For the previous version of the Terms of Use, please refer to the archive.

This document (the "Agreement" or "Terms of Service") constitutes the Terms of Service for Logto Cloud. Logto Cloud is an authentication and authorization managed service provided by Silverhand Inc., a Delaware corporation located at 2810 North Church Street, Wilmington, Delaware, 19802, United States. The Agreement is between Silverhand Inc. and the customer as set forth in the applicable order form or online subscription process ("Customer", collectively referred to as "the Parties").

For the purpose of this Agreement, "Customer" refers to any entity or individual, including any Tenant, that subscribes to or uses Logto Cloud. Each Tenant, being an independently managed division, department, or organizational unit within a subscribing entity, is considered a separate Customer under this Agreement and is subject to its own Terms of Service conditions.

1. Definitions​

1. "Services" (or "Logto Cloud") refers to the authentication and authorization managed service provided by Silverhand Inc. through its website and associated APIs. Services exclude any third-party services or software that may be used in conjunction with Logto Cloud, even if such services are connected or integrated with Logto Cloud. Subject to the terms and conditions of this Agreement, Silverhand Inc. will provide the Services to Customer during the term of this Agreement.
2. "Tenant" refers to a single instance of Logto Cloud that is provisioned for the Customer. Each Tenant is digitally isolated from other Tenants and has its own configuration, data, and users.

2. Conflict Resolution​

1. In the event of any conflict between the terms of this Agreement and the terms of any order form, the terms of the order form shall prevail.
2. In the event of any conflict between Tenants under the same Customer account, Silverhand Inc. will initiate a conflict resolution process aimed at addressing and resolving the issues in a fair and equitable manner. This process may involve mediation, review of account activity, and communication with all involved parties. Silverhand Inc. reserves the right to make final decisions on conflict resolution based on the evidence and in accordance with our policies and applicable laws.

3. Fees and Payment​

1. Fees: Customer agrees to pay the fees associated with their chosen subscription plan for Logto Cloud. The fees are based on the plan Customer selects and are subject to change at the discretion of Silverhand Inc. If an order form specifies a different fee, the fees specified in the order form will apply.
2. Payment: Customer agrees to provide Silverhand Inc. with valid and updated payment information. Customer authorizes Silverhand Inc. to charge their payment method for the fees associated with the subscription plan. Customer agrees to pay all fees within thirty (30) days from the invoice date. If any fees are not paid when due, Silverhand Inc. may suspend or terminate the Services.
3. Taxes: All fees are exclusive of all taxes, levies, or duties imposed by taxing authorities. Customer is responsible for paying all such taxes, levies, or duties, excluding only United States (federal or state) taxes based on Silverhand Inc.'s net income.

4. Term and Termination​

1. Term: This Agreement commences on the date Customer creates a Tenant account and continues until terminated in accordance with this Agreement.
2. Subscription Cancellation: Customer may cancel their paid subscription at any time by following the cancellation process outlined on the Logto Cloud website. Upon cancellation, Customer will not be charged for any subsequent billing cycles, and their access to the paid features of the Tenant will be terminated immediately. Subscription cancellation alone does not result in the termination of this Agreement. Termination occurs only upon deletion of the Tenant or if either party chooses to terminate the Agreement.
3. Termination for Cause: Either party may terminate this Agreement if the other party materially breaches any provision of this Agreement and fails to cure such breach within thirty (30) days after receiving written notice of the breach. Silverhand Inc. may also terminate this Agreement immediately if Customer fails to pay the fees when due. Upon termination, Customer still owes any unpaid fees covering the remainder of the term. If this Agreement is terminated by Customer for cause, Silverhand Inc. will refund any prepaid fees covering the remainder of the term.
4. Effect of Termination: Upon termination of this Agreement, Customer's right to access and use Logto Cloud will immediately cease. Silverhand Inc. may delete Customer's data 30 days following termination. Customer may request a copy of their data before termination when all fees are paid in full. Silverhand Inc. will provide Customer with a reasonable opportunity to retrieve their data before deletion, but Silverhand Inc. is not responsible for any data loss that occurs after termination.
5. Termination Impact: The termination of a Tenant for reasons including, but not limited to, breach of the Terms of Service, non-payment, or illegal activities, will be conducted on an individual basis. Termination of one Tenant does not automatically lead to the termination of other Tenants under the same Customer account. However, Silverhand Inc. reserves the right to review associated Tenants for compliance with the Terms of Service.

5. License and Use of Services​

1. License: Subject to the terms and conditions of this Agreement, Silverhand Inc. grants Customer a limited, non-exclusive, non-transferable, non-sublicensable license to access and use Logto Cloud for the duration of the subscription term. This license is solely for Customer's business purposes and is subject to the restrictions set forth in this Agreement.
2. Authorized Users: Customer may permit its employees, contractors, or agents to access and use Logto Cloud by inviting them to Customer's Tenant. The number of authorized users is limited to the number specified in the subscription plan, and Customer may pay additional fees to add more authorized users. Each authorized user may be used only by one individual and may not be shared with others. Customer is responsible for the actions of its authorized users and ensuring their compliance with this Agreement. Customer agrees to promptly remove any authorized user who violates this Agreement and notify Silverhand Inc. of such violation.
3. Acceptable Use: Customer agrees to use Logto Cloud in compliance with all applicable laws and regulations. Customer is responsible for the content and data uploaded to Logto Cloud and must have the necessary rights and permissions to use and share such content.
4. Restrictions: Customer shall not (a) license, sublicense, sell, resell, transfer, assign, distribute, or otherwise commercially exploit or make Logto Cloud available to any third party; (b) reverse engineer or access Logto Cloud in order to build a competitive product or service; (c) use Logto Cloud to store or transmit infringing, libelous, or otherwise unlawful or tortious material; (d) use Logto Cloud to store or transmit malicious code, viruses, or other harmful software; (e) interfere with or disrupt the integrity or performance of Logto Cloud, or harm the service or its users; (f) attempt to gain unauthorized access to Logto Cloud or its related systems or networks; (g) use Logto Cloud to engage in any illegal activities; or (h) use Logto Cloud for any purpose other than its intended use.

