Privacy Policy

Host4Geeks LLC (“Host4Geeks,” “we,” “us,” or “our”) respects your privacy and is committed to handling your personal information responsibly. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the rights and choices available to you.

This Policy applies to host4geeks.com, our client portal at backyard.host4geeks.com, our hosting and related Services, and all other websites or applications that link to this Policy (collectively, the “Services”). It does not apply to the content you, your end users, or third parties choose to store, host, or transmit through the Services — you are responsible for that content under our Terms of Service and Acceptable Use Policy.

1. Scope and Data Controller

For the purposes of applicable data protection laws (including the EU/UK General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act as amended by the CPRA (“CCPA/CPRA”), and India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”)), the data controller of personal information described in this Policy is Host4Geeks LLC, with its principal place of business at 340 S Lemon Ave, Walnut, CA 91789, United States.

When we process personal information of your end users on your behalf (for example, content you store with us), we act as a data processor / “service provider” and you act as the data controller. Our processing in that role is governed by your instructions and our agreement with you.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you register an Account, place an Order, request support, or otherwise interact with us:

• Account and Identity Data: Name, company name, email address, telephone number, postal address, country, and the username and password you choose.
• Billing Data: Billing address, tax identifiers (such as VAT or GST IDs), and payment-method metadata such as card brand and last four digits. Full payment-card numbers, CVV codes, and full bank details are collected and handled directly by our payment processors (see Section 5); we do not store them on our servers.
• Communications Data: The content of tickets, emails, chat sessions, and phone calls (including notes and recordings where applicable and lawful), feedback, survey responses, and reviews you submit.
• Verification Data: Information used to verify your identity or prevent fraud, including documents you provide on request, IP and device metadata, and risk-scoring inputs from our processors.

2.2 Information Collected Automatically

When you visit our websites, use the client portal, or use the Services, we automatically collect certain technical information:

• Device and Connection Data: IP address, browser type and version, operating system, device type, language preferences, time zone, and referring/exit URLs.
• Usage Data: Pages viewed, links clicked, search queries on our knowledge base, click-stream data, dates and times of access, and similar analytics.
• Server and Operational Logs: Logs generated by the infrastructure that powers your Services (for example, login records, command history for support sessions, abuse-detection signals, and failed authentication attempts).
• Cookies and Similar Technologies: See Section 6 for details.

2.3 Information from Third Parties

We may receive information about you from third parties, including: payment processors and fraud-prevention providers (for verification, risk-scoring, and chargeback information); affiliate and referral partners (for attribution); domain registries and registrars (for WHOIS and registration data); and law-enforcement or other authorities where required.

3. How We Use Your Information

We process personal information for the following purposes:

• Service Provision: To create and manage your Account, provision and operate the Services, deliver support, and notify you about Service-related matters such as outages and maintenance.
• Billing and Fraud Prevention: To process payments, issue invoices and refunds, detect and prevent fraud, chargebacks, money laundering, and abuse, and comply with sanctions and trade controls.
• Security and Abuse Handling: To protect the Services, our customers, and third parties from spam, phishing, malware, denial-of-service attacks, intrusion attempts, and other Acceptable Use Policy violations.
• Communications: To respond to your enquiries, send transactional emails (such as invoices, password resets, renewal notices, and security alerts), and, where lawful and only with the choices described in Section 7, to send marketing communications.
• Improvement and Analytics: To understand how customers use our websites and Services, troubleshoot issues, develop new features, and improve usability and performance.
• Legal and Regulatory: To comply with applicable laws, respond to lawful requests from authorities, enforce our agreements, and establish, exercise, or defend legal claims.

4. Legal Bases for Processing

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Contract: Processing necessary to perform the Terms of Service and deliver the Services you have purchased.
• Legitimate Interests: Processing necessary for our legitimate interests, such as securing our network, preventing fraud and abuse, improving the Services, and conducting business operations, provided those interests are not overridden by your rights and freedoms.
• Legal Obligation: Processing necessary to comply with laws applicable to us, including tax, accounting, and law-enforcement obligations.
• Consent: Processing based on your specific consent, such as for certain marketing communications or non-essential cookies. You may withdraw consent at any time without affecting prior lawful processing.

5. Sub-Processors and Service Providers

We engage trusted third parties to help us deliver the Services. These sub-processors process personal information on our behalf, under written agreements that require appropriate confidentiality, security, and data-protection measures. Our current sub-processors include:

We review our sub-processors periodically and may add, remove, or replace them. The list above will be updated to reflect material changes. If you have a question about a specific sub-processor or want a current list, contact us at [email protected].

