Privacy Policy

How Hostynet processes and protects your personal data.

This is a courtesy translation. The French version is the legally binding document.

Terms Legal Notice Privacy DPA

Publisher: Hostynet
Registered office: 2 rue Guillaume Apollinaire, Canto-Perdrix Licorne 1, 13500 Martigues, France
SIREN: 900 207 150 | SIRET: 900 207 150 00021 | VAT: FR36900207150
Contact: contact@hostynet.fr | Phone: +33 7 68 64 10 38
DPO: rgpd@hostynet.fr

1. Purpose

This policy describes how Hostynet processes personal data in the context of: (i) website management, orders, billing and support, and (ii) provision of VPS hosting services.

Important:

Client management data (account, billing, support): Hostynet acts as data controller.
Data hosted by the Client on their VPS: Hostynet acts as data processor and the Client acts as data controller.

2. Data processed

2.1 Client management (Hostynet = data controller)

Identity and contact details: name/surname or company name, email, phone, billing address (if provided).
Account data: client area credentials, contract information (plan, renewal, service history).
Support data: ticket content and technical information provided by the Client.
Technical and security data: logs necessary for security, diagnostics and compliance with applicable legal obligations.

2.2 Data hosted on VPS (Hostynet = data processor)

The Client is solely responsible for data and content hosted and processed through their VPS, including personal data.

3. Purposes and legal bases (client management)

Purpose	Examples	Legal basis (GDPR)
Contract performance	Service creation, account management, VPS delivery, support	Article 6(1)(b)
Legal obligations	Accounting, billing, dispute management	Article 6(1)(c)
Security and abuse prevention	Abuse prevention, traceability, diagnostics, security	Article 6(1)(f)

Hostynet does not engage in commercial prospecting based on data resale.

4. Hosting and transfers

VPS services are primarily operated in France. Hostynet does not transfer data outside the European Union without a GDPR-compliant legal basis.

5. Sub-processors

Hostynet uses providers strictly necessary for service delivery (network connectivity, IP addressing, domain name, payment processing).

Provider	Role	Data concerned	Location
Orange Pro	Internet connectivity (fiber)	Network metadata (IP addresses, connection/transit information)	France / EU
Free Pro	Internet connectivity (fiber)	Network metadata (IP addresses, connection/transit information)	France / EU
Servperso Systems (BE 0725.528.920)	IP address provisioning / NoBGP tunnel connectivity	Network metadata (IP addresses, tunnel/transit information)	Belgium (EU)
OVHcloud	Domain name registration/management	Domain-related data (registrant/contacts, administrative information)	EU
Revolut Business	Payment collection and processing	Identity/transaction data for payment and compliance	EU

DNS servers (ns1.hostynet.fr / ns2.hostynet.fr) and the ticket system are hosted and operated by Hostynet.

6. Retention periods

Service data (account, contract): during the contract, then deletion within 30 days after end of service, unless required by law.
Technical logs (security/diagnostics): maximum retention of 12 months.
Support data: retained for the duration necessary for processing, then archived/deleted as required by law or evidence needs.

7. Security

Hostynet implements appropriate technical and organizational measures, including:

Access control limited to authorized personnel (need-to-know basis).
Network and system security measures to prevent unauthorized access.
Monitoring and logging for security and diagnostics purposes.
Maintenance and updates to maintain system security.

8. VPS access (managed services / premium support)

Under standard service, Hostynet does not access VPS content or Client admin credentials.

For managed services / premium support, Hostynet may intervene only upon Client request and consent, via the ticket system. Required access must be provided as temporary credentials.

9. Data subject rights

For data where Hostynet is the data controller, you have rights of access, rectification, erasure, restriction, objection and portability under Articles 15 to 22 of the GDPR. Requests can be sent to: rgpd@hostynet.fr.

For data processed by the Client on their VPS, requests should be directed to the Client (data controller).

10. Data breaches

In the event of a personal data breach, Hostynet notifies the Client as soon as possible and provides available technical information to help the Client fulfill their obligations.

11. Policy updates

Hostynet may update this policy. The version published online at the time of consultation is the applicable version.