Effective date: 2018-10-07
The data of the Data Controller:
- name: ServerAstra Informatikai, Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
- registered seat: 1158 Budapest, Petrence utca 66.
- company registration number: Cg. 01-09-873403
- e-mail: firstname.lastname@example.org
- website: serverastra.com
- tax number: 13791173242
- name of Court of Registration: Metropolitan Court as Court of Registration
ServerAstra Kft. ("ServerAstra Ltd.", "us", "we", or "our") operates the https://serverastra.com website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small pieces of data stored on a User's device.
Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. We are a Data Controller of your data, when we are providing you the services, maintaining your customer and payment information.
Data Processor (or Service Providers)
Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively. We are the Data Processor of your data, when you store your personal data on our devices, servers and other hardware involved in providing the Service. As a Data Processor we shall have an agreement in place with you for data processing, therefore please find information on data processing in our General Terms and Conditions of Services.
Data Subject is any living individual who is the subject of Personal Data.
The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
While using our Service, you need to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information is:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
Cookies and Usage Data
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
We may also collect information how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
- Statistics Cookies. We use Statistics Cookies for analytics purposes to improve our service.
Use of Data
ServerAstra Ltd. uses the collected data for various purposes on a different legal basis:
- To provide and maintain our Service – GDPR Article 6. (1) b)
- To notify you about changes to our Service – GDPR Article 6. (1) b)
- To allow you to participate in interactive features of our Service when you choose to do so – GDPR Article 6. (1) b)
- To provide customer support GDPR Article 6. (1) b)
- To gather analysis or valuable information so that we can improve our Service – GDPR Article 6. (1) f)
- To monitor the usage of our Service – GDPR Article 6. (1) f)
- To detect, prevent and address technical issues – GDPR Article 6. (1) b)
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about unless you have opted not to receive such information GDPR Article 6. (1) a)
- To issue our invoices and complete our tax obligations – GDPR Article 6. (1) c) – Section 78 (3) on Tax Proceedings and Section 169 of Act C of 2000 on Accounting.
- To provide and manage customer support and complaint services – GDPR Article 6. (1) c.) – Section 17/A on the Act CLV of 1997on Customer Protection.
Retention of Data
After the termination of the agreement, in cases where the legal basis on which we were processing your data was based on GDPR Article 6. (1) b) or GDPR Article 6. (1) f), the retention period is set to be 5 years after the termination of our agreement, since we have a legitimate interest to defend ourselves should you have any claim against us in connection with our services. This five years lapse period is based on Section 6:22 of the Hungarian Civil Code.
In cases where the legal basis on which we were processing your data was based on GDPR Article 6. (1) a) we only process your data until you decide to withdraw your consent to the data process or your contract with us has been ceased.
In cases where the legal basis on which we are processing your data was based on GDPR Article 6. (1) c) the legal retention period is set by mandatory laws:
- To issue our invoices and complete our tax obligations – 8 years – Section 78 (3) on Tax Proceedings and Section 169 of Act C of 2000 on Accounting.
- To provide and manage customer support and complaint services – 5 years – Section 17/A on the Act CLV of 1997on Customer Protection.
Usage Data is processed on the legal basis of GDPR Article 6. (1) f) and this data is retained for 6 months, the data is used to strengthen the security, to identify breaches and resolve security issues and thus improve the functionality of our Service.
Transfer Of Data
Disclosure Of Data
Disclosure for Law Enforcement
Under certain circumstances, ServerAstra Ltd. may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
ServerAstra Ltd. may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of ServerAstra Ltd.
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
If you order domain registration service from us, ServerAstra Ltd. must disclose your Personal Data to the following registrar company to register your domain:
5808 Lake Washington Blvd. NE, Suite 201
Kirkland, WA 98033, USA
You may find further information on the data process of the domain registrar at the following website: https://www.enom.com/terms/privacy.aspx
Valid from: 2018.07.11.
