Privacy Policy

How we collect, use, share and protect your personal information.

Last updated: 2023-10-01 • Privacy contact: privacy@brainhost.com

• Related: Terms of Service · Acceptable Use Policy · Docs · Support

Controller Information & Scope

Data Controller: BrainHost Inc. (registered address: 123 Tech Street, Silicon Valley). Privacy contact: privacy@brainhost.com.

This Privacy Policy applies to personal data collected through our official website, customer portal, APIs, VPS monitoring systems, and support channels.

Information We Collect

Account Information

Name, email address, company name, country, and other registration details.

Billing Information

Payment card details are collected by payment processors; we only store tokens and last four digits.

Technical Logs

IP addresses, User-Agent strings, activity timestamps, and system access logs.

Support Communications

Support tickets, chat messages, and any files you share with our support team.

Marketing Preferences

Optional newsletter subscriptions and communication preferences.

Cookies & Local Storage

Session data, user preferences, analytics data, and functional cookies.

Usage Purposes & Legal Basis

Service Provision & Billing

Legal Basis: Contract performance. Essential for providing VPS services and processing payments.

Security & Abuse Prevention

Legal Basis: Legitimate interests. Protecting our systems and preventing misuse.

Legal Compliance

Legal Basis: Legal obligation. Meeting regulatory and law enforcement requirements.

Marketing Communications

Legal Basis: Consent. You can unsubscribe at any time.

Sharing & Data Processors

We share personal data with trusted processors under contractual obligations:

• Payment processors for billing and transactions
• HostBill for customer management and billing
• Anti-abuse and security monitoring services
• Email service providers for communications
• Infrastructure monitoring and logging services

We do not sell personal information to third parties for marketing purposes.

Data Retention & Deletion

We retain personal data for the shortest necessary period based on purpose and legal requirements. Data is anonymized or deleted when no longer needed.

You may request deletion of your data, subject to legal retention exceptions (e.g., financial records, abuse investigations).

International Transfers & Security

International Transfers

Where applicable law requires, we implement appropriate safeguards such as Standard Contractual Clauses. Copies or summaries are available upon request.

Security Measures

We employ encryption in transit and at rest, access controls, principle of least privilege, and audit logging. You should secure your credentials and enable two-factor authentication.

Your Rights

Depending on your jurisdiction, you may have rights to:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate information
• Erasure: Request deletion of your data
• Restriction: Limit processing of your data
• Portability: Receive your data in a structured format
• Object: Opt out of certain processing activities
• Withdraw Consent: For consent-based processing

To exercise these rights, contact privacy@brainhost.com. We will respond within applicable legal timeframes and will not discriminate against you for exercising your rights.

Cookies & Tracking Technologies

We use cookies and similar technologies for:

• Essential: Required for basic site functionality
• Functional: Remember your preferences and settings
• Analytics: Understand how you use our services
• Marketing: Deliver relevant advertisements (with consent)

Manage Cookie Preferences

Children's Privacy

Our services are not directed to individuals under 18 years of age. If we discover we have inadvertently collected information from a minor, we will delete it promptly.

Policy Changes & Notifications

Updates to this Privacy Policy will be published on this page. Material changes may be communicated via email or service announcements.

Contact Us

For privacy-related questions or to exercise your rights, contact: privacy@brainhost.com.

You may also file complaints with your local data protection authority (for EU residents, your national Data Protection Authority).

Regional Supplements

European Union & United Kingdom (GDPR)

Data Subject Rights

Under GDPR, you have enhanced rights including the right to lodge complaints with supervisory authorities and receive compensation for damages.

Legal Basis Details

We process your data based on Article 6(1) legal bases: contract performance, legal obligations, legitimate interests, and consent where applicable.

International Transfers

Transfers outside the EU/UK are protected by adequacy decisions or Standard Contractual Clauses approved by the European Commission.

California (CPRA/CCPA)

Categories of Information

We collect identifiers, commercial information, internet activity, and professional information as described in our collection practices above.

Do Not Sell or Share

We do not sell or share personal information for cross-context behavioral advertising. You can exercise opt-out rights if this changes.

Consumer Rights Request

California residents can submit requests through our CCPA Request Portal (link available in your account area).

Related

• Terms of Service
• Acceptable Use Policy
• System Status