Effective date: 2023.07.20.
The data of the Data Controller:
- Company Name: ServerAstra Informatikai, Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
- Registered seat: 1158 Budapest, Petrence utca 66.
- Company registration number: Cg. 01-09-873403
- E-mail: email@example.com
- Website: serverastra.com
- Tax number: 13791173-2-42
- VATID: HU13791173
- Name of Court of Registration: Metropolitan Court as Court of Registration
ServerAstra Kft. ("ServerAstra", "us", "we", or "our") operates the https://serverastra.com website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small pieces of data stored on a User's device.
Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. We are a Data Controller of your data, when we are providing you the services, maintaining your customer and payment information.
Data Processor (or Service Providers)
Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively. We are the Data Processor of your data, when you store your personal data on our devices, servers and other hardware involved in providing the Service. As a Data Processor we shall have an agreement in place with you for data processing, therefore please find information on data processing in our General Terms and Conditions of Services.
Data Subject is any living individual who is the subject of Personal Data.
The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
Information Collection And Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
While using our Service, you need to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information is:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
Cookies and Usage Data
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
We may also collect information how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking & Cookies Data
Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
- Statistics Cookies. We use Statistics Cookies for analytics purposes to improve our service.
Use of Data
ServerAstra uses the collected data for various purposes on a different legal basis:
- To provide and maintain our Service - GDPR Article 6. (1) b)
- To notify you about changes to our Service - GDPR Article 6. (1) b)
- To allow you to participate in interactive features of our Service when you choose to do so - GDPR Article 6. (1) b)
- To provide customer support GDPR Article 6. (1) b)
- To gather analysis or valuable information so that we can improve our Service - GDPR Article 6. (1) f)
- To monitor the usage of our Service - GDPR Article 6. (1) f)
- To detect, prevent and address technical issues - GDPR Article 6. (1) b)
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about unless you have opted not to receive such information GDPR Article 6. (1) a)
- To issue our invoices and complete our tax obligations - GDPR Article 6. (1) c) - Section 78 (3) on Tax Proceedings and Section 169 of Act C of 2000 on Accounting.
- To provide and manage customer support and complaint services - GDPR Article 6. (1) c.) - Section 17/A on the Act CLV of 1997on Customer Protection.
Retention of Data
After the termination of the agreement, in cases where the legal basis on which we were processing your data was based on GDPR Article 6. (1) b) or GDPR Article 6. (1) f), the retention period is set to be 5 years after the termination of our agreement, since we have a legitimate interest to defend ourselves should you have any claim against us in connection with our services. This five years lapse period is based on Section 6:22 of the Hungarian Civil Code.
In cases where the legal basis on which we were processing your data was based on GDPR Article 6. (1) a) we only process your data until you decide to withdraw your consent to the data process or your contract with us has been ceased.
In cases where the legal basis on which we are processing your data was based on GDPR Article 6. (1) c) the legal retention period is set by mandatory laws:
- To issue our invoices and complete our tax obligations - 8 years - Section 78 (3) on Tax Proceedings and Section 169 of Act C of 2000 on Accounting.
- To provide and manage customer support and complaint services - 5 years - Section 17/A on the Act CLV of 1997on Customer Protection.
Usage Data is processed on the legal basis of GDPR Article 6. (1) f) and this data is retained for 6 months, the data is used to strengthen the security, to identify breaches and resolve security issues and thus improve the functionality of our Service.
Transfer Of Data
Disclosure Of Data
Disclosure for Law Enforcement
Under certain circumstances, ServerAstra may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
ServerAstra may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of ServerAstra
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
If you order domain registration service from us, ServerAstra must disclose your Personal Data to the following registrar company to register your domain:
Enom (Enom Inc.)
