We will NEVER sell your personal data
We carry out all processing operations in strict compliance with European privacy laws and your personal information is always under your control. We want our services to be safe and enjoyable for you, and that is why we value your privacy.
We may collect and receive information about users of our Services ("users," "you," or "your") from various sources, including:
information you provide through your user account on the Services (your "Account") if you register for the Services;
your use of the Services; and
from third-party websites, services, and partners.
What information we collect
Information you provide to us
By registering for an account
When you register for an Account, we may ask for your contact information, including items such as name, email address, company name, address, and telephone number.
By communicating with us
If you contact us directly, we may receive additional information about you like your name, email address, phone number, internet protocol (IP) addresses, the contents of the message and/or attachments you may send us, as well as any other information you may choose to provide. We may also receive a confirmation when you open an email from us.
By making a payment for our services
When you enter your financial information for any payment associated with your Account, that information is directed to any of our third-party payment processors (2Checkout.com, Inc, PayPal (Europe) S.à r.l. et Cie, S.C.A., Worldpay (UK) Limited, Worldpay Limited, Worldpay BV, or Worldpay AP Limited). We do not store your financial account information on our systems; however, we have access to, and may retain, subscriber information through our third-party payment processor.
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
Information we automatically collect when you use our services
Cookies and other tracking technologies
How our services are used
When you use our Services, we may collect information about your engagement with and utilization of our Services, like processor usage, memory usage, storage capacity, navigation of our Services, and system-level metrics. We use this data to operate the Services, maintain and improve the performance and utilization of the Services, develop new features, protect the security and safety of our Services and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.
Information We Gather and Receive from Third Parties
Social media platforms
We operate social media platforms. These platforms are, in most cases, operated outside of the EU and do not comply with current Data Privacy Act and subsequent GDPR provision although they may well conform to the U.S Privacy Shield protocol.
Any personal data gathered on these platforms is only in response to users interacting out of their own will with our marketing pages. The contact is deemed as a legitimate business inquiry. The personal contact data is removed from the social media platform once the user has requested its removal.
Our services use Google Analytics to collect information about how visitors use our website. We anonymize this data at the point of collection and automatically delete user and event data that is older than two years. Google provides some additional privacy options regarding its Analytics cookies at https://www.google.com/policies/privacy/partners/.
Registering with third-party accounts
If you choose to link our Services to a third-party account (such as Facebook and Google), we will receive information about that account, like your authentication token, which authorizes linking, from the third-party account. If you wish to limit the information available to us through your third-party accounts, you should visit the privacy settings of your third-party account to find what are your options.
We may also receive publicly available information about you from our third-party partners and combine it with data that we have about you.
How your information is used
We use the information we collect in various ways, including to:
Provide, manage, and maintain our Services;
Improve, expand, and personalize our Services;
Develop and deploy new products, services, features, and functionalities;
Understand and analyze how you use our Services;
Process your transactions;
Find and prevent fraud;
Communicate with you, either directly or through one of our partners, including for marketing purposes, customer service, to provide you with updates or other information related to the Service;
For compliance purposes, including enforcing our Terms of Service, other legal rights, as may be required by applicable laws and regulations or as requested by any judicial process or governmental agency.
How is information shared
We may share the information we collect in various ways, including the following:
With your consent
We may share information with your consent.
Where legally permissible, we may use and share information about you with our partners in de-identified or aggregated form that can’t reasonably be used to identify you.
Service Providers and Vendors
We may share information with third-party vendors and service providers that provide services on our behalf, such as helping to provide our Services, for promotional and/or marketing purposes, and to provide you with information relevant to you such as special offers, software updates, product announcements, or other information.
We work with third-party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies, blank pixels, and similar technologies on our Services, and they may otherwise collect or have access to information about you which they may collect over time and across different online services. Some of our advertising partners are members of the Digital Advertising Alliance and the Network Advertising Initiative. To learn more about these programs, or opt-out of personalized ads, visit the Network Advertising Initiative at www.networkadvertising.org, or the Digital Advertising Alliance's Self-Regulatory program for Online Behavioral Advertising at www.aboutads.info.
We may share information about users with third-party partners in order to receive additional publicly available information about you.