6. Confidentiality​

1. Definition: "Confidential Information" of a party means all information disclosed by that party ("Disclosing Party") to the other party ("Receiving Party") that is marked as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.
2. Protection: The Receiving Party agrees to protect the confidentiality of the Disclosing Party's Confidential Information using the same degree of care that it uses to protect its own confidential information of a similar nature, but in no event less than a reasonable degree of care. The Receiving Party shall not disclose the Disclosing Party's Confidential Information to any third party except: (a) the Disclosing Party has given its written consent (if such consent is not prohibited by applicable law); (b) to the Receiving Party's employees, contractors, or agents who need to know the information for the purposes of this Agreement and who are bound by confidentiality obligations at least as restrictive as those contained herein; or (c) as required by law enforcement or regulatory authorities.
3. Exclusions: Confidential Information does not include information that: (a) is or becomes publicly known through no fault of the Receiving Party; (b) was known to the Receiving Party prior to the Disclosing Party's disclosure; (c) is independently developed by the Receiving Party without reference to the Disclosing Party's Confidential Information; or (d) is rightfully received by the Receiving Party from a third party without restriction on disclosure.

7. Data Practices​

1. Definitions: "Customer Data" means any data, information, or material provided or submitted by Customer or its authorized users to Logto Cloud in the course of using the service. Customer Data may include, but is not limited to, any information relating to an identified or identifiable natural person ("Personal Identifiable Information" or "PII"), such as name, email address, phone number, or IP address. Customer Data does not include metrics and diagnostic data generated by Logto Cloud, such as usage statistics or error logs ("Usage Data").
2. Data Ownership: Customer retains all rights, title, and interest in and to Customer Data. Silverhand Inc. does not claim ownership of Customer Data and will not use Customer Data for any purpose other than providing the Services to Customer.
3. Data Processing: Silverhand Inc. may process Customer Data to provide or the Services and to comply with legal obligations. For example, Silverhand Inc. may process Customer Data to authenticate users, authorize access to resources, and generate usage non-PII data for analytics purposes. Silverhand Inc. may also process Customer Data in an anonymized or aggregated form for research, employee training, or machine learning purposes to support the improvement of the Services.
4. Improvements: Silverhand Inc. may engage third-party service providers to collect and analyze Usage Data to locate and fix bugs, improve performance, or inform sales and marketing strategies. Silverhand Inc. shall anonymize or aggregate Usage Data to ensure that it does not constitute Customer Data under applicable data protection laws. Silverhand Inc. will not share Customer Data with third parties for marketing or advertising purposes without Customer's consent.
5. Third-Party Service Connections: Customer may choose to connect third-party services to Logto Cloud to enhance the functionality of the Service (for example, connecting a third-party identity provider for single sign-on). When such connections are made, Customer acknowledges that the third-party service may have access to Customer Data. Customer is responsible for reviewing and accepting the terms and conditions of any third-party service before connecting it to Logto Cloud. By connecting a third-party service, Customer consents Silverhand Inc. to access and process any data shared by the third-party service in accordance with this Agreement.
6. Third-Party Service Providers: Customer agrees that Silverhand Inc. may engage third-party service providers to assist in providing the Services. Silverhand Inc. will only provide Customer Data to third-party service providers to the extent necessary to perform, improve, or secure the Services. Any third-party service providers engaged by Silverhand Inc. will be bound by confidentiality obligations at least as restrictive as those contained in this Agreement.
7. Data Security: (a) Silverhand Inc. will not sell, rent, or share Customer Data with third parties, except as required by law or to comply with legal process; (b) Silverhand Inc. will take reasonable measures to protect Customer Data from unauthorized access, disclosure, alteration, or destruction as described in the Data Protection and Privacy section.

8. Data Protection and Privacy​

1. Privacy Policy: Silverhand Inc. is committed to protecting the privacy and security of Customer Data. Silverhand Inc. will process Customer Data in accordance with its Privacy Policy and applicable data protection laws.
2. Customer as Data Controller: Customer is the data controller of Customer Data and is responsible for complying with all applicable data protection laws, including obtaining any necessary consents from data subjects and providing any required notices to data subjects. Silverhand Inc. will process Customer Data on behalf of Customer as a data processor.
3. Data Hosting: Customer Data is stored on secure servers located in data centers within the West Europe region, or other regions as specified in the subscription plan. Silverhand Inc. may transfer Customer Data to a country outside of the European Economic Area (EEA) if necessary, for example, to a jurisdiction where its service providers are located. When Silverhand Inc. transfers Customer Data outside of the EEA, it will ensure that an appropriate level of protection is in place to protect the data.
4. Sub-Processors: Customer consents to Silverhand Inc. engaging sub-processors to process Customer Data on its behalf to provide the Services, as described in this Agreement. Silverhand Inc. will be responsible for the acts and omissions of its sub-processors to the same extent as if they were its own. The current list of sub-processors is available in the Privacy Policy.

