Information Security Policy

Effective Date: 15-June-2025
 Website: https://cloudplayy.com

At CloudPlayy, we are committed to ensuring the confidentiality, integrity, and availability of all data entrusted to us by our users. As a cloud gaming platform, we prioritize user privacy, data minimization, secure payment practices, and the ephemeral nature of our infrastructure.

Cloudplayy website is owned by ANAGH INFOTECH (UTTAR PRADESH).

This document outlines our security posture, data handling practices, and payment workflows to ensure transparency and meet the compliance requirements of our payment partners and stakeholders.

1. Personal Data Collection & Usage

We collect only the essential user information required for account creation, identification, and communication:

    • Full Name
    • Age
    • Email Address
    • Mobile Number
    • City
    • Country

We also collect technical information automatically via cookies and web beacons – IP Address, Browser type and version, Device identifiers, Pages visited and time spent, Session identifiers and login metadata. If you are logged in, your session activity may be associated with your user ID to better understand preferences and provide personalized support.

    Usage Guidelines

        • We do not collect or store sensitive financial information (e.g., card numbers, CVV, UPI IDs, bank account numbers).
        • Collected personal data is used strictly for platform-related communication, order tracking, customer support, and transaction records.
        • We do not use this data for marketing, profiling, or data-sharing with any third-party not directly involved in service delivery.

     All data is processed in accordance with applicable privacy regulations.Your information is collected and used strictly for:

        • Providing and personalizing our gaming service
        • Account creation, billing, and wallet transactions
        • Customer communication (e.g., order confirmation, technical support)
        • Sending newsletters, service updates, or promotional messages (opt-out available)
        • Fraud prevention, identity verification, and account validation
        • System diagnostics, analytics, and improving user experience

           

2. Payment Processing

We utilize secure third-party payment gateways (e.g., Razorpay, Paytm, Stripe, etc.) to handle all monetary transactions.

Payment Flow

    • When a customer initiates a payment, they are securely redirected to the payment gateway’s platform.
    • Payment details such as card number, CVV, UPI ID, or net banking credentials are entered directly on the payment gateway’s page, not on CloudPlayy.
    • We do not process, store, or have access to customers’ payment credentials at any time.

       

Post-Payment Data

The payment gateway shares only transactional metadata with us, such as:

      • Payment Status (Success/Failure)
      • Transaction Reference ID
      • Timestamp
      • Payment Method (e.g., card, UPI, net banking)

This ensures that CloudPlayy falls outside the scope of PCI DSS (Payment Card Industry Data Security Standard) since we do not handle or store cardholder data.

3. CloudPlayy Wallet (Closed Wallet System)

CloudPlayy offers a closed wallet to enhance user experience for microtransactions and prepayments.

Wallet Policy

    • The CloudPlayy Wallet can be funded via authorized payment gateways.
    • Funds stored in the wallet are non-transferable, non-withdrawable, and can be used only for services provided on cloudplayy.com, as per RBI’s definition of a closed wallet.
    • Wallet balances are tied to user accounts and are not treated as currency beyond the scope of the CloudPlayy platform.
    • We maintain accurate wallet transaction logs and apply appropriate safeguards against misuse.

       

4. Gaming Session Infrastructure

We operate with a stateless and ephemeral infrastructure model to guarantee user data confidentiality. This stateless model ensures privacy and security by design.

Instance Lifecycle

    • Cloud Gaming PCs (Virtual Machines) are provisioned dynamically only for the duration of a game session.
    • Once a session ends, the instance is completely terminated. This ensures:
      • All session data (downloads, logs, credentials, cache, screenshots, etc.) is permanently deleted
      • No data is written to persistent storage.
    • Each instance is dedicated to a single user session and isolated from others using virtualization.

       

5. Technical & Organizational Security Measures

5.1 Data Transmission & Storage

    • All communications between users and our platform are encrypted via TLS 1.2+.
    • Any sensitive customer data stored (e.g., email, phone) is encrypted at rest using AES-256.
    • User credentials are hashed using bcrypt with appropriate salting.

