protect your Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include encryption, access controls, and regular security reviews. However, no internet transmission or electronic storage method is 100% secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security. You are also responsible for maintaining the confidentiality of your account credentials.

10. Data Retention

We retain Personal Data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

  • The duration of your active account and use of the Service.
  • The need to comply with legal obligations (e.g., tax, accounting, legal holds).
  • The need to resolve disputes or enforce our agreements.
  • The necessity for security, fraud prevention, and service improvement purposes.

Usage Data is typically retained for shorter periods for analysis. User Content processed ephemerally for job execution is not retained by PyRun beyond the scope of the job and monitoring display, unless required for troubleshooting with your consent or by law. You can delete your account, which will trigger the deletion of associated Personal Data according to our policies, subject to legal retention requirements.

11. International Data Transfers

PyRun may process and store information in various locations worldwide, potentially including countries outside of your country of residence, such as the United States, where our service providers may be located. These countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective).

If we transfer Personal Data subject to GDPR outside the EEA, Switzerland, or the UK, we will ensure appropriate safeguards are in place, such as relying on an adequacy decision from the European Commission, or implementing Standard Contractual Clauses (SCCs) approved by the European Commission, or other valid transfer mechanisms.

12. Your Data Protection Rights (GDPR & Others)

Depending on your location and applicable law, you may have the following rights regarding your Personal Data:

  • Right of Access: Request access to the Personal Data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete Personal Data.
  • Right to Erasure ('Right to be Forgotten'): Request deletion of your Personal Data under certain conditions.
  • Right to Restriction of Processing: Request restriction of the processing of your Personal Data under certain conditions.
  • Right to Data Portability: Request transfer of your Personal Data to another controller in a structured, commonly used, and machine-readable format, where processing is based on consent or contract and carried out by automated means.
  • Right to Object: Object to the processing of your Personal Data based on our legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If processing is based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right Not to Be Subject to Automated Decision-Making: The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (PyRun does not currently engage in such activities impacting users in this way).

To exercise any of these rights, please contact us at pyruncloud@gmail.com. We may need to verify your identity before responding to your request. We will respond to your request within the timeframes required by applicable law (typically within one month under GDPR).

13. Children's Privacy

The Service is not directed to individuals under the age of 16 (or a higher age threshold if required by applicable law in your jurisdiction). We do not knowingly collect Personal Data from children under 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us. If we become aware that we have collected Personal Data from a child under 16 without verification of parental consent, we will take steps to delete that information.

14. Links to Other Websites

Our Service may contain links to other websites or services not operated or controlled by PyRun. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party service before providing any information to them.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post any changes on this page and update the "Last Updated" date at the top. If we make material changes, we will provide more prominent notice (such as by adding a statement to our homepage or sending you an email notification). We encourage you to review this Privacy Policy periodically.

16. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our data practices, please contact us:
PyRun
Email: pyruncloud@gmail.com

17. Right to Lodge a Complaint

If you are located in the EEA, Switzerland, or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your Personal Data violates applicable data protection law. The relevant supervisory authority in Spain is the Agencia Española de Protección de Datos (AEPD) (www.aepd.es). We encourage you to contact us first so we can address your concerns directly.