9. Intellectual Property​

Logto, Logto Cloud, Silverhand Inc., and any associated logos are trademarks owned by Silverhand Inc. Each party retains all rights, title, and interest in and to its intellectual property. Customer grants Silverhand Inc. a fully paid-up, royalty-free, non-exclusive, worldwide license to use, modify, communicate, and commercially exploit any feedback, suggestions, or ideas Silverhand Inc. receives from Customer, Customer's authorized users, or any third party acting on Customer's behalf. Silverhand Inc. reserves the right to seek intellectual property protection for any service improvements, features, or innovations that result from such feedback.

10. Disclaimer of Warranties​

EXCEPT AS SPECIFICALLY SET FORTH IN THIS SECTION AND ANY APPLICABLE SERVICE LEVEL AGREEMENT, THE SERVICES, INCLUDING ALL SERVER AND NETWORK COMPONENTS, ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITHOUT ANY WARRANTIES OF ANY KIND TO THE FULLEST EXTENT PERMITTED BY LAW, AND SILVERHAND INC. EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. CUSTOMER ACKNOWLEDGES THAT SILVERHAND INC. DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, ERROR FREE, OR FREE FROM VIRUSES OR OTHER MALICIOUS SOFTWARE, AND NO INFORMATION OR ADVICE OBTAINED BY CUSTOMER FROM SILVERHAND INC. OR THROUGH THE SERVICES SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. THE PARTIES ADDITIONALLY AGREE THAT SILVERHAND INC. WILL HAVE NO LIABILITY OR RESPONSIBILITY FOR CLIENT’S VARIOUS COMPLIANCE PROGRAMS, AND THAT THE SERVICES, TO THE EXTENT APPLICABLE, ARE ONLY TOOLS FOR ASSISTING CLIENT IN MEETING THE VARIOUS COMPLIANCE OBLIGATIONS FOR WHICH IT SOLELY IS RESPONSIBLE.

11. Indemnification​

Customer agrees to indemnify and hold harmless Silverhand Inc. from and against any claims, damages, liabilities, and expenses arising out of or related to Customer's use of Logto Cloud or any violation of these Terms of Service.

12. Limitation of Liability​

UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (WHETHER IN CONTRACT, TORT, NEGLIGENCE OR OTHERWISE) WILL EITHER PARTY TO THIS AGREEMENT, OR THEIR AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, SERVICE PROVIDERS, SUPPLIERS OR LICENSORS BE LIABLE TO THE OTHER PARTY OR ANY AFFILIATE FOR ANY LOST PROFITS, LOST SALES OR BUSINESS, LOST DATA (BEING DATA LOST IN THE COURSE OF TRANSMISSION VIA CUSTOMER’S SYSTEMS OR OVER THE INTERNET THROUGH NO FAULT OF Silverhand Inc.), BUSINESS INTERRUPTION, LOSS OF GOODWILL, COSTS OF COVER OR REPLACEMENT, OR FOR ANY TYPE OF INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR PUNITIVE LOSS OR DAMAGES, OR ANY OTHER INDIRECT LOSS OR DAMAGES INCURRED BY THE OTHER PARTY OR ANY AFFILIATE IN CONNECTION WITH THIS AGREEMENT OR THE SERVICES REGARDLESS OF WHETHER SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF OR COULD HAVE FORESEEN SUCH DAMAGES. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, AND EXCLUDING THE PARTIES’ INDEMNIFICATION OBLIGATIONS HEREUNDER, EITHER PARTY’S AGGREGATE LIABILITY TO THE OTHER ARISING OUT OF THIS AGREEMENT OR THE SERVICES WILL IN NO EVENT EXCEED THE GREATER OF $100 USD OR THE AMOUNT PAID BY CUSTOMER TO Silverhand Inc. FOR THE SERVICES IN THE TWELVE MONTHS PRECEDING THE CLAIM. CUSTOMER ACKNOWLEDGES AND AGREES THAT THE ESSENTIAL PURPOSE OF THIS SECTION AND THE PARTIES INDEMNIFICATION OBLIGATIONS IS TO ALLOCATE THE RISKS UNDER THIS AGREEMENT BETWEEN THE PARTIES AND LIMIT POTENTIAL LIABILITY GIVEN THE FEES, WHICH WOULD HAVE BEEN SUBSTANTIALLY HIGHER IF Silverhand Inc. WERE TO ASSUME ANY FURTHER LIABILITY OTHER THAN AS SET FORTH HEREIN. Silverhand Inc. HAS RELIED ON THESE LIMITATIONS IN DETERMINING WHETHER TO PROVIDE CUSTOMER WITH THE RIGHTS TO ACCESS AND USE THE SERVICES PROVIDED FOR IN THIS AGREEMENT.

13. Changes to the Services​

Silverhand Inc. may make updates, enhancements, or changes to the service from time to time. These changes are aimed at enhancing the functionality, security, and overall performance of Logto Cloud. Silverhand Inc. will make its best effort to provide advance notice to Customer via email or other communication channels for any significant update or change that may materially impact Customer's usage of Logto Cloud.

14. Miscellaneous​

14.1. Force Majeure​

Neither party shall be liable for any failure or delay in performing its obligations under this Agreement due to events beyond their reasonable control, including but not limited to acts of nature (such as earthquakes, hurricanes, floods, wildfires, etc.), wars, acts of terrorism, civil unrest, strikes, labor disputes, government actions or restrictions, epidemics, pandemics, or other similar events.

