SRI-Cloud Privacy Policy
Overview
This Privacy Policy describes how Shadow-Realm Industries ("SRI") handles information associated with SRI-Cloud, SRI’s managed private cloud and synchronization environment.
Client-specific scope, pricing, retention, support terms, and service levels remain governed by the signed agreement, statement of work, or approved add-on for the applicable service.
Information We May Collect
Account Data
Usernames, display names, email addresses, access roles, and authentication-related records needed to provision and manage SRI-Cloud access.
Service Data
Files, folders, metadata, sync states, timestamps, storage use, and administrative logs necessary to operate the managed cloud environment.
Support Data
Help requests, troubleshooting notes, device configuration details, and communications required to resolve service issues.
Security Data
Login history, failed access attempts, audit activity, and technical indicators used to detect misuse, maintain service stability, and enforce access controls.
How We Use Information
- To deploy, host, synchronize, and administer SRI-Cloud.
- To authenticate users and assign or limit access permissions.
- To provide support, maintenance, migrations, and troubleshooting.
- To monitor service health, storage consumption, and operational integrity.
- To maintain reasonable security measures and investigate suspected misuse or service-impacting events.
- To perform backup administration where backup services are included in the applicable client agreement.
Retention, Termination, and Data Return
Client data is retained for the active service term and for any additional period described in the signed agreement. Unless otherwise stated in writing, client data may remain available for 30 calendar days after service termination to allow retrieval or migration.
After the applicable retention window, SRI may permanently delete stored client data and retained service copies in accordance with safe data handling practices and internal retention procedures. It is the client’s responsibility to retrieve needed data before the deletion date.
If a client requests a physical export or transferred copy of data, the request should be made at least 7 calendar days before the scheduled deletion date. Transfer labor, export services, and media costs may apply. The client may provide compatible storage media in advance, or SRI may supply media and add the cost to the final invoice.
Backups, Recovery Limits, and Client Responsibility
Where SRI-Cloud is provided as part of a managed agreement or a Data Backup Service Add-On, SRI will administer backup procedures according to that agreement. Unless a signed agreement states otherwise, backup, synchronization, and restoration are not guaranteed.
Data loss can still occur because of deletion by authorized users, overwrite events, sync conflicts, corruption, malware, software failure, hardware failure, service interruption, or events outside SRI’s reasonable control, including force majeure / acts of God.
- SRI will use commercially reasonable efforts to protect data and assist with recovery where technically possible.
- Clients remain responsible for verifying that business-critical files exist, are accessible, and remain in the expected locations.
- Clients should maintain any additional internal records or duplicate archives they deem necessary for especially sensitive or mission-critical data.
Security Measures
SRI applies reasonable administrative and technical safeguards appropriate to the service model in use, which may include account controls, access restrictions, audit logging, endpoint configuration, and managed synchronization settings. No system can guarantee absolute security.
Contact and Document Priority
Questions about this policy or requests related to SRI-Cloud administration should be directed to SRI through the contact methods provided in the client’s service materials or signed agreement.
If there is any conflict between this policy and a signed agreement, the signed agreement controls.