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. In case of known breach we have necessary procedures in place to inform Hungarian data protection authorities and the affected Data Subject of such breach.
We provide the appropriate level of data security which include, but are not limited to, (i) your data is stored in a secure technical environment, we are not making it available to the public (ii) only properly identified employees of our company and our business partners have access to your data (iii) data is encrypted by using industry standards SSL communication or SSH2 with AES128-AES256 cryptography; (iv) we use industry standard and PCI-DSS compliant SSL encryption for web/HTTP communications (v) our data is stored physically in Budapest server room (vi) we use encryption when sending data to Registers, registrars, resellers, back up service providers, (vii) we regularly test and evaluate our security actions and improve them; (vii) we check your identification before you are exercising yours rights in order to protect your data; (viii) We perform continuous backups of our data.
"Do Not Track" Signals
We do not support Do Not Track ("DNT"). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
ServerAstra Ltd. aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
In addition please be informed on your rights related to our data process:
- You have the right to ask information in writing whether a data process of your Personal Data is in progress by ServerAstra Ltd. You shall have the right to obtain from ServerAstra confirmation as to whether or not Personal Data concerning you are being processed and if that is the case, the ServerAstra Ltd shall inform you on the purposes of the processing, the categories of Personal Data concerned, the legal base of the process, the data source, the period of the process and the recipients or categories of recipient to whom the Personal Data have been or will be disclosed, in particular recipients in third countries.
- You have the right to have any of your Personal Data corrected without delay and have your data completed by ServerAstra Ltd. For example you may change your email address or password at any time.
- You have the right to the erasure of Personal Data concerning you without delay where one of the following grounds applies:
- the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw consent on which the processing is based, and where there is no other legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- the Personal Data have been unlawfully processed;
- the Personal Data have to be erased for compliance with a legal obligation applicable for ServerAstra Ltd;
- the Personal Data have been collected in relation to the offer of information society services to children.
- You have the right to have your Personal Data blocked or have the data processing restrainedwhere one of the following applies:
- the accuracy of the Personal Data is contested, for a period enabling the ServerAstra Ltd. to verify the accuracy of the Personal Data;
- the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead;
- ServerAstra Ltd. no longer needs the Personal Data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
- You have objected to processing; pending the verification whether the legitimate grounds of the controller override those of the data subject.
- You have the right to receive the Personal Data concerning you, which you have provided to ServerAstra Ltd, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from ServerAstra Ltd to which the Personal Data have been provided, where the processing based on your consent or on a contract and the processing is carried out by automated means. In exercising your right to data portability you shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.
- You have the right to object at any time against the process of your Personal Data by ServerAstra Ltd or a third party. ServerAstra Ltd shall no longer process the Personal Data unless ServerAstra Ltd demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for your establishment, exercise or defense of legal claims. Via any of the above given contacts in writing or in e-mail where Personal Data are processed for direct marketing purposes, you shall have the right to object at any time against the process of your Personal Data for marketing purposes, in which case your Personal Data shall no longer be processed for such reasons.
ServerAstra Ltd does not make decisions based solely on automated processing, including profiling. In case ServerAstra Ltd introduces the referred decision-making process, ServerAstra Ltd will inform you beforehand via e-mail about the applied logic and method. In this case you will have the right for human intervention on the part of ServerAstra Ltd, to express your point of view and to contest the decision.
If you ever experience an unlawful data process, please notify us via email or chat before initiating a legal procedure, and by doing so we have the opportunity to restore the lawful operation if applicable. Please note that we may ask you to verify your identity before responding to such requests. Moreover, should your rights related to your Personal Data be breached, you may file a petition to the court having competency according to your residential address. You may also turn to the Hungarian National Authority for Data Protection and Freedom of Information (H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.) if you believe that your rights related to your Personal Data is being breached.
ServerAstra Ltd. shall give response to your requests within 30 days by email or using the contact data provided by you via mail or email.
