CloudRift — Data Inventory & Privacy

What data CloudRift collects, stores, and processes

What CloudRift Stores

Azure Resource Metadata

Resource names, types, locations, resource groups, Azure resource IDs, tags, monthly cost estimates

Identity Metadata

Azure AD user display names, UPNs, MFA status, license SKU names, group names and member counts

Performance Metrics

CPU utilization %, network bytes in/out, active connection counts (from Azure Monitor)

CloudRift Account Data

Your name and email, bcrypt-hashed password, role, plan, audit log of your actions

Credentials (encrypted)

Client Secret encrypted at rest with AES-256 Fernet. Tenant ID and Client ID stored unencrypted.

What CloudRift Never Accesses

Resource Contents

Files in storage, database rows, blob data, VM disk contents, application code

Customer Data

Any data stored inside your cloud resources

Network Traffic

Packet data, TLS payloads, application-layer traffic

Secret Values

Key Vault secret values, connection string passwords

Payment Data

Card numbers handled by Stripe — never stored in CloudRift

Data Retention
Scan results: retained until account deletion · Audit logs: 90 days · Resource metrics: 30 days · All data purged within 30 days of account closure

Your rights: You can request deletion of all your data at any time by contacting us. You can revoke CloudRift's Azure access at any time by deleting the service principal in your Azure Portal.

Certifications: SOC 2 planned Q3 2026 · ISO 27001 planned Q4 2026 · GDPR architecture compliant

Last updated: March 2026 · cloudrift.tech