Dagu Cloud
Login Sign up

Privacy Policy

Last updated: March 23, 2026

This Privacy Policy explains how Dagu and hosted Dagu Cloud instances collect, use, protect, and limit access to account information and customer content.

1. Information We Collect

We collect information you provide directly when you create an account, purchase a subscription, contact us, or request support. This may include your name, email address, organization, billing details, authentication information, and support communications.

We also collect service and operational data needed to provision, secure, and operate the Service, including IP addresses, browser type, access times, instance activity, compute and storage usage, audit events, and similar service metadata.

If you use a hosted Dagu Cloud instance, we may process and store customer content that you choose to place in the service, such as workflows, logs, files, configuration, and secrets, as part of providing the Service.

2. How We Use Information

We use the information we collect to:

  • Provide, operate, maintain, and improve Dagu, Dagu Cloud, and hosted instances.
  • Provision hosted instances, authenticate users, and keep the Service reliable and secure.
  • Process transactions and send billing notifications.
  • Respond to support requests and send technical notices, security alerts, and service messages.
  • Monitor usage patterns to optimize performance and capacity.
  • Detect, investigate, and prevent fraudulent or unauthorized activity.
  • Comply with legal obligations and enforce our terms and policies.

3. Hosted Instance Data and Access

Customer content stored in a hosted Dagu Cloud instance is associated with the separately provisioned instance for your account and is isolated from other tenants.

We do not access customer workflows, logs, files, configuration, or secrets in the ordinary course of providing the Service. Access to hosted-instance data is restricted and limited to authorized personnel with a legitimate need to know, such as when you request support, when access is necessary to investigate security issues or abuse, or when disclosure is required by law.

4. Data Storage and Security

Data processed by the Service is hosted on infrastructure provided by Google Cloud Platform (GCP). We use encryption in transit, encryption at rest, access controls, and other administrative, technical, and organizational safeguards designed to protect data and preserve tenant isolation. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

5. Cookies

We use cookies and similar technologies to maintain your session, remember your preferences, and improve your experience. Essential cookies are required for the Service to function (for example, session authentication). You can control cookie preferences through your browser settings, though disabling essential cookies may prevent you from using the Service.

6. Third-Party Services

We use the following third-party services to help deliver the Service:

  • Auth0 - Authentication and identity management. Auth0 processes login credentials and identity-related information used to authenticate access to the Service. See Auth0 Privacy Policy.
  • Stripe - Payment processing. Stripe handles payment card information and related billing records. We do not store your full card details on our servers. See Stripe Privacy Policy.
  • Google Cloud Platform (GCP) - Infrastructure hosting. Hosted instances and related service data run on GCP infrastructure. See GCP Privacy Notice.

7. Data Retention

We retain account, billing, and support information for as long as needed to provide the Service and meet legal, accounting, and security obligations. Usage and operational data may be retained for billing, analytics, reliability, and abuse-prevention purposes for up to 24 months.

Hosted instance data is retained while your instance or account remains active. When you delete your account or hosted instance, we will generally delete or anonymize applicable personal data and hosted-instance data within 30 days, unless a longer retention period is required by law or reasonably necessary for billing records, fraud prevention, dispute resolution, or security investigations.

8. User Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Data portability (receive your data in a structured format).
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, contact support@dagu.pro.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

10. Contact

If you have any questions about this Privacy Policy or our data practices, contact:

Email: support@dagu.pro
Website: dagu.sh

This policy is effective as of March 23, 2026.