privacy_policy

Your desktop is yours.

Plain English up top. Lawyerly version below it. Last updated 19 May 2026.

TL;DR (the only part that matters)

• We never see your screen. No monitoring, no screen recording, no remote viewing on customer VMs.
• We never log Claude activity. Your prompts, your outputs, your scheduled task results — none of it touches us.
• We never receive your Anthropic credentials. You sign into Claude directly on your own desktop. Same as on your home laptop.
• Single-tenant VMs. One Windows Server instance per customer. Nobody else's processes run on your machine.
• Encrypted in transit. RDP traffic is TLS-encrypted end-to-end by Windows. We can't read it. Neither can the network.
• 7-day wipe on cancel. VM destroyed, disk wiped within 7 days of cancellation. Backups follow within 30.

We see what we need to run the business — your email, your plan, your region, your support tickets, and the metadata Stripe needs to charge you. That's it. Everything else lives on your desktop, which only you can sign into.

1. Who we are

Standby is operated by Standby Cloud LLC, a single-member limited liability company organized in Illinois, United States. The contact for privacy questions is hello@trystandby.com.

2. Information we collect

We collect only what we need to provide, bill, and support the service.

From you, directly

• Your email address (so we can deliver credentials and support replies)
• Your preferred region for VM placement (US-East, US-West, EU-Central)
• The contents of support emails you send us
• Billing details collected by Stripe on our behalf — we never see your full card number; we see the last 4 digits and the expiry month/year, plus billing address as required by Stripe

Automatically

• Anonymous web analytics on trystandby.com (page views, referrer, country at a coarse level) via privacy-friendly tools. No third-party ad cookies. No cross-site tracking.
• Operational logs from our customer-facing systems (our website, our support inbox) — request timestamps, IP addresses, user agents. Retained for ≤30 days.

What we do NOT collect

• Anything happening on your Standby desktop. No screen recording. No keystroke logging. No clipboard monitoring. No active monitoring agents installed on your VM.
• Claude activity. We don't log Claude prompts, Claude outputs, Cowork actions, Claude Code runs, or scheduled task results. None of that data touches our systems.
• Your Anthropic account credentials. You sign in directly to claude.com from the browser on your Standby desktop. We never see your username or password.
• Your files or data. Files you create or store on the Standby desktop stay on the disk attached to your VM. They are not backed up to systems we control.

3. How we use information

Strictly for these purposes:

• Providing the service (provisioning VMs, sending credentials, answering support requests)
• Billing and accounting (Stripe handles this — we use their reports)
• Communicating about your account (welcome emails, security notices, plan changes you initiate)
• Legal compliance (tax, fraud prevention)

We do not sell your data, ever. We do not share it with advertisers. We do not use it to train AI models.

4. Service providers we use

Running Standby requires a small set of vendors. Each one only sees the data they need.

• Stripe (payments) — collects and stores billing details, processes recurring charges. See Stripe's privacy policy.
• Kamatera (infrastructure) — hosts your Windows Server VM. They have administrative access to the hypervisor but do not access guest OS contents in normal operation. See Kamatera's privacy policy.
• Cloudflare (DNS + email routing) — handles trystandby.com DNS and forwards customer-facing email to our inbox. See Cloudflare's privacy policy.
• Google (Gmail) — our support inbox lives at standbycloudllc@gmail.com. Email content is processed by Google per their privacy policy.

5. Single-tenant architecture

Every Standby customer gets a dedicated Windows Server 2022 virtual machine. We do not share compute, memory, or disk between customers. When your VM is provisioned, it is yours alone until you cancel.

This is the architectural reason "no logs" is meaningful. There is no shared logging plane that watches everyone — there's just your VM, and we have no special instrumentation running on it.

6. Encryption

• In transit: Microsoft's Remote Desktop Protocol uses TLS encryption by default. RDP traffic between your device and your Standby VM is encrypted end-to-end. Your ISP, our hosting provider, and we ourselves cannot read it.
• At rest: Your VM disk is backed by Kamatera's storage layer, which provides standard at-rest encryption. We do not have separate access to disk contents.

7. Retention and deletion

• Active customers: we keep your account email, plan, region, and billing history for as long as you're a customer.
• On cancellation: your VM is powered off immediately at the end of your paid period and destroyed within 7 days. Disk snapshots, if any existed for support purposes, are deleted at the same time. Stripe customer record stays per Stripe's retention rules (typically 7 years for tax) but you'll never be charged again.
• Support emails: kept in our Gmail inbox indefinitely for service continuity. You can email us to request deletion.

8. Your rights

Depending on where you live, you may have legal rights to access, correct, delete, or export your personal data. We honor these requests regardless of jurisdiction.

• To access: email hello@trystandby.com. We'll respond within 30 days with a copy of what we have.
• To delete: email us with "delete my data" in the subject. We'll close your account, destroy your VM immediately, and remove your account data within 30 days. Some data must be retained for legal/tax reasons.
• To export: we'll send you a JSON export of your account record.
• To complain: if you're in the EU/UK, you can file a complaint with your local data protection authority. In California, you can contact the California Attorney General's office.

9. Children

Standby is not for users under 18. We do not knowingly collect data from minors. If you are a parent and believe your child has created an account, email us — we'll delete it.

10. International transfers

Standby is a US-based service. Data may be processed in the US even if you're abroad. By using Standby you consent to this transfer.

11. Changes to this policy

We may update this policy as the service evolves. Material changes will be announced via email to your account address at least 30 days before they take effect. The current version always lives at this URL.

12. Contact

For any privacy question, write to hello@trystandby.com. Kam reads every email. We answer within 48 hours, usually faster.

This policy is licensed under CC BY 4.0 and you're welcome to adapt it for your own service. Just don't claim our exact wording as your own legal review.