Privacy Policy
Last updated: July 3, 2026
1. Controller
Daniel Hoss
Bauernfeldstrasse 6
76532 Baden-Baden
Germany
Email: support@prorendercloud.com
2. General Information on Data Processing
We process personal data only to the extent necessary to operate ProRender Cloud and fulfill contractual and legal obligations. The type, scope, and purpose of processing depend on the features used, such as account access, project upload, cloud rendering, payments, support, add-on access and security controls.
3. Categories of Data and Purposes
- Account data: email address, password hash, verification status, role and account status fields.
- Render and usage data: project filename, render status, selected options, frame ranges, runtime and billing metadata, progress and error information.
- Upload/download data: user-uploaded project files, linked assets where included, generated render output files and temporary download metadata.
- Payment data: payment-provider transaction references, payment amounts, wallet top-up records and accounting metadata; we do not store full card data.
- Add-on and API access data: add-on connection state, hashed access tokens or API keys, device/session metadata and last-used timestamps.
- Communication data: verification emails, password reset emails, support requests and related replies.
- Security and server logs: IP address, timestamp, requested URL, HTTP status, user agent and abuse-prevention metadata.
- Optional analytics/page views: aggregated page view and request information for product improvement, troubleshooting and abuse prevention.
4. Legal Bases (Art. 6 GDPR)
- Art. 6(1)(b) GDPR: performance of a contract (account services, project processing, rendering, billing workflow).
- Art. 6(1)(c) GDPR: compliance with legal obligations (e.g., retention duties under tax/commercial law).
- Art. 6(1)(f) GDPR: legitimate interests (IT security, abuse prevention, reliability, troubleshooting).
- Art. 6(1)(a) GDPR: consent where explicitly required.
5. Processors and Recipients
We use specialized providers and processors for technical operation. Recipients may include:
- Hosting and database providers: operation of the web application and data storage.
- Cloud storage providers: temporary storage of source files, assets and render outputs.
- Render infrastructure providers: GPU-based rendering of submitted projects.
- Payment providers: checkout, payment confirmations and payment-related accounting.
- Email and support providers: transactional emails, verification, reset messages and support communication.
- Logging and security providers: operational reliability, abuse prevention and incident analysis, where used.
Where required, processing agreements or equivalent safeguards are put in place with service providers.
6. International Transfers
Some providers may process data outside the EU/EEA (including the United States). In such cases, we rely on appropriate safeguards, such as standard contractual clauses and additional protective measures where required.
7. Retention
We store data only as long as needed for the relevant purposes:
- Account data: until account deletion, unless legal retention duties apply.
- Billing/payment records: according to statutory retention periods (typically up to 10 years).
- Render/upload data: only as operationally necessary for rendering, download availability, support and abuse prevention; no indefinite retention without purpose.
- Logs: only as long as needed for operations, security, and troubleshooting.
8. Cookies and Sessions
We use technically necessary cookies or comparable local session mechanisms for login, language selection, CSRF protection and secure operation. These are necessary to provide the requested service. Optional cookies or tracking technologies are used only where a valid legal basis exists.
9. Security Measures
We implement appropriate technical and organizational safeguards, including HTTPS transport encryption, password hashing, access controls, least-privilege access and monitoring for operational and security integrity.
10. Data Subject Rights
You may have the right of access, rectification, erasure, restriction, data portability, and objection. Any consent can be withdrawn with effect for the future.
11. Right to Lodge a Complaint
You have the right to lodge a complaint with a competent data protection supervisory authority.
12. Privacy Contact
For privacy-related questions, contact: support@prorendercloud.com