In the event of a Force Majeure Event, the affected party shall promptly notify the other party in writing and shall use commercially reasonable efforts to mitigate the impact of the event on their obligations under this Agreement. The time for performance of the affected party's obligations shall be extended for a period equal to the duration of the Force Majeure Event. However, if the Force Majeure Event persists for a continuous period of 30 days, either party may choose to terminate this Agreement by providing written notice to the other party.

14.2. Governing Law and Jurisdiction​

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without giving effect to any principles of conflicts of law.

14.3. Entire Agreement​

This Agreement constitutes the entire agreement between Customer and Silverhand Inc. with respect to the subject matter hereof and supersedes all prior or contemporaneous communications and proposals, whether oral or written.

14.4. Amendments​

Silverhand Inc. reserves the right to amend this Agreement at any time, in which case the updated terms will prevail. Silverhand Inc. will notify Customer not less than seven (7) days before the effective date of the updated terms, by the methods defined in the Notices section. Customer's continued use of Logto Cloud after the effective date of the updated terms constitutes acceptance of the updated terms.

14.5. Notices​

All notices under this Agreement shall be in writing and shall be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or email; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. Notices to Silverhand Inc. shall be sent to [email protected]. Notices to Customer shall be sent to the email address associated with one of the authorized administrators of the Tenant, unless Customer has provided a different email address for notices.

14.6. Marketing​

Customer agrees that Silverhand Inc. may use Customer's name and logo identify Customer as a customer of Silverhand Inc. in Silverhand Inc.'s marketing materials, website, and other promotional activities in accordance with Customer's trademark usage guidelines, if Customer provides such guidelines to Silverhand Inc. Silverhand Inc. will not disclose any other Customer Confidential Information in its marketing materials without Customer's prior written consent.

14.7. Assignment​

Customer may not assign this Agreement or any of Customer's rights or obligations hereunder without the prior written consent of Silverhand Inc. Any attempted assignment in violation of this provision shall be null and void.

14.8. Severability​

If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be struck, and the remaining provisions shall be enforced.

14.9. Waiver​

The failure of Silverhand Inc. to enforce any right or provision of this Agreement shall not be deemed a waiver of such right or provision.

For the previous version of the Privacy Policy, please refer to the archive.

At Silverhand Inc., we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal information when you use any of the Logto services provided by Silverhand Inc. By using any of the Logto services (such as Logto Cloud), you agree to the terms of this Privacy Policy.

Information We Collect and the Lawful Basis for Processing​

We collect the minimum amount of personal information necessary to provide our services, which includes your name, email address, and other necessary information required for authentication and authorization.

We process this personal information on the basis of the necessity for the performance of our contract with you to provide our services. If you do not provide this information, we may not be able to deliver our services effectively.

Data Processing Details​

Purpose of Processing​

We process your data primarily to provide and improve our services. The specific purposes for processing include:

• Authentication and Authorization: We use your name, email address, and other necessary information to authenticate and authorize access to our services.
• Communication: We may use your contact details to communicate with you about updates, security alerts, and support and administrative messages.
• Improvement of Services: We use data from cookies and third-party analytics services, like Plausible, to understand user behavior and improve our services.
• Advertising and Marketing: With the use of conversion tracking tools, such as Google Ad Conversion Tracking, we gain insights into the effectiveness of our advertising campaigns and improve them accordingly.

Processing Activities​

The specific processing activities include the collection, storage, organization, structuring, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, alignment or combination, restriction, erasure, and destruction of your personal data.

Recipients of Personal Data​

In the course of providing our services, we may share your personal data with certain third parties. These include our service providers who assist in providing our services, law enforcement agencies if required by law, and third-party platforms like Google for advertising purposes.

Your personal data will not be sold or rented to any third parties.

Automated Decision Making and Profiling​

We do not use your personal data for automated decision-making or profiling purposes.

Data Subject Rights​

As a data subject, you have certain rights under the GDPR, including the right to access, correct, update, or request deletion of your personal data. You also have the right to object to processing of your personal information, ask us to restrict processing of your personal information, or request portability of your personal information. You have the right to opt-out of marketing communications we send you at any time.

If you wish to exercise any of these rights, please contact us at [email protected]. We will respond to your request within a reasonable timeframe and always within the legal maximum period of one month.

Data Retention Period​

We retain your personal data only for as long as necessary to provide the services you have requested and thereafter for legitimate legal or business purposes. These might include retention periods mandated by legal, contractual, or similar obligations applicable to our business operations; for preserving, resolving, defending, or enforcing our legal/contractual rights; or needed to maintain adequate and accurate business and financial records.

Cross-Border Data Transfers​

We store your personal data on secure servers located in data centers within the West Europe region. We may transfer personal data to a country outside of the European Economic Area (EEA) if necessary, for example, to a jurisdiction where our service providers are located. When we do, we ensure that an appropriate level of protection is in place to protect the personal data.

Use of Cookies​

We only use strictly necessary cookies to ensure secure authentication and authorization for our services. These cookies do not contain any personal information and are deleted once you sign out of our service.

Use of Plausible Analytics​

We use an analytics product called Plausible to help us improve your experience using Logto services. Plausible does not use cookies, and it does not collect any personal information. Plausible collects non-personally identifiable data such as page views, browser type, and device type.

Use of Azure Monitor Application Insights​

We use Azure Monitor Application Insights, a web analytics service provided by Microsoft Azure, to monitor and improve the performance and usage of our services. This service may collect and analyze non-personally identifiable information such as user behaviors, device information, and usage patterns.