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service:
Hotjar Ltd, Level 2
St Julians Business Centre,
3, Elia Zammit Street
St Julians STJ 1000, Malta, Europe
+1 (855) 464-6788
We use Hotjar in order to better understand our users' needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback.
Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user.
You can opt-out to the creation of a user profile, Hotjar's storing of data about your usage of our site and Hotjar's use of tracking cookies on other websites by following this opt-out link: https://www.hotjar.com/legal/compliance/opt-out
Google LLC, Mountain View
1600 Amphitheatre Parkway
Mountain View CA
94043 United States
We use Google Analytics in order to better understand our users' needs and to optimize this service and experience. Google Analytics is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback.
Google Analytics stores this information in a pseudonymized user profile. Neither Google nor we will ever use this information to identify individual users or to match it with further data on an individual user.
You can opt-out to the creation of a user profile, Google's storing of data about your usage of our site and Google's use of tracking cookies on other websites by selecting privacy options at the bottom of the page or clicking this link.
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
The payment processors we work with are:
- PayPal or Braintree:
PayPal (Europe) S.à.r.l. et Cie, S.C.A.
22-24 Boulevard Royal L-2449
Atlanta, US (HQ)
516 3423 Piedmont Rd NE
Buenos Aires, AR
Marcelo T. de Alvear 405
Backup storage services
ServerAstra provides information security by performing continuous backups and uses third party backup providers to store this data. Backup storage providers receive and keep the data in encrypted form. We store the data in the backups for a period of 1 year maximum based on technical assessment to be able to restore the systems in case of unplanned data corruption or system failure in line with Article 32 (c) of the GDPR.
We use the following backup service providers:
- Crashplan SMB:
Code42 Software, Inc.
100 Washington Ave. S, 20th Floor
Minneapolis, MN 55401
Code 42 Software UK LTD
Third Floor – The Pearce Building
West Street, Maidenhead SL6 1RL
Attention: General Counsel
Code 42 Software UK LTD
Third Floor – The Pearce Building
West Street, Maidenhead SL6 1RL
Code42 Software GmbH
Instant Messaging (IM) and Chat
ServerAstra Ltd. operates part of their support system and internal communications via instant messaging systems.
We use the following IM/Chat service providers:
Telegram chats use end-to-end encryption. This means that all data is encrypted with a key that only you and us may know.
ServerAstra Ltd. uses third-party audit and penetration testing for their network and web assets to provide customers with security and protection. A tiny proof of such protection is a security seal.
To display a security seal we use the following providers:
- GeoTrust Security Seal:
Europe Data Protection Liaison
Digicert Ireland Ltd.
Attention: Europe Data Protection Liaison, Richard Hall
C/O Symantec Ltd.
Orion 2 Building, Ballycoolin Business Park
Blanchardstown, Dublin 15 Ireland
By phone or fax:
Phone: +353 1803 5400
Fax: +353 1861 7990
DigiCert, Inc. Global Headquarters
Attention: Global Data Protection Coordinator
2801 North Thanksgiving Way
Lehi, Utah 84043
By phone or fax:
Toll Free: 1-800-896-7973 (US & Canada)
Fax Toll Free: 1-866-842-0223 (US & Canada)
Fax Direct: 801-705-0481
If the service that you have ordered or the payment you requested is not available at ServerAstra, ServerAstra shall forward your data to resellers when if you have previously informed us, that you agree to the transfer of your data, because you have decided to order their services instead of ServerAstra. When we are transferring data to resellers we are using cryptographically secure channels up to the highest industry standards only and transfer only the data filtered for them specifically.
List of our certified resellers:
- Currently there are no certified resellers of our services
Our Accountant Company is:
- Next Accounting Kft.
1132 Hungary, Budapest
Váci út 22-24.
Links To Other Sites
Our Service does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
- By email: email@example.com
- By email: firstname.lastname@example.org
- By visiting this page on our website: https://serverastra.com/billing/submitticket.php