🇬🇧 🇳🇱
legal

Privacy Policy.

Last updated February 2026.
Effective date: February 1, 2026

Who We Are

hozt.org is a hosting and infrastructure company based in Amsterdam, Netherlands. We are the data controller for personal data collected through our website and services. You can reach us at hey@hozt.org.

What We Collect

We collect the following categories of personal data:

  • Account data: name, email address, and phone number provided during registration
  • Billing data: payment method details, invoices, and transaction history
  • Service usage data: resource consumption, configuration settings, and support tickets
  • Technical data: IP addresses, server logs, and browser information when you visit our website

How We Use It

We use your data to deliver and maintain your services, process payments and invoices, provide technical support, and protect the security of our infrastructure. We also use it to comply with legal obligations such as tax reporting and law enforcement requests. We do not use your data for profiling or automated decision-making.

Legal Basis

We process your personal data under the following legal bases as defined by the GDPR:

  • Contract performance: processing necessary to deliver the services you purchased
  • Legitimate interest: security monitoring, fraud prevention, and service improvement
  • Legal obligation: tax records, regulatory compliance, and law enforcement cooperation
  • Consent: optional communications such as newsletters, which you can withdraw at any time

Cookies

We use only a single session cookie to keep you logged in to your account. We do not use tracking cookies, third-party analytics, or advertising pixels. No cookie consent banner is needed because our single functional cookie is strictly necessary for the service to operate.

Data Sharing

We share personal data only when necessary to provide our services. This includes payment processors (for transaction handling) and domain registrars (for domain registration as required by ICANN). We do not sell, rent, or trade your personal data to any third party. All processors are bound by data processing agreements compliant with GDPR.

Data Retention

We retain your account data for the duration of our business relationship and delete it upon account closure, unless retention is required by law. Financial records are kept for 7 years as required by Dutch tax law. Server and access logs are retained for 90 days and then automatically purged.

Your Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Request erasure of your data (right to be forgotten)
  • Export your data in a portable format
  • Object to or restrict certain processing activities

To exercise any of these rights, contact us at hey@hozt.org. We will respond within 30 days.

Security

We protect your data with encryption in transit (TLS) and at rest, strict access controls limited to authorized personnel, and regular security audits of our infrastructure. While no system is perfectly secure, we take all reasonable measures to safeguard your information.

Changes

We may update this Privacy Policy from time to time. For material changes that affect how we process your data, we will notify you by email at least 30 days before the changes take effect. The latest version is always available at hozt.org/privacy.

Contact

For any privacy-related questions or requests, contact us at hey@hozt.org. If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.