6. Cookies and Similar Technologies

We and our service providers use cookies, pixels, local storage, and similar technologies (collectively, “Cookies”) on our websites and in the client portal. Cookies fall into the following categories:

• Strictly Necessary: Required for the websites and client portal to function (for example, authenticated sessions, security tokens, and shopping-cart state). These cannot be disabled.
• Functional: Remember preferences such as language and currency.
• Analytics: Help us understand how visitors interact with the Services so we can improve them (for example, Google Analytics).
• Marketing: Used by us or partners to measure the effectiveness of marketing campaigns and, where applicable, to personalize advertising.

Where required by applicable law, we obtain your consent for non-essential Cookies through a cookie banner or preference center. You can also control Cookies through your browser settings; blocking certain Cookies may affect the functionality of our Services.

7. How We Share Information

We share personal information only as described below:

• Service Providers and Sub-Processors: As described in Section 5, to help us provide, secure, and operate the Services.
• Affiliates: With current or future Host4Geeks affiliates, subject to this Policy.
• Legal and Safety: When required by law, subpoena, court order, or other lawful request; to enforce our Terms of Service; to protect the rights, property, or safety of Host4Geeks, our customers, or others; and to respond to law-enforcement and national-security requests in accordance with applicable law.
• Business Transfers: In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business or assets, in which case the receiving party will be required to honor the commitments in this Policy.
• With Your Consent: For any other purpose disclosed at the time we collect the information, or with your consent.

We do not sell your personal information for money. We do not “share” your personal information for cross-context behavioral advertising in the meaning given to that term under the CCPA/CPRA.

8. International Data Transfers

Host4Geeks operates globally. Personal information may be transferred to, and processed in, the United States and other countries where we, our sub-processors, or our datacenter operators are located. These countries may have data-protection laws that differ from those in your country of residence.

Where personal information is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (and the UK Addendum or Swiss equivalent, where applicable) together with supplementary measures.

9. Datacenter Locations and Hosted Content

Customer Services are deployed across multiple datacenter locations globally. When you purchase a Service, you select the location (or are assigned one based on the plan). Content stored on a given Service is physically located at that datacenter. Information about specific datacenter locations is available at host4geeks.com/datacenters.

As described above, you are responsible for the content you store, transmit, or process through the Services. Where you process personal information of end users, you are responsible for providing appropriate notices to and obtaining any required consents from those end users under the laws applicable to you and to them.

10. Data Retention

We retain personal information for as long as needed to provide the Services and to comply with legal, accounting, tax, and reporting obligations. Specifically:

• Hosting Data: Content stored on terminated Services (such as files, databases, emails, and configurations) is deleted promptly upon termination of the Service, in accordance with the timelines in our Terms of Service.
• Billing and Tax Records: Invoices, payment records, and related billing data are retained for three (3) years after closure of your Account, or longer where required by applicable tax or accounting law.
• Support and Communications: Support tickets and related communications are retained for as long as needed to provide ongoing support and to resolve disputes.
• Security and Abuse Records: Logs and records relating to security incidents, AUP violations, and abuse may be retained for longer periods where necessary to protect our network or to defend legal claims.

When personal information is no longer needed, we delete, anonymize, or aggregate it.

11. Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit, access controls, network monitoring, vulnerability management, and personnel training. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

12. Your Rights and Choices

Subject to applicable law, you have certain rights with respect to your personal information, which may include:

• Access: Request a copy of the personal information we hold about you.
• Correction: Ask us to correct inaccurate or incomplete information.
• Deletion: Ask us to delete your personal information, subject to applicable retention requirements.
• Restriction and Objection: Ask us to restrict or object to certain processing, including for direct marketing or based on legitimate interests.
• Portability: Receive your personal information in a structured, commonly used, machine-readable format and transmit it to another controller.
• Withdrawal of Consent: Withdraw any consent you previously gave, without affecting prior lawful processing.
• Complaint to a Supervisory Authority: Lodge a complaint with the data-protection authority in your country of residence.

Residents of California (including under the CCPA/CPRA), residents of the European Economic Area, the United Kingdom, and Switzerland (under the GDPR or UK GDPR), and residents of India (under the DPDP Act) have specific rights that map onto those listed above. We do not discriminate against you for exercising any of these rights.

To exercise any of these rights, contact us at [email protected]. We will respond within the timeframes required by applicable law. We may need to verify your identity before processing your request.

13. Children’s Privacy

The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us at [email protected] and we will take appropriate steps to delete it.

14. Third-Party Websites and Services

Our Services may contain links to, or integrate with, third-party websites and services. We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policies of any third-party services you use.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this document reflects the most recent revision. For material changes, we will provide notice by email or through the client portal at least thirty (30) days before they take effect, unless a shorter period is required by law. Your continued use of the Services after the effective date constitutes your acceptance of the updated Policy.

16. Contact Us

If you have questions or requests about this Policy or our privacy practices, please contact us:

Host4Geeks LLC
340 S Lemon Ave, Walnut, CA 91789, United States

• Privacy & Legal: [email protected]
• General Support: [email protected]
• Abuse Reports: [email protected]