Information we share when you sign up through a referral/affiliate
If you sign up for our Services through a referral or affiliate, we may share information with your referrer/affiliate to let them know that you used their referral to sign up for our Services.
Transfers of business
Information may be disclosed and otherwise transferred to any potential acquirer, assignee, or successor as part of any proposed merger, sale of assets, debt financing, acquisition, or similar transaction, or in the event of insolvency, receivership, or bankruptcy in which information is transferred to one or more third parties as one of our business assets.
When required by law and similar disclosures
We may also share information to:
satisfy any applicable law, legal process, regulation, or governmental request;
detect, prevent, or otherwise address security, fraud, or technical issues;
respond to your requests; or
protect our property or safety, rights, our users and the public.
This includes exchanging information for fraud protection and spam/malware prevention with other companies and organizations.
Legal basis for processing personal information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only:
where we have your consent to do so;
where the processing is in our legitimate interests and not overridden by your rights;
where we need the personal information to perform a contract with you.
We have a legitimate interest in operating our Services and communicating with you when necessary to provide these Services. In example, when improving our platform, undertaking marketing, responding to your queries, or for the purposes of detecting or preventing illegal activities.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
In case we need you to provide personal information to us to perform a contract with you or to comply with a legal requirement, we will make this clear at the relevant time and explain whether your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
You may access other third-party services through the Services, for example by clicking on links to those third-party services from within the Services. We are not responsible in any way for the privacy policies and/or practices of these third-party services, and we encourage you to carefully review their privacy policies.
Securing your data
We are committed to protecting your data and personal information. We employ a variety of security measures and technologies, that are designed to defend against unauthorized access, use, or disclosure. Please bear in mind that the Internet cannot be guaranteed to be 100% secure. However, we aim to provide a level of security that can cover the possible risks when processing your personal information.
Keeping your data
We keep personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable tax, accounting, or legal requirements).
If we have no ongoing legitimate business need to process your personal information, we will either anonymize or delete it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Management over the data we have for you
If you have registered with us, you may access certain information associated with your Account by logging into our Services or emailing us at email@example.com. If you choose to terminate your Account, any public activity on your Account prior to deletion may remain stored on our servers and may remain accessible to the public.
To protect your privacy and security, we may have to verify your identity before updating or removing your information. The information you provide us may be archived or stored periodically by us according to backup processes conducted in the ordinary course of business for disaster recovery purposes. Your ability to access and correct your information may be temporarily limited where access and correction could:
inhibit our ability to investigate, make or defend legal claims;
inhibit our ability to comply with a legal obligation;
result in disclosure of personal information about a third party; or
result in breach of a contract or disclosure of trade secrets or other proprietary business information belonging to us or a third party.
If you are a resident of the EEA, you have the following data protection rights:
You can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information at any time by emailing us firstname.lastname@example.org.
You can access, correct, update, or request deletion of your personal information at any time by emailing us at email@example.com.
You can opt-out of our marketing communications that we send you at any time by clicking on the "unsubscribe" or "opt-out" link in the marketing emails you receive from us. To opt-out of other forms of marketing, please contact us by emailing firstname.lastname@example.org.
You have the right to complain to a data protection authority about our collection and use of your personal information. Please contact your local data protection authority for further information.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
You can use some of the features of the Services without registering and limit the type of information that we collect. You can unsubscribe from receiving certain promotional emails from us by following the instructions at the end of the promotional email. Please note that if you have unsubscribed, we may still contact you for informational, transactional, account-related, or similar purposes.
Privacy of children
International transfer of data
The data controller of your personal information is PhpHost, represented by Attractsoft GmbH.
Like most websites, we gather certain information automatically and when you use our Services, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, browser plug-ins, screen resolution, window size, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be saved on your computer or device when you visit our Services. Cookies contain a small amount of information that allows our web servers to recognize you. We store information that we collect through cookies, log files, and/or empty gifs to record your preferences. We may also automatically collect information about your use of features of our Services, about the functionality of our Services, frequency of visits, and other information related to your interactions with the Services. We may track your use across different websites and services. In some countries, including countries in the European Economic Area ("EEA"), the information referenced above in this paragraph may be considered personal information under applicable data protection laws.
