// Your code is your core asset. Our privacy protection is based on hardware-level commitments.
To provide you with compute leasing and related technical services, MACGPU (hereinafter referred to as "we" or "the Platform") will collect and process personal information under the principles of legality, fairness, necessity, and minimization. Your use of this service indicates that you have read and agreed to the collection scope and usage methods described in this policy.
1.1 Identity and Account Information Includes but is not limited to: email address provided during registration, account nickname or identifier, login credentials (stored encrypted), account creation time, and last login time. This information is used to create and manage your account, perform identity verification, send service and security-related notifications, and fulfill the service contract between the Platform and you.
1.2 Transaction and Payment Information Records of transactions processed through recognized third-party payment gateways, including order numbers, amounts, currencies, payment status, and timestamps. We do not collect, store, or process sensitive payment information such as your bank card number, CVV, or full cardholder name; such information is handled by the payment service providers according to their privacy policies. We reserve the right to review transaction metadata for dispute resolution, compliance auditing, and legal requirements.
1.3 Service and Technical Data Data necessary to ensure service availability, security, and performance, including: IP address, browser type and version, device identifiers, request timestamps, and response status when accessing the Platform website or API; metadata regarding the creation/destruction time, specifications, region, and running status of compute instances; log and traffic data used to identify and prevent DDoS attacks, brute force, abuse, and violations of service terms. We may use cookies, local storage, and similar technologies to maintain sessions, record preferences, and improve product experience; you may manage cookies through browser settings, though restricting certain cookies may affect some functionalities.
1.4 Information You Voluntarily Provide Content submitted by you through support tickets, emails, forms, or other channels. We use this only to address your issues and improve our services, and may retain it for a certain period according to internal retention policies.
We will not collect your personal information beyond the aforementioned scope without legal basis or your consent. We may use de-identified or aggregated data for statistical analysis, product optimization, and security research; such data does not identify specific individuals.
We employ a technical architecture combining zero-trust and physical-level isolation to maximize the protection of your data within compute instances from access by the Platform or unauthorized third parties.
2.1 Network and Logical Isolation Upon delivery of a compute instance, your operating system and workloads run in an independently configured Virtual Private Network (VPC) and isolated compute environment. Platform maintenance and management personnel do not have the permission or ability to directly view, read, copy, or clone data from your instance's disks, memory, or traffic through management backends, O&M tools, or other conventional means; we do not proactively backup, audit, or review business data, code, models, or logs within your instance.
2.2 Data Sovereignty Statement All data generated, stored, or processed within your instance (including but not limited to code, training data, models, keys, and logs) remains your sole property and under your control. We do not access, use, or disclose such data to third parties unless explicitly required by contract or law.
2.3 Exceptions In the following circumstances, we may take necessary measures according to law or contract, including but not limited to cooperating with authorized authorities to retrieve data, providing information based on effective legal documents or regulatory requirements, providing necessary technical support for fulfilling the service contract (within your explicit authorization), or responding to major security incidents to protect the Platform and other users. Such cases will strictly follow applicable laws and this policy.
2.4 Your Security Responsibilities While the isolation architecture aims to reduce Platform-side access to your data, it does not exempt you from responsibilities regarding your account credentials, instance configuration, network security, and compliant use. You must safeguard login info and API keys, and are responsible for access control, data encryption, and compliance obligations within your instance.
This clause constitutes the core of our privacy and data security commitment: at the end of a compute instance's lifecycle, we ensure the storage media carrying your data undergoes physical-level overwriting to make data unrecoverable and inaccessible.
3.1 Trigger Conditions The instance destruction and data erasure process will be triggered upon any of the following: (a) you manually click "Destroy" or equivalent; (b) the lease expires without renewal; (c) termination of service due to arrears, violation of terms, or legal requirements; (d) other circumstances where the Platform has the right to terminate service by contract or law. Specific processes and timing follow the service terms and console instructions.
3.2 Erasure Standards and Methods After instance destruction, the system performs multiple rounds of overwriting on associated SSDs and other persistent storage in compliance with industry security standards (including but not limited to DoD 5220.22-M or equivalent). Erasure is executed via hardware or firmware-level commands designed to make original data unrecoverable by software or conventional forensic means.
This process is irreversible. Once executed, any recovery attempt will fail. This ensures your code is never accessed again after leaving the MACGPU cluster.