Use of Google Ad Conversion Tracking​

We use Google's ad conversion tracking service to understand the effectiveness of our advertising campaigns. When you click on an ad served by Google, a conversion tracking cookie is placed on your device.

Use of Reddit Pixel​

We use Reddit Pixel to track the effectiveness of our advertising campaigns on Reddit. The Reddit Pixel collects non-personally identifiable data such as page views, browser type, device type, and SHA-256 hashed email addresses.

About Google and GitHub User Data​

Access to Google and GitHub User Data​

Logto only accesses certain Google and GitHub account information with explicit user consent. When a user signs up for Logto, they grant us access to certain account information, such as name, email address, and profile picture.

Use of Google and GitHub User Data​

Logto uses Google and GitHub user data solely for the purpose of providing our services to the user. This includes enabling the user to sign in to our app, and providing access to necessary features within Logto Cloud.

Storage of Google and GitHub User Data​

Logto stores Google and GitHub user data on secure servers located in data centers within the West Europe region.

Sharing of Google and GitHub User Data​

Logto does not share Google and GitHub user data with any third parties, except as required by law or to comply with legal process.

Information Sharing​

We do not sell, rent, or share any personal information with third parties, except as required by law, or to comply with legal process, or as necessary to provide our services.

Data Security​

We take the security of your personal information seriously and have implemented various security measures to protect it, including but not limited to:

1. Secure Communication: The communication between any public party to Logto services is enforced by TLS (Transport Layer Security) to ensure that all data transmitted between you and our service is encrypted and secure.
2. Private Database Network: The Logto database stays in a private network in the Azure West Europe region, with no direct access to the public internet. This ensures that your data is stored in a secure and protected environment.
3. Data Isolation: Every tenant has a dedicated database role and every business table has enforced Row-Level Security to ensure that your data is isolated in the database. This means that only authorized users have access to the data, and each tenant's data is separated from other tenants.
4. Password Encryption: Logto will not store passwords in plain text. All passwords are encrypted using the Argon2 algorithm, which is a secure password hashing algorithm. This ensures that even if a data breach were to occur, your password would not be compromised.
5. Database Encryption: All data stored in the Logto database is encrypted at rest. See Information protection and encryption for more information.

We regularly review our security practices and update them as necessary to ensure that your personal information is protected. If you have any questions or concerns about the security of your personal information, please contact us at [email protected].

Subprocessor List​

We use the following subprocessors to provide our services:

• Microsoft Azure: Cloud infrastructure provider
• Cloudflare: Content delivery network and DDoS protection service
• SendGrid: Email delivery service
• Stripe: Payment processing service

Changes to this Privacy Policy​

We may update this Privacy Policy from time to time. If we make any material changes to this policy, we will notify in accordance with the Terms of Service.

Data Protection Officer​

Data Protection Officer: Gao Sun

If you have any concerns about our use of your personal data, you can make a complaint to us at [email protected]. You can also complain to the data protection authority in your country of residence, place of work, or where an alleged infringement of data protection law has occurred.

Contact Us​

If you have any questions or concerns about our Privacy Policy, please contact us at [email protected].

At Logto, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal information when you use any of the services provided by Logto.

By using any of the services provided by Logto, you agree to the terms of this Privacy Policy.

Information We Collect and the Lawful Basis for Processing​

We collect the minimum amount of personal information necessary to provide our services, which includes your name, email address, and other necessary information required for authentication and authorization.

We process this personal information on the basis of the necessity for the performance of our contract with you to provide our services. If you do not provide this information, we may not be able to deliver our services effectively.

Data Processing Details​

Purpose of Processing​

We process your data primarily to provide and improve our services. The specific purposes for processing include:

• Authentication and Authorization: We use your name, email address, and other necessary information to authenticate and authorize access to our services.
• Communication: We may use your contact details to communicate with you about updates, security alerts, and support and administrative messages.
• Improvement of Services: We use data from cookies and third-party analytics services, like Plausible and Application Insights, to understand user behavior and improve our services.
• Advertising and Marketing: With the use of Google Ad Conversion Tracking, we gain insights into the effectiveness of our advertising campaigns and improve them accordingly.

Processing Activities​

The specific processing activities include the collection, storage, organization, structuring, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, alignment or combination, restriction, erasure, and destruction of your personal data.

Recipients of Personal Data​

In the course of providing our services, we may share your personal data with certain third parties. These include our service providers who assist in providing our services, law enforcement agencies if required by law, and third-party platforms like Google for advertising purposes.

Your personal data will not be sold or rented to any third parties.

Automated Decision Making and Profiling​

We do not use your personal data for automated decision-making or profiling purposes.

Data Subject Rights​

As a data subject, you have certain rights under the GDPR, including the right to access, correct, update, or request deletion of your personal data. You also have the right to object to processing of your personal information, ask us to restrict processing of your personal information, or request portability of your personal information. You have the right to opt-out of marketing communications we send you at any time.

If you wish to exercise any of these rights, please contact us at [email protected]. We will respond to your request within a reasonable timeframe and always within the legal maximum period of one month.

Data Retention Period​

We retain your personal data only for as long as necessary to provide the services you have requested and thereafter for legitimate legal or business purposes. These might include retention periods mandated by legal, contractual, or similar obligations applicable to our business operations; for preserving, resolving, defending, or enforcing our legal/contractual rights; or needed to maintain adequate and accurate business and financial records.

