GDPR Compliance

How we comply with the General Data Protection Regulation

1. Introduction to GDPR

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas.

At ServerHoster4U, we are committed to ensuring that all our services and operations comply with GDPR requirements. This page outlines how we implement GDPR principles and what rights you have regarding your personal data.

2. Our Role Under GDPR

Under GDPR, ServerHoster4U acts as both:

  • Data Controller: When we collect and process your personal information for our own purposes (e.g., account creation, billing, customer support).
  • Data Processor: When we process data on behalf of our customers who use our hosting services to store their own data.

This distinction is important as it determines our specific obligations under GDPR.

3. GDPR Principles We Follow

We adhere to the following GDPR principles in our data processing activities:

  • Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and in a transparent manner.
  • Purpose limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.
  • Data minimization: We limit our collection of personal data to what is necessary for the purposes for which it is processed.
  • Accuracy: We take reasonable steps to ensure that personal data is accurate and kept up to date.
  • Storage limitation: We keep personal data in a form that permits identification of data subjects for no longer than necessary.
  • Integrity and confidentiality: We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage.
  • Accountability: We are responsible for and can demonstrate compliance with the GDPR principles.

4. Legal Basis for Processing

Under GDPR, we process your personal data based on one or more of the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose.
  • Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • Legal obligation: The processing is necessary for us to comply with the law.
  • Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.

5. Your Rights Under GDPR

The GDPR provides the following rights for individuals:

  • Right to be informed: You have the right to be informed about the collection and use of your personal data.
  • Right of access: You have the right to request a copy of the personal data we hold about you.
  • Right to rectification: You have the right to have inaccurate personal data rectified, or completed if it is incomplete.
  • Right to erasure: You have the right to have your personal data erased in certain circumstances.
  • Right to restrict processing: You have the right to request the restriction or suppression of your personal data in certain circumstances.
  • Right to data portability: You have the right to obtain and reuse your personal data for your own purposes across different services.
  • Right to object: You have the right to object to the processing of your personal data in certain circumstances.
  • Rights related to automated decision making and profiling: You have rights related to automated decision making and profiling.

6. How to Exercise Your Rights

To exercise any of your rights under GDPR, please contact our Data Protection Officer using the contact information provided at the end of this page. We will respond to your request within 30 days.

To help us process your request efficiently, please provide the following information:

  • Your full name and email address associated with your account
  • A clear description of which right(s) you wish to exercise
  • Any additional information that may help us identify you or the data in question

7. Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data during transmission and at rest
  • Regular testing and evaluation of the effectiveness of security measures
  • Access controls and authentication procedures
  • Regular security assessments and audits
  • Staff training on data protection and security
  • Incident response procedures

8. International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure that adequate safeguards are in place to protect your data, such as:

  • Transfers to countries with an adequacy decision from the European Commission
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules (BCRs) where applicable

9. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document all breaches, including the facts, effects, and remedial actions taken

10. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our GDPR compliance. You can contact our DPO with any questions, concerns, or requests regarding your personal data or our data protection practices.

11. Contact Information

If you have any questions about our GDPR compliance or wish to exercise your rights, please contact our Data Protection Officer at:

Email: dpo@serverhoster4u.com

Address: Technikstraße 123, 10115 Berlin, Germany

You also have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes the GDPR.

Last Updated: May 11, 2025