Privacy Policy

Last updated: April 1, 2026

Introduction

CDNsync, Inc. ("we," "us," "our," or "Company") operates as a multi-cloud CDN synchronization platform. We are committed to protecting your privacy and ensuring transparent practices regarding the collection, use, and management of your personal data. This Privacy Policy explains how we collect, use, disclose, and otherwise process information when you access or use our website, platform, and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By accessing or using CDNsync, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with our practices, please do not use our Service.

Information We Collect

We collect information about you in various ways:

Account and Registration Information

When you create a CDNsync account, we collect information such as your name, email address, phone number, company affiliation, billing address, and payment method details. This information is necessary to establish and maintain your account and to provide you with access to the Service.

Usage and Behavioral Data

We automatically collect information about how you interact with our Service, including the features you use, the frequency and duration of your sessions, IP address, browser type, operating system, referring URLs, pages visited, and actions performed. This data helps us understand user behavior, improve our platform, and troubleshoot technical issues.

CDN Configuration and Metadata

To provide the core synchronization functionality, we process information about your CDN configurations, including distribution names, origins, cache behaviors, geographic regions, and content routing rules. We do not store unencrypted credentials for connected CDN providers; however, we maintain encrypted tokens necessary to execute synchronization operations on your behalf.

Cookie and Tracking Data

We use cookies, web beacons, and similar tracking technologies to enhance user experience, remember preferences, and analyze Service usage. This includes both essential cookies (required for platform functionality) and analytics cookies (to measure engagement and optimize performance). You can control cookie preferences through your browser settings, though disabling essential cookies may impact functionality.

Communication Data

When you contact our support team, submit feedback, or communicate with us via email, chat, or other channels, we collect and retain the content of those communications, your contact information, and any attachments for the purpose of responding to your inquiries and improving our support services.

Third-Party Integration Data

If you connect external services (such as Slack, GitHub, or monitoring platforms) to your CDNsync account, we collect and process the authentication tokens and configuration data necessary to establish these integrations.

How We Use Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve the CDNsync platform and deliver the features and functionality you expect.
  • Account Management: To create and manage your account, process payments, handle billing, and manage subscription changes.
  • Communication: To send transactional emails (confirmations, notifications, alerts), security updates, and customer support responses.
  • Analytics and Optimization: To analyze usage patterns, measure platform performance, and identify areas for enhancement.
  • Security and Compliance: To detect and prevent fraudulent activity, enforce our Terms of Service, comply with legal obligations, and protect the rights and safety of our users and company.
  • Marketing (with consent): To send promotional materials, product announcements, and feature updates. We only send marketing communications to users who have opted in.
  • Legal Obligations: To comply with applicable laws, regulations, court orders, and other legal processes.

Sharing and Disclosure

CDNsync does not sell your personal data to third parties. However, we may share information in the following circumstances:

CDN Provider Integration

To synchronize your configurations across multiple CDN providers (Cloudflare, AWS CloudFront, Azure CDN, etc.), we share CDN configuration data and encrypted credentials with these providers as necessary to perform the core function of our Service. These providers are contractually bound to use this data only for service execution.

Service Providers

We engage third-party vendors for essential business functions including hosting, payment processing, analytics, email delivery, and customer support. These vendors have contractual obligations to protect your data and use it solely to provide services on our behalf.

Legal Requirements

We may disclose information if required by law, court order, subpoena, government request, or other legal process, or when necessary to protect the rights, property, and safety of CDNsync, our users, and the public.

Business Transactions

In the event of merger, acquisition, bankruptcy, asset sale, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

Aggregated and De-identified Data

We may share aggregated, anonymized data that cannot reasonably identify you with business partners, researchers, and other third parties for benchmarking, industry analysis, and research purposes.

Data Retention

We retain personal data for as long as necessary to provide our Service and fulfill the purposes described in this Privacy Policy. Typically:

  • Account information is retained while your account is active and for a reasonable period thereafter to comply with legal obligations.
  • Usage and behavioral data are generally retained for up to 24 months for analytics purposes.
  • CDN configuration data is retained as long as you maintain an active account and stored configurations.
  • Communication records are retained for 2 years unless required longer by applicable law.
  • Payment information is retained in accordance with payment processor requirements and tax regulations.

You may request deletion of your data subject to legal retention requirements and the need to maintain historical records for billing and audit purposes.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

GDPR Rights (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request correction of inaccurate or incomplete data.
  • Right to Erasure: You may request deletion of your data, subject to certain exceptions.
  • Right to Restrict Processing: You may request limitation of how we process your data.
  • Right to Data Portability: You may request your data in a portable, machine-readable format.
  • Right to Object: You may object to certain processing activities, including marketing communications.
  • Right to Withdraw Consent: You may withdraw consent you have previously given.

CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt out of the sale or sharing of your personal information. You also have the right to non-discrimination for exercising your privacy rights.

Other Jurisdictions

Users in other jurisdictions may have similar privacy rights under applicable local laws. Please contact us if you have questions about your rights in your location.

Exercising Your Rights

To exercise any of the above rights, please submit a written request to privacy@cdnsync.date. We will respond to your request within 30 days (or as required by applicable law) and may require verification of your identity. Some requests may be subject to legal exceptions or limitations.

International Data Transfers

CDNsync is an EU-based company with operations in Germany. As such, we are subject to the European General Data Protection Regulation (GDPR) and German data protection laws. Personal data is primarily processed and stored within the European Economic Area (EEA).

When your data is transferred outside the EEA to non-EEA jurisdictions (such as for cloud hosting, analytics processing, or service delivery), we ensure such transfers comply with GDPR requirements through appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission. These contractual mechanisms ensure that your data receives equivalent protection regardless of transfer location.

By using CDNsync, you consent to the transfer of your information to countries outside the EEA in accordance with this Privacy Policy and applicable data protection laws.

Security

We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • End-to-end encryption for sensitive data in transit and at rest.
  • Encrypted storage of CDN provider credentials using industry-standard encryption algorithms.
  • Regular security audits and penetration testing.
  • Strict access controls and role-based permissions for employees and service providers.
  • Comprehensive employee training on data protection and privacy practices.
  • Incident response procedures to address potential data breaches.

While we strive to maintain the highest security standards, no system is completely secure. If we discover a data breach involving your personal information, we will notify you as required by applicable law and provide guidance on steps you can take to protect yourself.

Children's Privacy

CDNsync is not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without appropriate parental consent, we will take steps to delete such information and terminate the child's account. If you believe we have collected information from a child, please contact us immediately at privacy@cdnsync.date.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated Privacy Policy on our website and updating the "Last updated" date at the top of this document. In some cases, we may provide additional notice (such as via email) for significant changes. Your continued use of CDNsync following the posting of revised Privacy Policy terms means you accept and agree to the changes.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Data Protection Officer:

Email: privacy@cdnsync.date
Mail: CDNsync, Inc., Data Protection Office, Berlin, Germany
Web Form: Visit /contact/ to submit a privacy inquiry

We are committed to resolving any privacy concerns you may have and will respond to your inquiry within 30 days. If you are located in the EU and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.