3.3 Your Obligations and Risks You are responsible for backing up all necessary data, code, and configurations before destruction or lease expiry. Once erasure begins or completes, the Platform does not provide any form of data recovery services, and assumes no responsibility for data loss resulting from destruction, expiry, arrears, or your manual operations. You understand and accept that destruction is irreversible and the Platform has no obligation to retain any copies thereafter.
3.4 Legal Preservation If we receive legal documents from authorized authorities requiring data retrieval, freezing, or preservation before erasure, we will cooperate within the scope allowed by law and may suspend or adjust the erasure process to fulfill legal obligations; such cases do not constitute a commitment to data retention or access.
We are committed to processing your personal information within the business operating regions and applicable legal frameworks, and will only disclose it to third parties when explicitly required or permitted by law.
4.1 Disclosure Principles We do not sell, rent, or trade your personal information to any third parties without your consent or legal authorization. We do not provide your personal information to unrelated third parties for marketing purposes.
4.2 Legal Disclosure Under the following circumstances, we may disclose your information to authorized authorities, regulatory bodies, judicial organs, or other legal entities: (a) receipt of subpoenas, orders, rulings, or equivalent legal documents issued by courts, arbitration institutions, or government agencies with jurisdiction; (b) compliance with applicable laws, regulations, or industry regulatory requirements; (c) necessity to enforce this policy, service terms, or protect the legitimate rights and safety of the Platform, users, or the public. We will prudently evaluate the scope and target of disclosure within the legal framework and request recipients to maintain confidentiality or use information only for statutory purposes.
4.3 Operations and Governing Law Platform services and data processing activities involve jurisdictions such as Hong Kong and Singapore. We comply with privacy and data protection laws applicable in our operating regions (including but not limited to the Hong Kong PDPO and the Singapore PDPA). If you are located in another jurisdiction, you understand that your information may be transferred to and processed in the aforementioned regions under their local laws; your use of the service constitutes consent to such transfer and processing.
4.4 Data Retention To fulfill contracts, compliance, dispute resolution, or legal obligations, we may retain some account and transaction metadata for a certain period after account cancellation or service termination; specific retention periods are determined by applicable laws and internal policies. Business data within instances is excluded and will be handled according to the aforementioned erasure policy.
Except where explicitly prohibited by applicable law, the Platform and its affiliates, suppliers, directors, employees, and agents assume no liability for any direct, indirect, incidental, consequential, punitive, or special damages resulting from the following, whether based on contract, tort, strict liability, or other legal theories, and regardless of whether we have been advised of the possibility of such damages:
To the maximum extent permitted by law, the Platform's total liability regarding privacy and data protection matters shall not exceed the total fees paid by you to the Platform for relevant services in the past twelve (12) months, or the minimum liability limit prescribed by applicable law (whichever is higher). This clause remains effective after service termination.
6.1 Your Rights Within the scope allowed by applicable law, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, as well as the right to object to or withdraw consent. You may submit requests to us through the contact info at the end of this policy; we will respond within a reasonable period according to applicable law. Certain rights may be limited by law or require identity verification. If you are located in the EU/EEA or other jurisdictions with specific data subject rights, we will fulfill obligations according to those local laws.
6.2 Policy Amendments We may periodically amend this Privacy Policy to reflect business changes, legal updates, or practice improvements. The amended policy will be published on this page with the latest effective date. If amendments involve material changes to the collection, use, or disclosure of your personal information, we will notify you via site notifications, email, or other appropriate means as required by law, and obtain consent again where necessary. Continued use of the service after amendments take effect constitutes acceptance of the revised policy.
6.3 Applicability and Order of Precedence This policy, along with our Terms of Service, Acceptable Use Policy, and other published rules, constitutes the agreement between you and the Platform. In case of conflict regarding privacy and personal information processing, this policy prevails; other matters are governed by the Terms of Service. If any clause of this policy is deemed invalid or unenforceable, it shall not affect the validity of remaining clauses.
If you have any questions, complaints, or requests regarding this Privacy Policy or our handling of your personal information, please contact us through the official channels provided on our website (e.g., support email, ticket system). We will designate personnel to handle privacy matters and respond within the timeframe required by applicable law.
This Privacy Policy is written in Chinese; if other language versions exist, the Chinese version shall prevail.