Cross-Border Data Transfers​

We store your personal data on secure servers located in data centers within the West Europe region. We may transfer personal data to a country outside of the European Economic Area (EEA) if necessary, for example, to a jurisdiction where our service providers are located. When we do, we ensure that an appropriate level of protection is in place to protect the personal data.

Use of Cookies​

We only use strictly necessary cookies to ensure secure authentication and authorization for our services. These cookies do not contain any personal information and are deleted once you sign out of our service.

Use of Plausible Analytics​

We use an analytics product called Plausible to help us improve your experience using Logto services. Plausible does not use cookies, and it does not collect any personal information. Plausible collects non-personally identifiable data such as page views, browser type, and device type.

Use of Application Insights​

We use Application Insights, a web analytics service provided by Microsoft Azure, to monitor and improve the performance and usage of our services. This service may collect and analyze non-personally identifiable information such as user behaviors, device information, and usage patterns.

Use of Google Ad Conversion Tracking​

We use Google's ad conversion tracking service to understand the effectiveness of our advertising campaigns. When you click on an ad served by Google, a conversion tracking cookie is placed on your device.

About Google and GitHub User Data​

Access to Google and GitHub User Data​

Logto only accesses certain Google and GitHub account information with explicit user consent. When a user signs up for Logto, they grant us access to certain account information, such as name, email address, and profile picture.

Use of Google and GitHub User Data​

Logto uses Google and GitHub user data solely for the purpose of providing our services to the user. This includes enabling the user to sign in to our app, and providing access to necessary features within Logto Cloud.

Storage of Google and GitHub User Data​

Logto stores Google and GitHub user data on secure servers located in data centers within the West Europe region.

Sharing of Google and GitHub User Data​

Logto does not share Google and GitHub user data with any third parties, except as required by law or to comply with legal process.

Information Sharing​

We do not sell, rent, or share any personal information with third parties, except as required by law, or to comply with legal process, or as necessary to provide our services.

Data Security​

We take the security of your personal information seriously and have implemented various security measures to protect it, including but not limited to:

1. Secure Communication: The communication between any public party to Logto services is enforced by TLS (Transport Layer Security) to ensure that all data transmitted between you and our service is encrypted and secure.
2. Private Database Network: The Logto database stays in a private network in the Azure West Europe region, with no direct access to the public internet. This ensures that your data is stored in a secure and protected environment.
3. Data Isolation: Every tenant has a dedicated database role and every business table has enforced Row-Level Security to ensure that your data is isolated in the database. This means that only authorized users have access to the data, and each tenant's data is separated from other tenants.
4. Password Encryption: Logto will not store passwords in plain text. All passwords are encrypted using the Argon2 algorithm, which is a secure password hashing algorithm. This ensures that even if a data breach were to occur, your password would not be compromised.
5. Database Encryption: All data stored in the Logto database is encrypted at rest. See Information protection and encryption for more information.

We regularly review our security practices and update them as necessary to ensure that your personal information is protected. If you have any questions or concerns about the security of your personal information, please contact us at [email protected].

Changes to this Privacy Policy​

We may update this Privacy Policy from time to time. If we make any material changes to this policy, we will notify you by email or by posting a notice on our website.

Data Protection Officer​

Data Protection Officer: Gao Sun

If you have any concerns about our use of your personal data, you can make a complaint to us at [email protected]. You can also complain to the data protection authority in your country of residence, place of work, or where an alleged infringement of data protection law has occurred.

Contact Us​

If you have any questions or concerns about our Privacy Policy, please contact us at [email protected].

This document constitutes the Terms of Use for Logto Cloud, an authentication and authorization managed service provided by Silverhand Inc. By using Logto Cloud, you agree to be bound by the following terms and conditions, collectively referred to as "this Agreement." If you do not agree with any of these terms, please do not use the Logto Cloud service.

1. License and Ownership​

1. License: Logto Cloud is a licensed service. You are granted a non-exclusive, non-transferable license to use Logto Cloud in accordance with the terms and conditions outlined in this agreement and the selected plan. The source code and underlying technology of Logto Cloud are proprietary and confidential to Silverhand Inc.
2. Ownership: Logto Cloud is owned and copyrighted by Silverhand Inc. All rights not expressly granted to you are reserved by Silverhand Inc.

2. Use of Logto Cloud​

1. Restrictions: You agree not to use Logto Cloud for any unlawful purpose or in any way that could damage or disrupt the service or interfere with any other party's use of the service. You also agree not to attempt to gain unauthorized access to any part of Logto Cloud, or any system or network connected to Logto Cloud.
2. Your Data: You retain all right, title, and interest in and to any data or content that you upload or transmit to or through Logto Cloud. Silverhand Inc. will treat such data in accordance with its Privacy Policy.

3. Subscription and Termination​

1. Subscription: Logto Cloud is a paid service, and you can choose from different subscription plans, including a free plan with limited features and resources. By subscribing to Logto Cloud, you agree to pay the applicable fees and charges as per the chosen plan.
2. Termination: This Agreement will remain in effect until terminated by either party. You may cancel your subscription at any time, and Silverhand Inc. may terminate your access to Logto Cloud if you violate any terms of this Agreement or fail to pay the required fees.
3. Effect of Termination: Upon termination of this Agreement or your subscription, all rights granted to you under this Agreement will immediately cease, and you must immediately cease all use of Logto Cloud.

