Privacy Policy
How HostBilby Inc. collects, uses, stores and shares personal data — including GDPR, cookies and your rights.
Privacy Policy
Data Controller: HostBilby Inc., 155-2 King Street West, Unit #470, Hamilton, ON L8P 4S0, Canada. Phone (905) 518-8125. Email privacy@hostbilby.com.
Purpose
This policy outlines five key areas: the types of personal data we collect, how we use it, your access rights, your other rights and our cookie practices.
GDPR Compliance
HostBilby adheres to Regulation (EU) 2016/679 for EU users and the Data Protection Act 2018 for UK users. We have not appointed a Data Protection Officer as we do not fall under required GDPR categories.
Consent
You consent to this policy by using the Site. Consent withdrawal is available by contacting our privacy officer, though prior processing remains valid.
Legal Basis for Processing
We rely on your consent for specific purposes and on the necessity of processing to perform contractual obligations.
Personal Data Collected
Automatically collected: IP address, location, clicked links and content viewed.
Not automatically collected: Name, email, phone, address and payment information, collected via account creation, email subscriptions and service provision.
Data Usage
Automatically collected data is used for statistics. Manually collected data is used for communication, billing and service validation.
Data Sharing
We share data with Stripe for credit card processing only. Data may also be shared if legally required, for legal proceedings, to protect rights or in the event of a company sale.
Data Storage
Data is retained until the collection purpose is achieved. You will be notified if extended retention is required.
Security Measures
We use the strongest available browser encryption and store all of our data on servers in secure facilities. Credit card data is stored exclusively with Stripe.
Automated Decision-Making
You have the right to object to solely automated decisions. We use MaxMind Fraud Services for order verification. Declined services result when 3DS fails or the customer enters mismatching information.
Your Rights (GDPR)
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
Children
The minimum age to use our services is 18. Data from children under 16 is deleted immediately upon discovery.
Data Access, Modification or Deletion
Contact our privacy officer using the contact details above to exercise access, deletion or other GDPR rights.
Do Not Track (DNT)
Our Site does not respond to browser DNT signals and we cannot guarantee third-party compliance.
Cookie Policy
- Functional: Saves user selections.
- Analytical: Tracks site usage patterns.
- Third-Party: Enables live chat integration.
Modifications
Policy updates are reflected via Effective Date changes. Periodic review is recommended.
Complaints
You may contact our privacy officer or lodge a complaint with a supervisory authority.