Privacy Policy

How we collect, use and protect your personal data

1. Introduction

HOSTBIT SRL respects the confidentiality of personal data and is committed to protecting the information you provide to us. This policy explains how we collect, use and protect your data in accordance with the General Data Protection Regulation (GDPR) and Romanian legislation on the protection of personal data.

2. Definitions

Personal data: Any information relating to an identified or identifiable natural person.

Processing: Any operation or set of operations performed on personal data.

Controller: The entity that determines the purposes and means of processing personal data (HOSTBIT SRL).

Data subject: The natural person whose personal data is processed.

3. Data collected

We collect the following categories of personal data:

  • Identification data: name, surname, email address, phone number
  • Billing data: billing and delivery address, VAT/ID number, banking information for payment processing
  • Technical data: IP address, browser type, operating system, cookies
  • Usage data: interactions with our services, access logs, traffic data
  • Communication data: correspondence via email, chat or phone with our support

4. Purpose of data processing

We use personal data for the following purposes:

  • Providing and managing contracted services (web hosting, VPS, dedicated servers, domains)
  • Processing orders and billing
  • Providing technical support and communicating with customers
  • Improving services and user experience
  • Complying with legal obligations (accounting, taxation)
  • Preventing fraud and ensuring system security
  • Direct marketing (only with your explicit consent)

5. Legal basis for processing

We process your data based on the following legal grounds:

  • Contract performance: To provide the services you have ordered
  • Consent: For marketing activities and promotional communications
  • Legal obligations: To comply with fiscal, accounting and other legislation
  • Legitimate interests: For service improvement and fraud prevention

6. HOSTBIT SRL as data controller

As a controller, we commit to:

  • Process personal data only for specified and legitimate purposes
  • Apply appropriate technical and organizational security measures
  • Report security breaches to competent authorities within 72 hours
  • Store data exclusively on servers located in Romania
  • Not transfer data outside the European Union without adequate safeguards

7. HOSTBIT SRL as data processor

For customers who use our hosting services to store personal data of their own users, we act as data processor and commit to:

  • Process data only according to client (controller) instructions
  • Ensure that authorized personnel respects confidentiality
  • Implement security measures to protect data
  • Assist the client in fulfilling GDPR obligations
  • Delete or return data upon client request

8. Data sharing

HOSTBIT SRL does not sell or rent customer personal data to third parties. We may share data only with:

  • Payment processors: For transaction processing (e.g. banks, card processors)
  • Public authorities: When legally required (e.g. tax authorities, courts)
  • Technical partners: Infrastructure providers who help us deliver services (with confidentiality agreements)
  • Domain registrars: For domain registration and management (according to WHOIS policies)

All third-party partners are contractually obliged to respect GDPR and protect personal data.

9. Data security

We implement appropriate technical and organizational measures to protect personal data:

  • SSL/TLS encryption: All communications are encrypted
  • Firewalls: Protection against unauthorized access
  • Regular backups: To prevent data loss
  • Restricted access: Only authorized personnel have access to personal data
  • Monitoring: Continuous surveillance for security incident detection
  • Two-factor authentication: Available for customer accounts

10. Data retention period

We keep personal data as long as necessary for:

  • Active account: For the entire duration of the contractual relationship
  • Fiscal and accounting data: 10 years (according to fiscal legislation)
  • Communication data: 3 years from last contact
  • Technical logs: Maximum 12 months
  • Marketing data: Until consent is withdrawn

After the retention period expires, data will be deleted or irreversibly anonymized.

11. Your rights under GDPR

You have the following rights regarding your personal data:

  • Right of access: To obtain confirmation of data processing and copies thereof
  • Right to rectification: To correct inaccurate or incomplete data
  • Right to erasure ("right to be forgotten"): To request data deletion under certain conditions
  • Right to restrict processing: To limit processing in certain situations
  • Right to data portability: To receive data in a structured format
  • Right to object: To oppose processing for marketing or legitimate interests
  • Right to withdraw consent: At any time, without affecting the lawfulness of previous processing
  • Right to lodge a complaint: With the National Supervisory Authority for Personal Data Processing (ANSPDCP)

To exercise any of these rights, contact us at contact@hostbit.ro. We will respond within a maximum of 30 days.

12. Cookies and similar technologies

Our website uses cookies for:

  • Essential cookies: Necessary for site functionality (authentication, shopping cart)
  • Performance cookies: For traffic analysis and experience improvement
  • Preference cookies: For retaining settings (language, theme)

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.

13. International data transfers

Your data is stored on servers located in Romania and is not transferred outside the European Economic Area (EEA) except in exceptional cases and only to countries with adequate level of protection or with adequate safeguards according to GDPR (e.g. standard contractual clauses).

14. Protection of minors' data

Our services are not intended for persons under 18 years of age. We do not knowingly collect personal data from minors without parental or legal guardian consent. If we learn that we have collected such data, we will delete it immediately.

15. Privacy policy changes

We reserve the right to update this privacy policy to reflect legislative changes or changes to our practices. We will notify you by email about any significant changes at least 30 days before they take effect. The date of last update is displayed at the end of this document.

16. Contact and data protection officer

For questions about data protection, exercising rights or complaints, contact us:

Email: contact@hostbit.ro

Postal address: Hostbit SRL, tarla 38, Găgești, Bolotești, Vrancea, Romania

You also have the right to file a complaint with:

ANSPDCP (National Supervisory Authority for Personal Data Processing)

B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest

Website: www.dataprotection.ro

17. Company data

Data controller: Hostbit SRL

VAT ID: RO33943824

Reg. Com.: J2018000088393

Address: tarla 38, Găgești, Bolotești, Vrancea, Romania

Email: contact@hostbit.ro

Last updated: October 2025

© 2025 HOSTBIT SRL. All rights reserved.