96 Mowat Avenue
Toronto, ON M6K 3M1, Canada
You may find further information on the data process of the domain registrar at the following website: https://www.enom.com/reseller/legal-policy-agreements/privacy-policy/
Hexonet (Key-Systems GmbH)
Im Oberen Werk 1
66386 St. Ingbert, Germany
You may find further information on the data process of the domain registrar at the following website: https://www.hexonet.net/privacy_policy
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. In case of known breach we have necessary procedures in place to inform Hungarian data protection authorities and the affected Data Subject of such breach.
We provide the appropriate level of data security which include, but are not limited to, (i) your data is stored in a secure technical environment, we are not making it available to the public (ii) only properly identified employees of our company and our business partners have access to your data (iii) data is encrypted by using industry standards SSL communication or SSH2 with AES128-AES256 cryptography; (iv) we use industry standard and PCI-DSS compliant SSL encryption for web/HTTP communications (v) our data is stored physically in Budapest server room (vi) we use encryption when sending data to Registers, registrars, resellers, back up service providers, (vii) we regularly test and evaluate our security actions and improve them; (vii) we check your identification before you are exercising yours rights in order to protect your data; (viii) We perform continuous backups of our data.
"Do Not Track" Signals
We support Do Not Track ("DNT") and disable analytics and statistics collection for browsers reporting this header. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
ServerAstra aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
In addition please be informed on your rights related to our data process:
- You have the right to ask information in writing whether a data process of your Personal Data is in progress by ServerAstra You shall have the right to obtain from ServerAstra confirmation as to whether or not Personal Data concerning you are being processed and if that is the case, the ServerAstra Ltd shall inform you on the purposes of the processing, the categories of Personal Data concerned, the legal base of the process, the data source, the period of the process and the recipients or categories of recipient to whom the Personal Data have been or will be disclosed, in particular recipients in third countries.
- You have the right to have any of your Personal Data corrected without delay and have your data completed by ServerAstra For example you may change your email address or password at any time.
- You have the right to the erasure of Personal Data concerning you without delay where one of the following grounds applies:
- the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw consent on which the processing is based, and where there is no other legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- the Personal Data have been unlawfully processed;
- the Personal Data have to be erased for compliance with a legal obligation applicable for ServerAstra Ltd;
- the Personal Data have been collected in relation to the offer of information society services to children.
- You have the right to have your Personal Data blocked or have the data processing restrained where one of the following applies:
- the accuracy of the Personal Data is contested, for a period enabling the ServerAstra to verify the accuracy of the Personal Data;
- the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead;
- ServerAstra no longer needs the Personal Data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
- You have objected to processing; pending the verification whether the legitimate grounds of the controller override those of the data subject.Where processing has been blocked/restricted, such Personal Data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. Such block/restraint shall last until the data storage is required by the reason named by you.
- You have the right to receive the Personal Data concerning you, which you have provided to ServerAstra Ltd, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from ServerAstra Ltd to which the Personal Data have been provided, where the processing based on your consent or on a contract and the processing is carried out by automated means. In exercising your right to data portability you shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.
- You have the right to object at any time against the process of your Personal Data by ServerAstra Ltd or a third party. ServerAstra Ltd shall no longer process the Personal Data unless ServerAstra Ltd demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for your establishment, exercise or defense of legal claims. Via any of the above given contacts in writing or in e-mail where Personal Data are processed for direct marketing purposes, you shall have the right to object at any time against the process of your Personal Data for marketing purposes, in which case your Personal Data shall no longer be processed for such reasons.
ServerAstra Ltd does not make decisions based solely on automated processing, including profiling. In case ServerAstra Ltd introduces the referred decision-making process, ServerAstra Ltd will inform you beforehand via e-mail about the applied logic and method. In this case you will have the right for human intervention on the part of ServerAstra Ltd, to express your point of view and to contest the decision.
If you ever experience an unlawful data process, please notify us via email or chat before initiating a legal procedure, and by doing so we have the opportunity to restore the lawful operation if applicable. Please note that we may ask you to verify your identity before responding to such requests. Moreover, should your rights related to your Personal Data be breached, you may file a petition to the court having competency according to your residential address. You may also turn to the Hungarian National Authority for Data Protection and Freedom of Information (H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.) if you believe that your rights related to your Personal Data is being breached.
