1. Introduction

BRHOSTING.COM ("Provider," "we," "us") is committed to protecting the privacy of our clients, website visitors, and business partners. This Privacy Policy explains how we collect, use, store, share, and protect personal data when you interact with our website (brhosting.com), services, and communications. We process personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the California Consumer Privacy Act ("CCPA"), and other relevant privacy legislation.

2. Data Controller

The data controller responsible for your personal data is BRHOSTING.COM. For all privacy-related inquiries, data access requests, or complaints, please contact our Data Protection Officer at privacy@brhosting.com.

3. Personal Data We Collect

We collect the following categories of personal data:

Account Information: Name, email address, phone number, company name, billing address, and account credentials when you register for an account or place an order.

Payment Information: Credit card numbers (processed securely via PCI-DSS compliant payment processors), PayPal identifiers, bank transfer details, and cryptocurrency wallet addresses. We do not store complete credit card numbers on our servers.

Technical Data: IP addresses, browser type and version, operating system, referring URLs, page visit timestamps, and session duration collected automatically when you visit our website.

Service Data: Server configuration details, support ticket communications, service usage logs, and bandwidth consumption statistics necessary for service delivery.

Communication Data: Records of correspondence with our support team, feedback submissions, and newsletter subscription preferences.

4. Legal Basis for Processing

We process your personal data on the following legal grounds: (a) Contract Performance — processing necessary to fulfill our contractual obligations (Article 6(1)(b) GDPR); (b) Legitimate Interest — processing necessary for fraud prevention, network security, service improvement, and direct marketing to existing clients (Article 6(1)(f) GDPR); (c) Legal Obligation — processing required to comply with tax, accounting, and regulatory requirements (Article 6(1)(c) GDPR); (d) Consent — for newsletter subscriptions and non-essential cookies (Article 6(1)(a) GDPR).

5. How We Use Your Data

We use your personal data to: provision, maintain, and support the services you have ordered; process payments and send invoices; respond to support requests and communications; detect, prevent, and investigate fraud, abuse, or security incidents; comply with legal and regulatory obligations; send service-related notifications (maintenance windows, outage alerts); and, with your consent, send promotional communications about new products or offers.

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We may share data with the following categories of recipients: (a) Payment processors (Stripe, PayPal) to process transactions securely; (b) Data center partners for hardware provisioning and maintenance; (c) Law enforcement or regulatory bodies when required by law or to protect our rights; (d) Professional advisors (legal, audit, accounting) under confidentiality obligations. All third-party processors are bound by Data Processing Agreements ensuring adequate protection of your data.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including EU Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected: Account data is retained for the duration of the contractual relationship plus 90 days for account recovery. Billing and financial records are retained for 7 years to comply with tax and accounting obligations. Support ticket data is retained for 3 years after ticket closure. Server access logs are retained for 12 months. Website analytics data is anonymized after 26 months.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. Essential cookies are required for site functionality (authentication, language preference, shopping cart) and cannot be disabled. Analytics cookies help us understand site usage and improve our services. Marketing cookies are used only with your explicit consent. You can manage cookie preferences through your browser settings. Disabling essential cookies may impair site functionality.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including: encryption in transit (TLS 1.2+) and at rest; role-based access controls; regular security audits and penetration testing; multi-factor authentication for administrative access; automated intrusion detection and prevention systems; physical security measures at all data center facilities. While we strive to use commercially acceptable means to protect your data, no method of electronic transmission or storage is 100% secure.

11. Your Rights

Under applicable data protection legislation, you have the following rights: Right of Access — obtain confirmation of whether we process your data and request a copy; Right to Rectification — correct inaccurate or incomplete data; Right to Erasure — request deletion of your data where no legal retention obligation exists; Right to Restriction — limit processing in specific circumstances; Right to Data Portability — receive your data in a structured, machine-readable format; Right to Object — object to processing based on legitimate interest, including direct marketing; Right to Withdraw Consent — withdraw consent at any time without affecting prior processing.

To exercise any of these rights, please contact privacy@brhosting.com. We will respond within 30 days.

12. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a minor, we will take reasonable steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on our website at least 30 days before they take effect. The "Last Updated" date at the top of this page indicates when this policy was last revised.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at privacy@brhosting.com or through our Contact Page.