4. Customer Support​

Silverhand Inc. will provide customer support for Logto Cloud based on the subscription plan you have chosen. Customer support may be available via email or ticket, depending on your plan. Silverhand Inc. will make commercially reasonable efforts to respond to your inquiries and resolve issues promptly.

5. Account Security and Responsibilities​

1. Account Security: You are responsible for maintaining the confidentiality of your Logto Cloud account credentials, including your username and password. You agree to notify Silverhand Inc. immediately of any unauthorized use of your account or any other security breach.
2. User Responsibilities: You agree to use Logto Cloud in compliance with all applicable laws and regulations. You are solely responsible for the activities conducted under your account and any content or data uploaded to the service.

6. Acceptable Use Policy​

We want to create a safe and respectful environment for all Logto Cloud users. By using our service, you agree to follow the Acceptable Use Policy. This policy may include but is not limited to::

1. Be Lawful: Please use Logto Cloud for legal and legitimate purposes only. Don't engage in any illegal activities or use the service to harm others.
2. Be Respectful: Don't post or transmit any content that is defamatory, abusive, harassing, or violates the rights of others.
3. Protect Your Account: Keep your Logto Cloud account safe by not sharing your login credentials with others. If you suspect any unauthorized use of your account, please let us know immediately.
4. Data Responsibility: You are responsible for the data you upload or transmit through Logto Cloud. Ensure that you have the necessary rights and permissions to use and share that data.
5. No Harm to the Service: Please don't engage in any actions that could disrupt or harm the functionality of Logto Cloud or other users' experience.
6. No Unauthorized Access: Don't attempt to access any parts of Logto Cloud or systems without proper authorization.
7. Follow the Law: Comply with all applicable laws and regulations while using Logto Cloud.
8. No Spam: Don't use Logto Cloud to send unsolicited messages or spam.
9. No Malware: Don't use Logto Cloud to distribute malware or other malicious code.

7. Intellectual Property​

1. Trademarks: Logto, Logto Cloud, Silverhand Inc., and any associated logos are trademarks owned by Silverhand Inc. You agree not to use these trademarks without prior written permission from Silverhand Inc.
2. Feedback: Any feedback, suggestions, or ideas provided by you regarding Logto Cloud may be used by Silverhand Inc. without any obligation to compensate or credit you.

8. Data Protection and Privacy​

At Logto Cloud, we take the security and privacy of your personal information seriously. We have implemented various security measures to protect your data, as outlined in our Privacy Policy. Some of the key security practices we follow include:

1. Secure Communication: All communication between you and our Logto services is enforced by TLS (Transport Layer Security) to ensure that all data transmitted between your device and our service is encrypted and secure.
2. Private Database Network: The Logto database resides in a private network within the Azure West Europe region and has no direct access to the public internet. This setup ensures that your data is stored in a secure and protected environment.
3. Data Isolation: Each tenant has a dedicated database role, and we enforce Row-Level Security to ensure that your data is isolated within the database. This means that only authorized users have access to the data, and each tenant's data is completely separated from that of other tenants.
4. Password Encryption: We prioritize the security of your passwords. Logto does not store passwords in plain text. Instead, all passwords are encrypted using the Argon2 algorithm, a secure password hashing algorithm. This ensures that even in the event of a data breach, your password remains protected and uncompromised.
5. Database Encryption: For an added layer of security, all data stored in the Logto database is encrypted at rest, ensuring that your sensitive information remains safe and protected. You can find more details about our database encryption in the section on Information protection and encryption.

We regularly review and update our security practices to ensure that your personal information is safeguarded at all times. If you have any questions or concerns about the security of your personal information, please feel free to contact our security team at [email protected].

9. Indemnification​

You agree to indemnify and hold harmless Silverhand Inc. from and against any claims, damages, liabilities, and expenses arising out of or related to your use of Logto Cloud or any violation of these Terms of Use.

10. Changes to the Service​

Silverhand Inc. may make updates, enhancements, or changes to the service from time to time. These changes are aimed at enhancing the functionality, security, and overall performance of Logto Cloud.

Any changes we make will be carefully considered and aligned with our commitment to delivering a reliable and efficient service. While we may introduce new features or adjust existing ones, our core mission of providing a secure and user-friendly authentication and authorization managed service remains unwavering.

Significant updates or changes that may materially impact your usage of Logto Cloud will be communicated to you in advance, whenever possible. We value your feedback and will take it into account as we continue to evolve the service to better meet your needs.

11. Third-Party Services​

Logto Cloud utilizes the following third-party services to enhance its functionality and provide a seamless experience:

1. Azure Cloud Infrastructure: Logto Cloud is hosted on Microsoft Azure, a cloud infrastructure provided by Microsoft Corporation. By using Logto Cloud, you acknowledge that your data and information may be stored and processed on Azure servers. Please refer to Microsoft Azure's Privacy Policy and Terms of Service for more information on data handling, security, and the terms of use.
2. SendGrid Email Services: Logto Cloud utilizes SendGrid, an email service provided by Twilio Inc., to facilitate email communications related to your Logto Cloud account, such as account verification and notifications. The use of SendGrid is subject to Twilio's Privacy Policy and Terms of Service.
3. Cloudflare Network Protection: Logto Cloud employs Cloudflare's network protection services to enhance security and performance. Cloudflare is a service offered by Cloudflare, Inc. By using Logto Cloud, your traffic may be routed through Cloudflare's network. For more information on Cloudflare's data handling practices, please review Cloudflare's Privacy Policy and Terms of Service.

