Back to sign up

Privacy Policy

What we collect, why, and how we protect it.

Last updated: 2026-07-05

This document may be updated from time to time; material changes are announced in the console.

MSP account data

  • We process your team's account data (name, email, role, and a salted password hash) to authenticate users, enforce role-based access, and keep an operator audit trail.
  • We record consent at signup (which terms version was accepted, and when) so there is a clear, verifiable agreement record.

Your managed customer tenants

  • For the Microsoft tenants you manage, we store identifiers and connection state plus the operational data needed to do the job (deployments, baselines, drift findings, cost and posture summaries).
  • Access to customer tenants uses app-only Microsoft access: a single multitenant application that each customer admin consents to, granted scoped Azure RBAC. We do not use GDAP or Lighthouse delegated access.
  • We do not store your end-customers' user passwords or standing secrets. Where an automation needs a secret, it lives in Azure Key Vault and our database stores only a reference, never the value.

Tenant isolation

  • Every record and operation carries a partner-and-customer scope. Partner isolation is hard: competing MSPs run side by side on the platform and never see each other's data.
  • We do not pool, mine, or resell your or your customers' data. It is used only to provide and operate the service for you.

Infrastructure and sub-processors

We run rugged.sh on a small set of infrastructure providers who process data on our behalf under their own security and privacy commitments:

  • Microsoft Azure — core compute, storage, secret management (Key Vault), and the Microsoft cloud your tenants run on.
  • Neon — managed PostgreSQL database hosting for the control-plane data described above.
  • Cloudflare — content delivery, DNS, and edge protection for the web console.
  • We keep this list current and give notice of material changes. We do not add sub-processors that get standing access to your customers' tenant content.

How long we keep data

  • We keep your account and operational data for as long as your account is active, and for a limited period afterward to support recovery, billing, and audit obligations, then delete or anonymize it.
  • Audit and consent records may be retained longer where we are legally or contractually required to keep them.

Cookies and telemetry

  • The console uses only the cookies needed to sign you in and keep your session secure — no third-party advertising or cross-site tracking cookies.
  • We collect operational logs and metrics needed to run, secure, and support the platform. Self-hosted instances phone home with license and health telemetry (version, plan, instance health) — never your end-customers' content.

Your choices

  • You can access, correct, or export your account data, and request deletion subject to our legal and contractual retention obligations.
  • Privacy questions or requests: [email protected]. General support: [email protected].