Privacy Policy

How we collect, use, and protect your personal information

GDPR Compliant • Last updated: January 2025
Our Commitment to Privacy
GDPR-compliant data protection for all our customers

At NexifyHosting, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Key Principles:

  • • We only collect data necessary for our services
  • • Your data is never sold to third parties
  • • You have full control over your personal information
  • • We use industry-standard security measures
  • • Transparent communication about data practices
Data Controller Information
Who is responsible for your data

NexifyHosting

Address: Amsterdam, Netherlands

Email: privacy@nexifyhosting.com

Data Protection Officer: dpo@nexifyhosting.com

As the data controller, we determine the purposes and means of processing your personal data. We are responsible for ensuring compliance with applicable data protection laws.

Information We Collect
Types of data we collect and why

Account Information

  • • Name and email address
  • • Billing address and payment information
  • • Account preferences and settings
  • • Communication history with support

Legal Basis: Contract performance and legitimate interests

Technical Information

  • • IP addresses and connection logs
  • • Browser type and operating system
  • • Server usage statistics and performance data
  • • Error logs and diagnostic information

Legal Basis: Legitimate interests (service provision and security)

Service Data

  • • Server configurations and files
  • • Backup data and snapshots
  • • Usage metrics and resource consumption
  • • Application logs and monitoring data

Legal Basis: Contract performance

How We Use Your Data
Purposes for processing your personal information

Service Provision

  • • Account creation and management
  • • Server provisioning and maintenance
  • • Technical support and troubleshooting
  • • Service monitoring and optimization

Business Operations

  • • Billing and payment processing
  • • Invoice generation and accounting
  • • Usage analytics and reporting
  • • Service improvement and development

Security & Compliance

  • • Fraud prevention and detection
  • • Security monitoring and incident response
  • • Legal compliance and regulatory requirements
  • • Abuse prevention and investigation

Communication

  • • Service notifications and updates
  • • Marketing communications (with consent)
  • • Customer support interactions
  • • Important account information
Data Sharing & Third Parties
When and how we share your information

We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Limited Sharing Scenarios:

  • Service Providers: Payment processors, cloud infrastructure providers, and monitoring services (under strict data processing agreements)
  • Legal Requirements: When required by law, court order, or to protect our legal rights
  • Business Transfers: In case of merger, acquisition, or sale of assets (with notice to customers)
  • Consent: When you explicitly consent to sharing for specific purposes
Your Rights Under GDPR
You have comprehensive rights over your personal data

Access & Portability

  • • Right to access your personal data
  • • Receive data in a portable format
  • • Information about data processing
  • • Copy of data we hold about you

Control & Correction

  • • Right to rectify inaccurate data
  • • Right to complete incomplete data
  • • Right to restrict processing
  • • Right to object to processing

Deletion & Withdrawal

  • • Right to erasure ("right to be forgotten")
  • • Withdraw consent at any time
  • • Delete account and associated data
  • • Stop processing for marketing

Complaints & Appeals

  • • Lodge complaints with supervisory authority
  • • Appeal our decisions
  • • Seek judicial remedies
  • • Contact our Data Protection Officer

How to Exercise Your Rights:

Contact us at privacy@nexifyhosting.com or through your account panel. We will respond within 30 days.

Note: Some rights may be limited by legal obligations or legitimate interests. We will explain any limitations in our response.

Cookies & Tracking
How we use cookies and similar technologies

Types of Cookies We Use:

Essential Cookies

Required for basic website functionality

  • • Session management
  • • Authentication
  • • Security features
  • • Load balancing
Functional Cookies

Enhance user experience and preferences

  • • Language preferences
  • • Theme settings
  • • Form data
  • • User preferences
Analytics Cookies

Help us understand website usage (with consent)

  • • Page views and traffic
  • • User behavior patterns
  • • Performance metrics
  • • Error tracking
Marketing Cookies

Personalized advertising (opt-in only)

  • • Ad personalization
  • • Campaign tracking
  • • Conversion measurement
  • • Retargeting

Cookie Management:

You can control cookies through your browser settings or our cookie preference center. Note that disabling essential cookies may affect website functionality.

Data Security & Protection
How we protect your personal information

Technical Safeguards:

  • • End-to-end encryption for data transmission
  • • AES-256 encryption for data at rest
  • • Regular security audits and penetration testing
  • • Multi-factor authentication for admin access
  • • Automated backup systems with encryption
  • • Network firewalls and intrusion detection

Organizational Measures:

  • • Staff training on data protection principles
  • • Access controls and role-based permissions
  • • Data processing agreements with third parties
  • • Incident response and breach notification procedures
  • • Regular policy reviews and updates
  • • Privacy by design in system development

Data Breach Response:

In the unlikely event of a data breach, we will notify affected customers and relevant authorities within 72 hours as required by GDPR. We maintain comprehensive incident response procedures to minimize impact and prevent future occurrences.

Data Retention & Deletion
How long we keep your information

Active Accounts

  • • Account data: Duration of service + 1 year
  • • Billing records: 7 years (legal requirement)
  • • Server logs: 90 days
  • • Support tickets: 3 years
  • • Backup data: 30 days

Closed Accounts

  • • Personal data: Deleted within 30 days
  • • Billing records: Retained for legal compliance
  • • Anonymized analytics: May be retained
  • • Legal hold data: Until resolution
  • • Backup purging: 90 days maximum

Automated Deletion:

We use automated systems to ensure data is deleted according to our retention schedules. You can request immediate deletion of your account and associated data at any time, subject to legal obligations.

International Data Transfers
How we handle data across borders

Data Location:

Our primary data centers are located in the European Union (Netherlands and Germany). We may transfer data to other countries only when necessary and with appropriate safeguards.

Transfer Safeguards:

  • • EU Standard Contractual Clauses (SCCs)
  • • Adequacy decisions by the European Commission
  • • Binding Corporate Rules where applicable
  • • Explicit consent for specific transfers
  • • Regular assessment of transfer mechanisms

EU Data Residency: For customers who require data to remain within the EU, we offer data residency guarantees. Contact us to discuss your specific requirements.

Privacy Contacts & Complaints
How to reach us about privacy matters

Data Protection Officer

Email: dpo@nexifyhosting.com

Response Time: Within 30 days

Languages: English, Dutch

General Privacy Inquiries

Email: privacy@nexifyhosting.com

Response Time: Within 5 business days

Available: 24/7 via email

Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the relevant supervisory authority:

Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

Website: autoriteitpersoonsgegevens.nl

Phone: +31 70 888 8500

Email: info@autoriteitpersoonsgegevens.nl

Policy Updates
How we handle changes to this privacy policy

Notification of Changes:

  • • Email notification for material changes
  • • 30-day notice period before implementation
  • • Prominent notice on our website
  • • Version history available upon request

Your Options:

If you disagree with policy changes, you may terminate your account before the changes take effect. Continued use of our services after the notice period constitutes acceptance of the updated policy.

Current Version: 2.1 (January 2025)
Previous Update: December 2024
Next Review: July 2025

Terms of ServiceRefund PolicyBack to Home