Clouds and Light
Privacy Policy
Clouds and Light Limited is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our interactive AWS training platform.
Clouds and Light Limited is the data controller responsible for your personal data. We are a Limited Company registered in the United Kingdom and are registered with the UK Information Commissioner's Office (ICO).
We are committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We collect and process the following types of personal data when you use our Service:
- Name: Your full name and preferred name
- Email Addresses: Your primary email address (which we verify) and an alternate contact email address if provided
- Password: Your encrypted account password
- AWS Account ID: Your AWS account identifier
- Cross-Account Role ID: The unique identifier for the read-only IAM role you create for our service to access your AWS environment
- AWS Region: The AWS region where you host your services
- AWS Resource Data: Read-only metadata from AWS services you configure in your environment, including resource configurations, metadata tags, and service details
Important: Our service uses a cross-account read-only role to access your AWS environment. We have no ability to make changes to your AWS environment. We can only read resource details for the purpose of providing course feedback and progress tracking. Access logs for our service's access to your AWS environment are generated and stored in your own AWS account.
- Courses viewed and taken
- Course progress and completion status
- Test results and feedback scores
- Website interaction metrics and usage patterns
- Content you create, upload, or manage (training courses, images, metadata)
- IP Addresses: Your internet protocol address for security and system administration
- Cookies: Essential session cookies required for website functionality (see Section 8)
- Log Data: Browser type, access times, pages viewed, and other diagnostic data
We use your personal data for the following purposes:
- Creating and managing your user account
- Authenticating your identity when you log in
- Verifying your email address
- Providing secure access to the platform
- Managing content you upload or create
- Providing course feedback based on your AWS environment configuration
- Tracking your course progress and test results
- Customizing website appearance and functionality based on your preferences
- Analyzing your AWS resources to provide accurate training feedback
- Sending course updates and notifications (only if you have subscribed to receive them)
- Responding to your support requests and inquiries
- Sending important service announcements or security updates
- Analyzing usage patterns to improve our services
- Identifying and fixing technical issues
- Developing new features and functionality
- Ensuring platform security and preventing abuse
- Complying with legal requirements and regulations
- Enforcing our Terms and Conditions
- Protecting our rights and the rights of our users
Under UK GDPR, we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide the Service you have registered for
- Consent: Where you have given explicit consent (e.g., subscribing to email notifications)
- Legitimate Interests: For platform improvements, security, and analytics, where it does not override your rights
- Legal Obligation: Where required by law
We use Amazon Web Services (AWS) infrastructure to host and operate our platform. Your data is stored on AWS servers located in the United Kingdom. AWS provides the underlying infrastructure but does not access or process your personal data except as necessary to provide cloud hosting services.
When you grant us access to your AWS account via a read-only cross-account role, we access your AWS environment solely to provide course feedback and progress tracking. This access is logged in your own AWS account.
Our services are provided through the domains cloudsandlight.com and lightand.cloud and their associated AWS infrastructure services. Cookies set by our service are limited to these domains.
We do not currently use third-party analytics services (such as Google Analytics). We do not set third-party cookies beyond those set by our own domains (cloudsandlight.com and lightand.cloud) and AWS infrastructure services.
We do not currently process payments and have not enabled any payment processors. If payment processing is added in the future, this Privacy Policy will be updated accordingly.
We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).
All personal data is stored on AWS servers located in the United Kingdom. Your data does not leave the UK unless you explicitly request data export.
We currently retain your personal data indefinitely while your account remains active. This allows us to maintain your course progress, uploaded content, and account settings for as long as you use the Service.
You may request deletion of your data at any time by contacting us (see Section 10). Upon deletion request, we will permanently delete your personal data, though we may retain certain information where required by law or for legitimate business purposes (e.g., preventing fraud or abuse).
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of passwords and sensitive data
- Secure HTTPS connections for all data transmission
- Access controls and authentication mechanisms
- Regular security assessments and monitoring
- AWS infrastructure security features and compliance certifications
However, as this is a test site, we cannot guarantee absolute security. Please refer to our Terms and Conditions for important disclaimers regarding the test nature of this platform.
Your personal data is stored and processed within the United Kingdom and is not transferred outside the UK. If we need to transfer data internationally in the future, we will implement appropriate safeguards and update this Privacy Policy accordingly.
We use cookies to provide essential functionality on our website. Cookies are small text files stored on your device that help us recognize you and maintain your session.
We only use essential session cookies that are strictly necessary for the website to function. These cookies:
- Maintain your logged-in session
- Remember your preferences during your visit
- Ensure security and prevent fraud
We do not use analytics cookies, advertising cookies, or any other non-essential tracking technologies. The cookies we set are limited to our domains: cloudsandlight.com and lightand.cloud.
Because we only use essential cookies required for the website to function, disabling cookies may prevent you from using certain features of the Service, including logging in and accessing your account.
Under UK data protection law, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you.
You have the right to request that we correct any inaccurate or incomplete personal data.
You have the right to request that we delete your personal data in certain circumstances.
You have the right to request that we export your personal data in a structured, commonly used, and machine-readable format.
You have the right to request that we restrict the processing of your personal data in certain circumstances.
You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis.
Where we process your data based on consent (e.g., marketing emails), you have the right to withdraw your consent at any time.
To exercise any of your rights under UK GDPR, please contact us at:
Important: You must email us from the email address you registered with to verify your identity.
We will respond to your request within one month. In some cases, we may need to verify your identity before processing your request.
If you are not satisfied with how we handle your data or respond to your requests, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
ICO Website: https://ico.org.uk/
ICO Helpline: 0303 123 1113
Our Service is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at support@cloudsandlight.com so we can delete the information.
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:
- Updating the "Last Updated" date at the top of this page
- Posting a notice on our website
- Sending an email notification (if you have subscribed to notifications)
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:
Clouds and Light Limited
United Kingdom
ICO Registration: ZB995225
Email: support@cloudsandlight.com
By using the Clouds and Light Service, you acknowledge that you have read, understood, and agree to the collection, use, and disclosure of your personal data as described in this Privacy Policy.