Privacy Policy

Last updated: February 28, 2026

1. Data Controller

Hostendo Ltd. ("Hostendo", "we", "us") is the data controller responsible for processing your personal data in accordance with the EU General Data Protection Regulation (GDPR).

2. Data We Collect

We collect the following categories of personal data:

• Account data: name, email address, company name, billing address, payment information.
• Technical data: IP address, browser type, device information, pages visited, referral URL.
• Service data: hosting configuration, domain registrations, support tickets, service usage metrics.
• Communication data: emails, support messages, and contact form submissions.

3. Purpose of Processing

We process your personal data for the following purposes:

• Providing and maintaining our hosting and domain services.
• Processing payments and managing billing.
• Communicating with you about your account or our services.
• Ensuring security and preventing abuse of our infrastructure.
• Complying with legal obligations.
• Improving our services based on aggregated, anonymized usage data.

4. Legal Basis

We process your data based on: (a) performance of our contract with you, (b) our legitimate interests in operating and improving our services, (c) your consent where applicable, and (d) compliance with legal obligations.

5. Data Storage & Transfers

All customer data is stored in Tier III+ certified data centers located within the European Economic Area (EEA). We do not transfer personal data outside the EEA unless required by law or with appropriate safeguards (e.g., Standard Contractual Clauses).

6. Data Retention

We retain your personal data for the duration of your account and for up to 12 months after account termination for legal and billing purposes. Technical logs are retained for up to 90 days. Backups are retained for up to 30 days.

7. Your Rights

Under the GDPR, you have the right to:

• Access your personal data and obtain a copy.
• Rectify inaccurate or incomplete data.
• Request erasure of your data ("right to be forgotten").
• Restrict or object to processing.
• Data portability (receive your data in a structured format).
• Withdraw consent at any time.
• Lodge a complaint with the Cyprus Data Protection Commissioner.

8. Cookies

We use essential cookies required for the functioning of our website and services. We do not use tracking or advertising cookies. Analytics, if used, rely on anonymized, aggregated data only.

9. Third-Party Services

We may use third-party services for payment processing (Stripe), email delivery, and infrastructure monitoring. These providers process data on our behalf under Data Processing Agreements (DPAs) in compliance with the GDPR.

10. Contact

For privacy-related inquiries, please contact us at support@hostendo.one.