ServerAstra shall give response to your requests within 30 days by email or using the contact data provided by you via mail or email.
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service:
Google LLC, Mountain View
1600 Amphitheatre Parkway
Mountain View CA
94043 United States
We use Google Analytics in order to better understand our users' needs and to optimize this service and experience. Google Analytics is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback.
Google Analytics stores this information in a pseudonymized user profile. Neither Google nor we will ever use this information to identify individual users or to match it with further data on an individual user.
You can opt-out to the creation of a user profile, Google's storing of data about your usage of our site and Google's use of tracking cookies on other websites by selecting privacy options at the bottom of the page or clicking this link.
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
The payment processors we work with are:
PayPal or Braintree:
PayPal (Europe) S.à.r.l. et Cie, S.C.A.
22-24 Boulevard Royal L-2449
Barion Payment Zrt.
1117 Hungary, Budapest
Irinyi József utca 4-20.
Atlanta, US (HQ)
516 3423 Piedmont Rd NE
Buenos Aires, AR
Marcelo T. de Alvear 405
A. Goštauto g. 8-331
Stripe, Inc. 354 Oyster Point Boulevard South San Francisco, California, 94080, USA Attention: Stripe Legal
Stripe Payments Europe Limited 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland Attention: Stripe Legal
OTP Bank Plc.
Nádor Street 16. Budapest, Hungary H-1051
Revolut Payments UAB/Revolut Bank UAB Konstitucijos ave. 21B, Vilnius, LT-08130, Lithuania
Instant Messaging (IM), Chat and Phone communications
ServerAstra operates part of their support system and internal communications via instant messaging systems.
We use the following IM/Chat service providers:
Telegram Messenger FZ-LLC
71-75 Shelton Street
Covent Garden, London
England, WC2H 9JQ
Telegram chats use end-to-end encryption. This means that all data is encrypted with a key that only you and us may know.
WhatsApp Ireland Limited 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland
WhatsApp chats use end-to-end encryption. This means that all data is encrypted with a key that only you and us may know.
UK representative: SMARTVOICE LTD, 63-66 Hatton Garden, London, United Kingdom, EC1N 8LE.
EU representatives: IP Telecom Bulgaria LTD: office 211, 16 Vasil Levski Str., Burgas, Bulgaria - 8000. VOICE CLOUD S.L., av/Cortes Valencianas, 58-1003, Valencia, Spain - 46015.
Kazakhstan representative: SMARTVOICE KZ LLP 43 Markov str., Almaty, 050040, Kazakhstan
We use Zadarma service for our VoIP processing and call recording.
ServerAstra uses third-party audit and penetration testing for their network and web assets to provide customers with security and protection. A tiny proof of such protection is a security seal.
To display a security seal and protect our website from abuse we use the following providers:
Google LLC, Mountain View
1600 Amphitheatre Parkway
Mountain View CA
94043 United States
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human and not an automated program. reCAPTCHA analyses the behavior of the website visitor based on various characteristics. This operations starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google. The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place. Data processing is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
If the service you've ordered or the payment method you've selected is not available at ServerAstra, we may share your data with our resellers, but only if you've previously given us explicit consent to do so. This might occur if you've chosen to utilize their services in lieu of ServerAstra's. Rest assured, any data transfer to resellers is conducted through cryptographically secure channels that adhere to the highest industry standards. Furthermore, only specifically filtered data relevant to them will be transferred.
Accounting contractor is:
Next Accounting Kft.
1132 Hungary, Budapest Váci út 20-26 7.emelet
Links To Other Sites
Our Service does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
If you have any questions about this document, please contact us:
- By email: firstname.lastname@example.org
- By visiting this page on our website: https://serverastra.com/Contact