🚀 Launch promotion: Get 17% off all annual bare metal dedicated servers!

Privacy Policy

How HostBilby Inc. collects, uses, stores and shares personal data — including GDPR, cookies and your rights.

Privacy Policy

Data Controller: HostBilby Inc., 155-2 King Street West, Unit #470, Hamilton, ON L8P 4S0, Canada. Phone (905) 518-8125. Email privacy@hostbilby.com.

Purpose

This policy outlines five key areas: the types of personal data we collect, how we use it, your access rights, your other rights and our cookie practices.

GDPR Compliance

HostBilby adheres to Regulation (EU) 2016/679 for EU users and the Data Protection Act 2018 for UK users. We have not appointed a Data Protection Officer as we do not fall under required GDPR categories.

Consent

You consent to this policy by using the Site. Consent withdrawal is available by contacting our privacy officer, though prior processing remains valid.

Legal Basis for Processing

We rely on your consent for specific purposes and on the necessity of processing to perform contractual obligations.

Personal Data Collected

Automatically collected: IP address, location, clicked links and content viewed.

Not automatically collected: Name, email, phone, address and payment information, collected via account creation, email subscriptions and service provision.

Data Usage

Automatically collected data is used for statistics. Manually collected data is used for communication, billing and service validation.

Data Sharing

We share data with Stripe for credit card processing only. Data may also be shared if legally required, for legal proceedings, to protect rights or in the event of a company sale.

Data Storage

Data is retained until the collection purpose is achieved. You will be notified if extended retention is required.

Security Measures

We use the strongest available browser encryption and store all of our data on servers in secure facilities. Credit card data is stored exclusively with Stripe.

Automated Decision-Making

You have the right to object to solely automated decisions. We use MaxMind Fraud Services for order verification. Declined services result when 3DS fails or the customer enters mismatching information.

Your Rights (GDPR)

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object

Children

The minimum age to use our services is 18. Data from children under 16 is deleted immediately upon discovery.

Data Access, Modification or Deletion

Contact our privacy officer using the contact details above to exercise access, deletion or other GDPR rights.

Do Not Track (DNT)

Our Site does not respond to browser DNT signals and we cannot guarantee third-party compliance.

Cookie Policy

  • Functional: Saves user selections.
  • Analytical: Tracks site usage patterns.
  • Third-Party: Enables live chat integration.

Modifications

Policy updates are reflected via Effective Date changes. Periodic review is recommended.

Complaints

You may contact our privacy officer or lodge a complaint with a supervisory authority.