Privacy Policy

Last updated: September 30, 2025

Heads-up: This notice explains what we collect and why—briefly and in plain language. It’s general information, not legal advice.

1. Who we are

Appasaurus (“we,” “us,” “our”) provides cloud and AI consulting services and related websites.

Contact: sales@appasaurus.com

2. Scope

This policy covers data collected via our marketing website (served from Amazon S3 + CloudFront) and our contact form (API Gateway → Lambda → Amazon SES). We do not sell personal information.

3. What we collect

  • Contact form: name, work email, and your message (so we can respond).
  • Service logs: standard web logs/metadata (e.g., IP address, user agent, pages requested) from our hosting/CDN and API for security and debugging.
  • Cookies/analytics: We currently do not use analytics or ad trackers. If that changes, we’ll update this page and request consent where required.

4. How we use information

  • Respond to your inquiry and provide requested services
  • Secure and operate our site and API (fraud/abuse prevention, debugging)
  • Improve service quality and plan capacity
  • Meet legal, regulatory, or compliance obligations

5. Legal bases (EU/UK)

  • Consent (when you submit the form)
  • Legitimate interests (site security, fraud prevention, service improvement)
  • Contract (pre-contract inquiries or agreed work)

6. Sharing & transfers

We use trusted processors to host and route data:

  • Amazon Web Services (AWS): S3/CloudFront for website hosting and delivery; API Gateway + Lambda to receive your form; Amazon SES to send the email to us.

We do not sell your personal information. Because CDNs and cloud services operate globally, data may be transferred internationally under appropriate safeguards.

7. Retention

  • Contact emails: kept as business records for as long as needed to respond and as required by law/audit.
  • Logs: retained for a limited period for security and troubleshooting, then deleted or anonymized.

8. Security

We apply industry practices to protect data, including encryption in transit, access controls, and least-privilege access on our cloud services. No method is 100% secure, but we work to prevent unauthorized access and promptly investigate incidents.

9. Your rights

Your privacy rights depend on your location. Examples include:

  • EU/UK (GDPR): rights to access, rectification, erasure, restriction, portability, and objection.
  • California (CPRA/CCPA): rights to know, access, delete, correct, limit certain uses, opt-out of sale/sharing, and non-discrimination for exercising rights.

To make a request, email sales@appasaurus.com. We’ll verify your identity and respond as required by law.

10. Children’s privacy

Our services are for business users and not directed to children under 16. We do not knowingly collect children’s personal information.

11. Do Not Track

Browsers may send a “Do Not Track” (DNT) signal. There’s no common industry response standard and some browsers have deprecated DNT; if relevant standards emerge (e.g., Global Privacy Control), we’ll review and update this policy.

12. Changes to this policy

We may update this notice to reflect operational or legal changes. We’ll revise the “Last updated” date above and, if material, provide a prominent notice.

13. Contact

Questions or requests: sales@appasaurus.com