We use the following cookies on our website:
External/functional web services cookies
We use external web services to enhance our website with content such as fonts, JS/CSS frameworks, as well as live chat service.
We use Google Analytics and Facebook cookies to monitor visitor activity on our website such as which pages you visit, what browser you use (desktop or mobile), etc. No personally identifiable data is included in this type of reporting. We do not share information about this analysis with any third parties. We use the IP anonymization feature in Google Analytics.
We use Google and Facebook cookies to monitor visitor activity on our website, such as which pages you visit, so our marketing partners can use them to show you relevant marketing content. No personally identifiable data is included in this type of cookies. To learn more, or opt-out of personalized ads, visit the Network Advertising Initiative at www.networkadvertising.org, or the Digital Advertising Alliance's Self-Regulatory program for Online Behavioral Advertising at www.aboutads.info.
How you can block cookies
This Data Processing Agreement describes the requirements of the European General Data Protection Regulation (GDPR) that comes into effect on May 25, 2018. PhpHost's services offered in the European Union are GDPR compliant and this Data Processing Agreement (DPA) provides you with the necessary information of this compliance.
The services offered on PhpHost subject to this DPA are provided by Attractsoft GmbH, registered in Germany, Registration No.: HRB 7963 KI.
This Data Processing Agreement (DPA) is an addendum to the Terms of Services (such as Free Shared Hosting, Premium Shared Hosting, Semi-Dedicated Hosting, VPS Hosting, Certificate Services Agreement, Domain Names Registration, Domain Privacy Protection Agreement and Affiliate Terms of Services) between PhpHost and the Client.
All capitalized terms not defined in this DPA shall have the meanings set forth in the Terms of Services. The client enters into this DPA on behalf of itself and, to the extent required under Data Protection Laws, in the name and on behalf of its Authorized Affiliates (defined below).
The parties agree to the following:
Affiliate means an entity that directly or indirectly Controls, is Controlled by or is under common Control with an entity.
Authorized Affiliate means any of Customer Affiliate(s) permitted to or otherwise receiving the benefit of the Services pursuant to the Terms of Services.
Control means an ownership, voting or similar interest representing fifty percent (50%) or more of the total interests then outstanding of the entity in question. The term Controlled shall be construed accordingly.
Controller means an entity that determines the purposes and means of the processing of Personal Data.
Customer Data means any data that PhpHost and/or its Affiliates processes on behalf of the Client in the course of providing the Services under the Terms of Services.
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Data Protection Laws means all data protection and privacy laws and regulations applicable to the processing of Personal Data under the Terms of Services, including, where applicable, EU Data Protection Law.
EU Data Protection Law means (i) prior to May 25, 2018, Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data (Directive) and on and after May 25, 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (GDPR); and (ii) Directive 2002/58/EC concerning the processing of Personal Data and the protection of privacy in the electronic communications sector and applicable national implementations of it (in each case, as may be amended, superseded or replaced).
Personal Data means any Customer Data relating to an identified or identifiable natural person to the extent that such information is protected as personal data under applicable Data Protection Law.
Processor means an entity that processes Personal Data on behalf of the Controller.
Processing has the meaning given to it in the GDPR and process, processes and processed shall be interpreted accordingly.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance.
Security Incident means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data.
Services means any service distributed by PhpHost and provided by Attractsoft GmbH to the Client pursuant to and as more particularly described in the Terms of Services.
Sub-processor means any Processor engaged by PhpHost or its Affiliates to assist in fulfilling its obligations with respect to providing the Services pursuant to the Terms of Services or this DPA. Sub-processors may include third parties or any PhpHost Affiliate.
DPA Scope and Applicability
This DPA applies where and only to the extent that PhpHost processes Personal Data on behalf of the Client in the course of providing the Services and such Personal Data is subject to Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom. The parties agree to comply with the terms and conditions in this DPA in connection with such Personal Data.
Role of the Parties
As between PhpHost and the Client, the Client is the Controller of Personal Data and PhpHost shall process Personal Data only as a Processor on behalf of the Client. Nothing in the Terms of Services or this DPA shall prevent PhpHost from using or sharing any data that PhpHost would otherwise collect and process independently of the Client's use of the Services.
