Privacy Policy

Responsible for data processing on this website is:

Data Protection Officer:
For questions regarding data protection, you can reach our Data Protection Officer at: info@hablexhost.es

We process personal data only if necessary. The following overview summarizes the types of data processed and the purposes of their processing:

We process your data based on the following legal bases of the GDPR:

• a
  Consent (Art. 6 para. 1 lit. a GDPR)

  If you have consented to the processing of your data (e.g., newsletter, cookies).

• b
  Contract Fulfillment (Art. 6 para. 1 lit. b GDPR)

  If the processing is necessary for the fulfillment of a contract or pre-contractual measures.

• c
  Legal Obligation (Art. 6 para. 1 lit. c GDPR)

  If we are subject to a legal obligation (e.g. retention obligations).

• f
  Legitimate interests (Art. 6 para. 1 lit. f GDPR)

  If the processing is necessary for the protection of our legitimate interests (e.g. security, analytics).

According to GDPR, you have the following rights:

Right to complain: You have the right to lodge a complaint with a data protection authority regarding the processing of your data.

Withdrawal of consent: You can withdraw any consents given at any time with effect for the future.

Server log files

Each time our website is accessed, our server automatically records the following data in so-called server log files:

• IP address of the requesting computer (anonymized after 7 days)
• Date and time of access
• Name and URL of the retrieved file
• Amount of data transferred
• Message about successful retrieval
• Browser and operating system used
• Referrer URL (previously visited page)

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interests in security and stability).
Storage duration: Log files are deleted after 30 days.

SSL/TLS Encryption

This website uses SSL/TLS encryption to protect data transmission (recognizable by "https://" and the lock symbol). This means that the data you transmit is not readable by third parties.

Our website uses cookies. These are small text files that your browser stores.

Technically necessary cookies

These cookies are required for the operation of the website:

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in operating the website).

Analytics Cookies (optional)

With your consent, we use analytics cookies to understand how our website is used. You can decline these via the cookie banner.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent).

Registration

During registration, we collect the following data:

• First and last name
• Email address
• Password (stored encrypted)
• Optional: Company, Phone, Address

Orders

For orders, we additionally process:

• Billing address
• Payment information (via secure payment providers)
• Order history
• Communication regarding the order

Legal basis: Art. 6 para. 1 lit. b GDPR (Contract fulfillment).
Storage duration: Customer data is stored for the duration of the business relationship, and thereafter according to commercial and tax retention periods (usually 10 years).

When using our hosting services (web hosting, VPS, server), the data you store there will be processed by us as part of a contract processing in accordance with Art. 28 GDPR.

Your role: You are the controller of the data you store.
Our role: We are the data processor and process the data only according to your instructions.

A data processing agreement (DPA) can be created at any time through your customer account or requested from us.

For payment processing, we use external payment service providers:

Stripe

Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA
Privacy Notice: stripe.com/en/privacy
Stripe is certified under the EU-U.S. Data Privacy Framework.

PayPal

PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg
Privacy Notice: paypal.com/privacy

Note: We do not store complete credit card details. Payment data is processed directly by the payment service providers.

The following data is processed when using our support system:

• Name and email address
• Content of support inquiries
• Related service and order data
• Communication history

Legal basis: Art. 6 para. 1 lit. b GDPR (Contract fulfillment).
Storage duration: Support tickets are archived for 3 years after the end of the contract and then deleted.

We use AI technologies to improve our services:

Support assistance

To support our support team, requests can be analyzed by AI systems to generate suitable solution suggestions. All AI-generated answers are reviewed by employees.

AI Assistant (Product)

If you use an AI assistant as a product, conversation data will be processed for the purpose of providing the function. For details, please refer to the product-specific privacy notices.

Content Delivery Network (CDN)

We use CDN services for fast loading times. This may involve transmitting your IP address to the CDN provider.

External Fonts

Fonts are loaded locally from our servers. No connection is made to Google Fonts or similar services.

E-Mail Delivery

We use SMTP servers with TLS encryption for e-mail delivery. Transactional e-mails are logged for quality purposes.

We take technical and organizational measures to protect your data: