- Who We Are
- Information We Collect
- How We Use Your Information
- Legal Basis for Processing
- Cookies & Tracking
- Third-Party Processors
- International Data Transfers
- Data Retention
- Data Security
- Your Rights
- Children's Privacy
- Changes to This Policy
- Contact & Complaints
We take data protection seriously. We aim to collect the minimum information we need to provide hosting services, secure our network, and comply with the law — and to be clear about what we do with it. This policy applies to everyone who visits our website, opens an account, uses our services, or contacts us.
1. Who We Are
ProwHost (operating the PortVPS brand) is the data controller for the personal information described in this policy. We are a cloud hosting provider operating servers and network infrastructure across multiple countries. If you need to reach us about privacy, write to support@prowhost.com.
2. Information We Collect
Information you give us
- Account details — full name, email address, phone number, company name, and postal address.
- Billing information — payment card details (processed by our payment processors; we do not store full card numbers), invoice address, and VAT or tax identification when applicable.
- Authentication data — passwords (stored as hashes), API keys, and two-factor authentication settings.
- Support content — the contents of tickets, chats, and emails you send us.
Information collected automatically
- Server & network logs — IP addresses, request timestamps, user agents, and bandwidth usage for security, abuse prevention, and capacity planning.
- Device & browser data — operating system, browser type, screen resolution, and approximate location derived from IP.
- Usage data — pages visited, actions taken in the client area, and feature usage within the control panel.
- Cookies & similar technologies — see Section 5.
Information from third parties
We may receive information about you from fraud-prevention services, your payment provider, abuse reporters, and law-enforcement requests served on us through proper channels.
3. How We Use Your Information
- Create and manage your account, deliver the services you've ordered, and provide customer support.
- Process payments, invoice you, and recover unpaid amounts.
- Operate, monitor, and secure our network — including detecting and preventing fraud, abuse, and attacks.
- Comply with legal obligations, court orders, and regulatory requirements.
- Send service-related notices: outage alerts, planned maintenance, billing reminders, abuse notifications, and security alerts. These cannot be opted out of while your account is active.
- Send product updates and promotional offers — only when you have opted in. You can unsubscribe at any time.
- Improve our website, products, and support quality, including aggregate analytics that do not identify individuals.
We do not sell your personal information to third parties.
4. Legal Basis for Processing (GDPR)
If you are in the EEA, the UK, or another jurisdiction that requires us to identify a lawful basis under the GDPR or equivalent law, we rely on:
- Contract — to provide the services you've ordered and to administer your account.
- Legal obligation — to keep tax records, respond to lawful requests, and meet sanctions/export-control rules.
- Legitimate interests — to secure our network, prevent fraud and abuse, improve our products, and operate the business — balanced against your privacy rights.
- Consent — for marketing emails and non-essential cookies. You can withdraw consent at any time without affecting service delivery.
5. Cookies & Tracking
- Strictly necessary — session cookies that keep you logged into the client area and remember your cart.
- Functional — remembering language and currency preferences.
- Security — bot-protection tokens used to validate form submissions and protect against abuse.
- Analytics — aggregate, privacy-respecting usage analytics. We do not use cross-site advertising trackers.
You can clear cookies and disable them in your browser settings at any time. Disabling strictly necessary cookies will prevent you from signing in or completing purchases.
6. Third-Party Processors
To deliver our services, we share specific data with carefully chosen processors who act on our behalf under written data-processing agreements. Categories include payment processors, fraud prevention, email delivery, content delivery & security (DDoS scrubbing, CDN, bot protection), domain registration partners, and datacenter & carrier providers. We also disclose information when required by law or to protect our rights, property, or safety.
7. International Data Transfers
We operate in multiple countries. Your personal data may be transferred to, stored in, and processed in any country where we, our affiliates, or our processors operate facilities. When we transfer personal data outside the EEA, UK, or Switzerland, we use Standard Contractual Clauses or another lawful transfer mechanism.
8. Data Retention
- Account & billing records — for the life of the account plus the period required by tax and accounting laws (typically 7–10 years).
- Server & access logs — typically up to 90 days, longer if needed for an active investigation.
- Support tickets — for the life of the account; archived afterward for a limited period.
- Marketing data — until you unsubscribe or after a period of inactivity.
Once retention periods expire, we delete or anonymize the data.
9. Data Security
We protect personal information using encrypted transport (TLS), encryption-at-rest on key systems, access controls, periodic security reviews, and physical security at our datacenter facilities.
No system is perfectly secure. If we ever detect a breach affecting your personal data, we will notify you and the relevant authorities within the timeframes required by law.
10. Your Rights
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete information.
- Erasure — ask us to delete your data when it is no longer needed, subject to legal retention obligations.
- Restriction — ask us to limit how we process your data while a request is reviewed.
- Portability — receive a machine-readable copy of data you provided.
- Objection — object to processing based on legitimate interests, including direct marketing.
- Withdraw consent — at any time where processing is based on it.
- Do Not Sell / Share (CCPA) — we do not sell or share personal information for cross-context behavioural advertising.
To exercise any of these rights, contact support@prowhost.com. We respond within 30 days and may need to verify your identity first.
11. Children's Privacy
Our services are not directed at children. We do not knowingly collect personal information from anyone under 16 years of age. If you believe a child has provided us with personal data, please contact us and we will delete it.
12. Changes to This Policy
We may update this policy from time to time. When we make material changes we will notify account holders by email and update the effective date at the top of this page. Continuing to use our services after an update constitutes acceptance of the updated policy.
13. Contact & Complaints
- Email: support@prowhost.com
- Web form: Contact us
If you are in the EEA or UK and believe we have not addressed your concern, you have the right to lodge a complaint with your local data-protection supervisory authority.
Related: Terms of Service · Contact Us