5.2 Access Controls

Access to systems and databases is restricted to authorized personnel only using:

      • Multi-factor authentication (MFA)
      • Role-Based Access Control (RBAC)
      • IP Whitelisting for sensitive systems

5.3 Monitoring & Logging

    • All infrastructure and application events are logged and monitored.
    • Intrusion detection and anomaly detection systems help identify suspicious behavior.
    • Audit trails are maintained for wallet and order transactions.

       

6. Cookies & Web Tracking

We use cookies to:

    • Maintain login sessions
    • Store user preferences
    • Track activity across the website for analytics and service improvements

You may reject cookies via your browser settings, though some features of CloudPlayy may not function optimally without them.

7. Compliance and Best Practices

CloudPlayy adheres to the following standards and frameworks:

    • Data Minimization and Privacy by Design principles
    • Data Privacy regulations aligned internal practices
    • PCI DSS Compliance Scope Avoidance through tokenized payments and gateway redirection
    • Periodic vulnerability scanning and patch management
    • Regular staff training on cybersecurity and customer data handling

       

8. Incident Management & Disclosure of Information

In the event of a data breach or security incident:

    • We will notify affected users within 72 hours of discovery.
    • We will take immediate corrective measures and conduct a full investigation.
    • Reports will be made to appropriate authorities where applicable.

We do not sell or rent your personal data to third parties. However, we may disclose information under the following conditions:

a) Legal Compliance
 To comply with legal obligations or respond to valid government requests, law enforcement, or regulatory authorities for identity verification, crime prevention, or compliance with court orders.

b) Internal Use

Data may be shared internally within CloudPlayy (ANAGH INFOTECH) for support, operations, or analysis, under strict confidentiality agreements.

c) Business Transfers
 If CloudPlayy is merged, acquired, or reorganized, user data may be transferred to the acquiring entity, subject to equivalent data protection obligations.

 

9. User Responsibilities

To further protect your account and data, users are advised to:

    • Use strong, unique passwords.
    • Never share login credentials.
    • Log out of sessions after use, especially on shared devices.
    • Immediately report suspicious activity to our support team.

       

10. Modifications to This Policy

This policy is effective from 15th June 2024. We reserve the right to modify this policy at any time. Any changes will be effective immediately upon being posted on this page. Your continued use of the site after such modifications constitutes acceptance of the updated policy.

We encourage users to review this policy periodically or whenever logging in.

11. Contact Information

For questions, security concerns, or vulnerability disclosures, please reach out to us:

📧 support@cloudplayy.com
 📍 https://cloudplayy.com/contact-us/

CloudPlayy is committed to delivering a secure, privacy-respecting gaming experience for all our users. We continuously review and enhance our policies and infrastructure to stay ahead of emerging threats and evolving compliance standards.

__________________________________________________________________________

Authorized by:

Nitin Saraswat

Founder, CloudPlayy (Anagh Infotech)

Date: 15-June-2025

Place: Agra, Uttar Pradesh

Cloudplayy offers high-end Cloud Gaming PC with ultra-low latency. Use any device you own – PC, Laptop, Tablet, Phone, Smart TV to play your own Game Library on Steam, Xbox or Epic. Transparent pricing without any pre-commitment.

Cloudplayy platform offers Cloud Gaming PC only. We are not a gaming content provider/seller, so customers can play the game they already own on the respective third-party digital platform. These are popular AAA games of skill not amounting to betting, gambling and wagering. Check our Terms & Conditions thoroughly for more details.

This website is owned and managed by ANAGH INFOTECH, 130, Sarlabagh, Dayalbagh, Agra, Uttar Pradesh, India. Pincode – 282005. (GSTIN: 09BPHPS5258B1ZO). Email Contact: support@cloudplayy.com, Phone Contact: +91-7017150824. The service provided is classifiable under the HSN 998315 – Hosting and information technology (IT) infrastructure provisioning services.

FAQs

Contact Us

Cancellation/ Refunds Policy

Pricing

Terms & Conditions

Privacy Policy

Information Security Policy

Scroll to Top