California Privacy Notice

Privacy Notice for California Residents

Effective: December 10, 2025

This Privacy Notice for California Residents ("Privacy Notice") supplements the information contained in the OVHcloud US ("OVHcloud") Privacy Policy and applies solely to visitors, users, and others who reside in the State of California ("Consumers," "you," or "your"). We adopt this notice to comply with the California Consumer Privacy Act of 2018 and the California Consumer Privacy Rights Act of 2020 (collectively, the "CCPA") and other applicable California privacy laws. Any terms defined in our Privacy Policy or in the text of the CCPA have the same meaning when used in this Privacy Notice.

Information We Obtain

Our Site collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal Data"). In particular, we have collected the following categories of Personal Data from Consumers within the last twelve (12) months.

Category	Examples	Purpose
Identifiers	A real name; alias; postal address; address; telephone number; email address; account name; social media handle; other similar identifiers.	To provide you with information about the OVHcloud Services that you request from us; to provision and deliver the OVHcloud Services; to prevent fraudulent transactions and to maintain the security of the OVHcloud Services and our infrastructure.
Information that may be deemed sensitive under applicable laws	Login credentials, government identification numbers, race or ethnic origin, etc.	To provision and deliver the OVHcloud Services; to prevent fraudulent transactions and to maintain the security of the OVHcloud Services and our infrastructure.
Commercial information	Products or services purchased, obtained, or considered; other purchasing or consuming histories or tendencies.	To analyze the way in which Consumers are accessing and using the OVHcloud Services so that we can perform necessary marketing activities; to further improve the Site and the OVHcloud Services.
Internet or other similar network activity	Browsing history; search history; unique personal identifier; online identifier; Internet Protocol address; information on a consumer’s interaction with a website, application, or advertisement.	To analyze how you are accessing and using our Site and the OVHcloud Services so that we can further develop and improve our Site and the OVHcloud Services; to conduct marketing activities.
Geolocation data	Physical location or movements	To ensure the proper Site experience is delivered; to analyze web traffic so as to conduct marketing activities.

Personal Data does not include:

Publicly available information from government records.
Deidentified or aggregated information.
Information excluded from the scope of the CCPA, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data

We obtain the Personal Data listed above from the following categories of sources:

Directly from you. For example, from the information you disclose when you create an account in the OVHcloud Control Panel; when you purchase the OVHcloud Services; when you subscribe to our mailing list; or, when you engage our customer support team.
Indirectly from you. For example, from observing your actions on our Site.
From third parties. For example, from publicly available sources and data brokers.

Use of Personal Data

In addition to the purposes stated above, we may use or disclose Personal Data obtained from you for one or more of the following business purposes:

To fulfill or meet the reason you provided the Personal Data. For example, if you share your name and email address to receive information about OVHcloud Services, we will use that Personal Data to respond to your inquiry. If you provide your Personal Data to purchase OVHcloud Services, we will use that information to process your payment and provide the applicable OVHcloud Services that you purchased.
To provide, support, personalize, improve, and develop our Site, your interaction with our Site, and the OVHcloud Services.
To provide you with the information that you request from us.
To create, maintain, customize, and secure your OVHcloud Control Panel account.
To prevent transactional fraud.
As necessary or appropriate to protect the rights, property or safety of us, our customers or others.
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
To deliver specific content and relevant offerings, including event registrations, alerts, offers, and ads delivered through our Site and via email (with your consent, where required by law).
For testing, research, and analysis of our Site and the OVHcloud Services.
To respond to valid law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described to you when collecting your Personal Data.

Disclosure Personal Data

We may disclose each category of your Personal Data identified in the above table, including information that may be deemed sensitive under applicable laws, to another entity for a business purpose. Such third parties generally include our OVH SAS and affiliates and service providers. When we disclose Personal Data for a business purpose, we enter into written agreement with that other entity which describes the purpose of the Personal Data disclosure. Amongst other things, the agreement imposes strict duties of confidentiality in regard to the handling of the Personal Data and mandates that the Personal Data not be used for any purpose except in strict performance of the services rendered under the applicable agreement.

We do not “sell” Personal Data or “share” Personal Data for cross-context behavioral advertising (as those terms are defined under California law). Instead, where we may use cookies for marketing purposes, for example, we do so at your instruction based on your decision to enable these cookies.

