Privacy Policy

Last updated: 1 May 2026

Introduction

This Privacy Policy describes how WAYSCloud AS (“WAYSCloud”, “we”, “us”) processes personal data in connection with our services, websites, and platforms.

WAYSCloud is the brand name of WAYSCloud AS, a company established in Norway.

WAYSCloud AS operates under applicable European data protection laws, including the General Data Protection Regulation (GDPR).

Depending on the context, WAYSCloud acts either as a data controller or a data processor. When customers use our services to store or process data, the customer acts as the data controller, and WAYSCloud acts as a data processor on behalf of the customer.

What data we collect

WAYSCloud processes different categories of personal data depending on how our services are used.

Account and customer data

When you create an account or use our services, we may collect personal data such as name, email address, organization details, billing information, account identifiers, and related customer information.

This data is used to provide access to our services, manage customer relationships, handle support requests, and process billing.

Customer service data

When customers use WAYSCloud services to store, process, or transmit data, WAYSCloud processes such data on behalf of the customer.

This may include data stored or processed through applications, databases, storage services, email services, virtual machines, infrastructure services, and other platform services.

In these cases, the customer acts as the data controller, and WAYSCloud acts as the data processor.

WAYSCloud does not use customer service data for its own purposes and processes it only in accordance with the customer’s instructions and applicable agreements.

Technical and operational data

To operate, secure, and maintain our services, WAYSCloud collects technical and operational data such as IP addresses, system logs, access logs, service usage metrics, error data, performance data, and security-related events.

This data is used for security monitoring, troubleshooting, capacity planning, abuse prevention, performance optimization, billing calculations, and maintaining service reliability.

Retention of such data varies depending on its purpose, but is limited to what is necessary for operational, contractual, legal, and security needs.

Website usage data

When visiting our websites, WAYSCloud may collect limited usage data such as pages visited, browser type, device information, referring sources, and similar technical information.

This data is used for website analytics, performance monitoring, and improving user experience.

WAYSCloud uses privacy-focused, self-hosted analytics solutions operated within its own infrastructure. No third-party tracking or advertising analytics platforms (such as Google Analytics) are used.

How we use data

WAYSCloud processes personal data for the following purposes:

• To provide and operate our services
• To manage customer accounts and relationships
• To process billing and financial transactions
• To monitor, secure, and protect our services against misuse or unauthorized access
• To measure service usage and ensure reliable operation, including capacity planning and performance optimization
• To improve and develop our services
• To respond to customer inquiries and provide support
• To send service-related communications

Where users have explicitly opted in, WAYSCloud may also use contact information to send newsletters or product updates. Such communications are optional and can be disabled at any time through account settings or by using the unsubscribe option included in each message.

WAYSCloud does not use personal data for advertising purposes or third-party profiling.

Where required under applicable law, processing is based on one or more of the following legal grounds:

• Performance of a contract
• Compliance with legal obligations
• Legitimate interests, including ensuring service security, reliability, abuse prevention, and improvement
• Consent, where applicable

Data sharing and third parties

WAYSCloud does not sell, rent, or share personal data with third parties for advertising or profiling purposes.

We may share limited personal data with trusted third-party providers where necessary to deliver our services. This includes payment processing providers and accounting services.

Where users have explicitly opted in, WAYSCloud may also share limited contact information with external platforms for the purpose of collecting customer feedback or reviews. In such cases, data is shared only to facilitate the review request, and the external platform processes the data in accordance with its own privacy policy.

Users may choose whether or not to participate in such requests.

Data location and international transfers

WAYSCloud operates its core infrastructure within the European Economic Area (EEA).

Customer data related to accounts, customer management systems, support systems, billing systems, customer databases, and similar services is processed and stored within the Nordic region.

Other platform services, including compute, storage, virtual machines, object storage, and infrastructure services, are operated within the EEA.

Certain supporting services may involve globally distributed infrastructure for availability and performance purposes, for example DNS resolution. Such services are designed to route requests efficiently and do not involve persistent storage of customer data outside the EEA.

WAYSCloud uses selected third-party providers to support specific functionality, such as payment processing and accounting services. These providers process data in accordance with applicable data protection laws and relevant safeguards.

For certain optional services, such as image or video generation, user-provided input prompts may be transmitted to external providers located outside the EEA. Such services are clearly identified and require explicit user consent prior to use.

Such transfers are limited to the input necessary to perform the requested function. Generated content is processed and stored within WAYSCloud-controlled infrastructure.

Text-based processing, including language model (LLM) functionality and core platform services, is performed within WAYSCloud-controlled infrastructure in the EEA.

Where personal data is transferred outside the EEA, WAYSCloud ensures that appropriate safeguards are in place in accordance with applicable data protection laws.

Data retention

WAYSCloud retains personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including legal, contractual, operational, and security requirements.

This includes:

• Billing and financial data, retained in accordance with applicable accounting laws
• Customer account data, retained for the duration of the customer relationship and for a limited period thereafter
• Technical and operational data, including logs and metrics, retained for limited periods necessary for security, reliability, billing accuracy, and performance
• Support and communication data, associated with the customer account and accessible to the user during the customer relationship

Following termination of an account, support and communication data may be retained for up to 24 months in order to maintain service history, handle disputes, and ensure continuity.

Where appropriate, data may be deleted or anonymized when it is no longer required.

Security

WAYSCloud implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

These measures include:

• Access controls to ensure that only authorized personnel can access personal data
• Authentication and identity management mechanisms to protect user accounts
• Encryption of data in transit using industry-standard protocols
• Network and infrastructure security measures designed to protect services from external threats
• Isolation of customer environments and services
• Monitoring, logging, and detection mechanisms to identify, prevent, and respond to security incidents

WAYSCloud is designed to minimize unnecessary data exposure and maintain customer control over data.

WAYSCloud continuously reviews and improves its security practices.

User rights

Under applicable data protection laws, including the GDPR, users have the following rights:

• The right to access personal data
• The right to request correction
• The right to request deletion, where applicable
• The right to restrict or object to processing
• The right to data portability, where applicable
• The right to withdraw consent at any time

Some information may also be accessed, updated, or deleted directly through user account settings.

Requests related to privacy and data protection can be submitted to:

Users also have the right to lodge a complaint with a supervisory authority in their country of residence or place of work.

Supervisory authorities

The supervisory authority for WAYSCloud AS in Norway is Datatilsynet.

If you reside in another EEA country, you may contact your national data protection authority. A current list of all EEA supervisory authorities is maintained by the European Data Protection Board:

• edpb.europa.eu — Members of the EDPB

Changes to this Privacy Policy

WAYSCloud may update this Privacy Policy from time to time.

The latest version will always be available on our website.

Contact