The Client agrees that (i) it shall comply with its obligations as a Controller under Data Protection Laws in respect of its processing of Personal Data and any processing instructions it issues to PhpHost; and (ii) it has provided notice and obtained (or shall obtain) all consents and rights necessary under Data Protection Laws for PhpHost to process Personal Data and provide the Services pursuant to the Terms of Services and this DPA.
PhpHost Processing of Personal Data
As a Processor, PhpHost shall process Personal Data only for the following purposes: (i) processing to perform the Services in accordance with the Terms of Services; (ii) processing to perform any steps necessary for the performance of the Terms of Services; and (iii) to comply with other reasonable instructions provided by the Client to the extent they are consistent with the terms of these Terms of Services and only in accordance with the Client’s documented lawful instructions. The parties agree that this DPA and the Terms of Services set out the Client’s complete and final instructions to PhpHost in relation to the processing of Personal Data and processing outside the scope of these instructions shall require prior written agreement between the Client and PhpHost.
Nature of the Data
PhpHost handles Customer Data provided by the Client. Such Customer Data may contain special categories of data depending on how the Services are used by Client. The Customer Data may be subject to the following process activities: (i) storage and other processing necessary to provide, maintain and improve the Services provided to the Client; (ii) to provide client and technical support to the Client; and (iii) disclosures as required by law or otherwise set forth in the Terms of Services.
Notwithstanding anything to the contrary in the Terms of Services (including this DPA), Client acknowledges that PhpHost shall have a right to use and disclose data relating to and/or obtained in connection with the operation, support and/or use of the Services for its legitimate business purposes, such as billing, accounting, account management, technical support, product development, sales, marketing and digital marketing. To the extent any such data is considered personal data under Data Protection Laws, PhpHost is the Controller of such data and accordingly shall process such data in compliance with Data Protection Laws.
The Client agrees that PhpHost may engage Sub-processors to process Personal Data on the Client's behalf.
PhpHost shall: (i) enter into an agreement with the Sub-processor imposing data protection terms that require the Sub-processor to protect the Personal Data to the standard required by Data Protection Laws; and (ii) remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of the Sub-processor that cause PhpHost to breach any of its obligations under this DPA.
PhpHost shall implement and maintain appropriate technical and organizational security measures to protect Personal Data from Security Incidents and to preserve the security and confidentiality of the Personal Data, in accordance with PhpHost 's security standards.
Confidentiality of Processing
PhpHost shall ensure that any person authorized to process Personal Data (including staff members, agents and subcontractors) shall be under an appropriate obligation of confidentiality.
Security Incident Response
Upon becoming aware of a Security Incident, PhpHost shall notify the Client without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by the Client.
Updates to Security Measures
The Client acknowledges that the Security Measures are subject to technical progress and development and that PhpHost may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services purchased by the Client.
Client’s General Data Protection Rights
Right of confirmation
Each data subject shall have the right to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed.
Right of access
Each data subject shall have the right to obtain from the controller free information about his or her personal data stored at any time and a copy of this information.
Right to rectification
Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
Right to erasure (Right to be forgotten)
Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay.
Right of restriction of processing
Each data subject shall have the right to obtain from the controller restriction of processing.
Right to data portability
Each data subject shall have the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
Right to object
Each data subject shall have the right to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her.
Automated individual decision-making, including profiling
Each data subject shall have the right to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her.
PhpHost processes EU Data (defined below) in data centers located inside the European Union. All other Customer Data may be transferred and processed in the United States and anywhere in the world where the Client, its Affiliates and/or its Sub-processors maintain data processing operations. PhpHost shall implement appropriate safeguards to protect the Personal Data, wherever it is processed, in accordance with the requirements of Data Protection Laws.
Deletion of Data
Upon deactivation of the Services, all Personal Data will be deleted, save that this requirement shall not apply to the extent PhpHost is required by applicable law to retain some or all of the Personal Data, or to Personal Data it has archived on back-up systems, which such Personal Data PhpHost shall securely isolate and protect from any further processing, except to the extent required by applicable law.