Your Rights and Choices

The CCPA provides Consumers with specific rights regarding their Personal Data. This section describes your CCPA rights and explains how to exercise those rights.

You have the right to request that OVHcloud disclose certain information to you about our collection and use of your Personal Data over the past twelve (12) months. Pursuant to the process described below, once we receive and confirm that you have made a valid Consumer request, we will disclose to you:

Right to Correct: You may have the right to correct inaccurate data in certain circumstances.
Right to Deletion: You may be entitled to request that we delete the Personal Data that we have collected from you. We will use commercially reasonable efforts to honor your request, in compliance with applicable laws. This process is discussed in further detail below.
Right to Know: You may have the right to confirm that we have collected Personal Data about you and know what Personal Data we have collected about you.
Right to Opt Out of Profiling: You may have the right to opt out certain uses of your Personal Data in furtherance of decisions that produce legal or similarly significant effects.
Right to Restrict Processing of Information that may be Deemed Sensitive under Applicable Laws: You may have the right to request for us to restrict the processing of your Personal Data.

Deletion Request Rights

You have the right to request that we delete any of your Personal Data that we have obtained or collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable Consumer request, we will delete (and direct our service providers to delete, if applicable) your Personal Data from our records, unless an exception applies.

We may deny your deletion request if retaining the Personal Data is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the Personal Data, provide the OVHcloud Services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
Help to ensure the security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes;
Debug affected OVHcloud Services and/or to identify and repair errors to the OVHcloud Services that impair existing intended functionality;
Exercise free speech, ensure the right of another individual to exercise that consumer’s free speech rights, or exercise another right provided for by law;
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when the business’s deletion of the Personal Data deletion may likely render impossible or seriously impair the ability to complete such research, if you previously provided informed consent;
Enable solely internal uses that are reasonably aligned with your expectations based upon our business relationship and compatible with the context in which you provided the information; or
Comply with a valid legal obligation.

Non Discrimination

You may freely exercise these rights without fear of being denied the OVHcloud Services. We may, however, provide a different level of service or charge a different rate reasonably relating to the value of your Personal Data.

Exercising Your Rights

To exercise the right to opt out of our use of your Personal Data for "sales"/"sharing" for cross-contextual behavioral advertising, as those terms are defined under California law, please disable marketing cookies in our cookie preference center. To exercise any of your available rights, please submit a request to us by:

Visiting our Exercise Your Privacy Rights page
Emailing privacy@corp.ovh.us

Only you, or a person that you authorize to act on your behalf, may make a verifiable Consumer request related to your Personal Data. You may also make a verifiable Consumer request on behalf of your minor child. If you are submitting a request through an authorized agent, such authorized agent must provide us with your signed written permission stating that the agent is authorized to make the request on your behalf. We may also request that any authorized agents verify their identity and may reach out to you directly to confirm that you have provided the agent with your permission to submit the request on your behalf. We may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

You may only make a verifiable Consumer request to access or know information about the collection of your personal data twice within a twelve (12) month period. The verifiable Consumer request must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We may need to obtain additional information from you in order to verify or otherwise fulfill your request. For example, we may ask you to confirm data points we already have about you. We will only use Personal Data provided in a consumer request to verify or otherwise fulfill that request. We cannot provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable Consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable Consumer request to verify the requestor's identity or authority to make the request.

Request Timing and Format

We endeavor to respond to a verifiable Consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us associated with a valid e-mail address, we will e-mail our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Security

We maintain reasonable security measures designed to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in light of the risks inherent in processing this information. However, the Internet cannot be guaranteed to be fully secure, and we cannot ensure or warrant the security of any information you provide to us. Please keep this in mind when providing us with your Personal Data.

Data Retention Practices

We will retain the Personal Data, described above, for as long as reasonably necessary or permitted, and proportionate to the purpose for which it was collected, for example, to provide you with the Services that you are using or have requested, for the establishment, exercise or defense of legal claims, and as needed to comply with our legal obligations.

Changes to Our Privacy Notice

We reserve the right to amend this Privacy Notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email, through a notice on our Site, or any other method required by applicable law.

Contact Us

If you have any questions or comments about this Privacy Notice, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Website: https://us.ovhcloud.com/

Email: privacy@corp.ovh.us

Postal Address:
OVH US LLC
Attention: Privacy
11950 Democracy Drive
Suite 300
Reston, VA 20190