Please note that while these third-party services contribute to the reliable operation of Logto Cloud, their usage is subject to the respective third-party providers' terms, conditions, and privacy policies. Silverhand Inc. does not endorse or assume any responsibility for the actions or services of these third-party providers. Users are encouraged to review the terms and policies of these third-party services separately.

12. Force Majeure​

Neither party shall be liable for any failure or delay in performing its obligations under this Agreement due to events beyond their reasonable control, including but not limited to acts of nature (such as earthquakes, hurricanes, floods, wildfires, etc.), wars, acts of terrorism, civil unrest, strikes, labor disputes, government actions or restrictions, epidemics, pandemics, or other similar events.

In the event of a Force Majeure Event, the affected party shall promptly notify the other party in writing and shall use commercially reasonable efforts to mitigate the impact of the event on their obligations under this Agreement. The time for performance of the affected party's obligations shall be extended for a period equal to the duration of the Force Majeure Event. However, if the Force Majeure Event persists for a continuous period of 30 days, either party may choose to terminate this Agreement by providing written notice to the other party.

13. Governing Law and Jurisdiction​

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without giving effect to any principles of conflicts of law.

14. Entire Agreement​

This Agreement constitutes the entire agreement between you and Silverhand Inc. with respect to the subject matter hereof and supersedes all prior or contemporaneous communications and proposals, whether oral or written.

15. Modification​

Silverhand Inc. reserves the right to modify this Agreement at any time by posting the modified terms on its website or by providing notice to you. Your continued use of Logto Cloud following any such modification constitutes your acceptance of the modified terms.

16. Assignment​

You may not assign this Agreement or any of your rights or obligations hereunder without the prior written consent of Silverhand Inc. Any attempted assignment in violation of this provision shall be null and void.

17. Severability​

If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be struck, and the remaining provisions shall be enforced.

18. Waiver​

The failure of Silverhand Inc. to enforce any right or provision of this Agreement shall not be deemed a waiver of such right or provision.

By using Logto Cloud, you acknowledge that you have read, understood, and agree to be bound by this Agreement.

Welcome to Logto Cloud (Preview), a customer authentication and authorization managed service provided by Silverhand Inc. By using Logto Cloud (Preview), you agree to be bound by the following Terms of Use. If you do not agree with any of these terms, please do not use the Logto Cloud (Preview) service.

1. License and Ownership​

1. License: Logto Cloud (Preview) is licensed, not sold. The source code of Logto Cloud (Preview) is licensed with Elastic 2.0, and you agree to be bound by the terms of the Elastic 2.0 license in your use of Logto Cloud (Preview).
2. Ownership: Logto Cloud (Preview) is owned and copyrighted by Silverhand Inc. All rights not expressly granted to you are reserved by Silverhand Inc.

2. Use of Logto Cloud (Preview)​

1. Restrictions: You agree not to use Logto Cloud (Preview) for any unlawful purpose or in any way that could damage or disrupt the service or interfere with any other party's use of the service. You also agree not to attempt to gain unauthorized access to any part of Logto Cloud (Preview), or any system or network connected to Logto Cloud (Preview).
2. Your Data: You retain all right, title, and interest in and to any data or content that you upload or transmit to or through Logto Cloud (Preview), and Silverhand Inc. will treat such data in accordance with its Privacy Policy. You grant Silverhand Inc. a non-exclusive, worldwide, royalty-free license to use, reproduce, modify, and distribute such data solely to the extent necessary to provide the service to you.

3. Termination​

1. Term: This Agreement will remain in effect until terminated by either party.
2. Termination for Cause: Either party may terminate this Agreement immediately upon Written Notice if the other party breaches any material term of this Agreement.
3. Effect of Termination: Upon termination of this Agreement, all rights granted to you under this Agreement will immediately cease, and you must immediately cease all use of Logto Cloud (Preview).
4. Written Notice: It may be satisfied by sending an email to [email protected]. This email address is the official contact point for Logto Cloud (Preview), and it is important to use this email address for any communication related to termination or any other legal matter concerning the service.

4. Disclaimer of Warranties​

Logto Cloud (Preview) is provided "as is" and "as available" without warranty of any kind. Silverhand Inc. disclaims all warranties, whether express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

5. Limitation of Liability​

In no event shall Silverhand Inc. be liable for any direct, indirect, incidental, special, or consequential damages arising out of or in connection with the use or inability to use Logto Cloud (Preview), even if Silverhand Inc. has been advised of the possibility of such damages.

6. Miscellaneous​

1. Governing Law: This Agreement shall be governed by and construed in accordance with the laws of the Cayman Islands, without giving effect to any principles of conflicts of law.
2. Entire Agreement: This Agreement constitutes the entire agreement between you and Silverhand Inc. with respect to the subject matter hereof and supersedes all prior or contemporaneous communications and proposals, whether oral or written.
3. Modification: Silverhand Inc. reserves the right to modify this Agreement at any time by posting the modified terms on its website or by providing notice to you. Your continued use of Logto Cloud (Preview) following any such modification constitutes your acceptance of the modified terms.
4. Assignment: You may not assign this Agreement or any of your rights or obligations hereunder without the prior written consent of Silverhand Inc. Any attempted assignment in violation of this provision shall be null and void.
5. Severability: If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be struck and the remaining provisions shall be enforced.
6. Waiver: The failure of Silverhand Inc. to enforce any right or provision of this Agreement shall not be deemed a waiver of such right or provision.

By using Logto Cloud (Preview), you acknowledge that you have read, understood, and agree to be bound by this Agreement.