🔒 PRIVACY & DATA PROTECTION

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information when you use our hosting services.

Read Privacy Policy Your Rights

Last Updated: December 2024 | Effective Date: January 1, 2024

Privacy Navigation

Information We Collect
Types of data we collect and how we gather it
How We Use Your Data
Purposes for which we process your information
Data Sharing & Disclosure
When and how we share your information
Data Security
How we protect and secure your data
Cookies & Tracking
Our use of cookies and tracking technologies
Your Rights
Your privacy rights and how to exercise them
Data Retention
How long we keep your information
International Transfers
Cross-border data transfers and protections

Privacy Policy Overview

Understanding our commitment to your privacy

🔒 Our Privacy Commitment

VcclHosting is committed to protecting your privacy and ensuring the security of your personal information. This policy applies to all our hosting services and platforms.

This Privacy Policy describes how VcclHosting ("we," "our," or "us") collects, uses, and shares information about you when you use our hosting services, website, and related services (collectively, "Services"). This policy also explains your choices about the use and disclosure of your information.

Scope of This Policy

  • All VcclHosting hosting services and products
  • Our website and customer portals
  • Support and billing systems
  • Marketing communications
  • Affiliate and partner programs

Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: support@vcclhosting.com
  • Whatsapp: +91-9637136077
  • Address:S.F.3 Lords Premises, 1026 ,E,Rajaram Road-Kop-MH-416008
  • Data Protection Officer: abuse@vcclhosting.com

Information We Collect

Types of data we collect and methods of collection

1. Personal Information You Provide

Account Registration Information

  • Full name and contact details
  • Email address and phone number
  • Billing and shipping addresses
  • Payment information (processed securely)
  • Account passwords (encrypted)

Service Configuration Data

  • Domain names and DNS settings
  • Server configurations and preferences
  • Application installations and settings
  • Backup and security preferences

Support and Communication

  • Support ticket content and attachments
  • Live chat conversations
  • Phone call recordings (with consent)
  • Feedback and survey responses

2. Information Automatically Collected

Usage and Performance Data

  • Server resource usage (CPU, memory, disk)
  • Bandwidth and data transfer statistics
  • Website visitor analytics (when applicable)
  • Service performance metrics

Log Files and Technical Information

  • IP addresses and geographic location
  • Browser type and version
  • Operating system information
  • Access logs and error logs
  • Device identifiers and network information

3. Information from Third Parties

  • Payment processor transaction data
  • Domain registrar information
  • SSL certificate authority data
  • Security threat intelligence
  • Business verification services

💡 Data Minimization

We only collect information that is necessary to provide, improve, and secure our services. We regularly review our data collection practices to ensure compliance with this principle.

How We Use Your Data

Purposes and legal basis for data processing

1. Service Provision and Management

  • Account Management: Creating and maintaining user accounts
  • Service Delivery: Provisioning and managing hosting services
  • Technical Support: Providing customer assistance and troubleshooting
  • Billing and Payments: Processing transactions and managing subscriptions
  • Service Optimization: Improving performance and reliability

2. Security and Compliance

  • Fraud Prevention: Detecting and preventing unauthorized access
  • Security Monitoring: Protecting against threats and vulnerabilities
  • Compliance: Meeting legal and regulatory requirements
  • Abuse Prevention: Enforcing acceptable use policies

3. Communication and Marketing

Service Communications

  • Service announcements and updates
  • Maintenance notifications
  • Security alerts and advisories
  • Billing and payment reminders

Marketing Communications (with consent)

  • Product promotions and special offers
  • Educational content and tutorials
  • Industry news and insights
  • Event invitations and webinars

4. Analytics and Improvement

  • Service Analytics: Understanding usage patterns and performance
  • Customer Insights: Improving user experience and satisfaction
  • Product Development: Developing new features and services
  • Quality Assurance: Monitoring and improving service quality

5. Legal Basis for Processing

Purpose Legal Basis
Service delivery and support Contract performance
Security and fraud prevention Legitimate interests
Marketing communications Consent
Legal compliance Legal obligation

Data Sharing & Disclosure

When and how we share your information

⚠️ Important Notice

We do not sell, rent, or trade your personal information to third parties for marketing purposes without your explicit consent.

1. Service Providers and Partners

Essential Service Providers

  • Payment Processors: For secure payment processing (Stripe, PayPal, etc.)
  • Cloud Infrastructure: For hosting and data storage services
  • CDN Providers: For content delivery and performance optimization
  • Monitoring Services: For service uptime and performance monitoring

Support and Operations

  • Customer support platforms and ticketing systems
  • Analytics and business intelligence tools
  • Email and communication service providers
  • Backup and disaster recovery services

2. Legal and Regulatory Disclosures

We may disclose your information when required by law or to protect our rights:

  • In response to valid legal requests (subpoenas, court orders)
  • To comply with applicable laws and regulations
  • To protect the safety and security of our users and services
  • To investigate and prevent fraud or security incidents
  • To enforce our terms of service and policies

3. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4. Data Processing Agreements

All third-party service providers are required to:

  • Sign comprehensive data processing agreements
  • Implement appropriate security measures
  • Only process data for specified purposes
  • Maintain confidentiality and security standards
  • Report any data breaches immediately

5. Your Control Over Sharing

  • Opt out of non-essential data sharing
  • Control marketing communications preferences
  • Request information about our current partners
  • Withdraw consent for specific processing activities

Data Security

How we protect and secure your information

1. Technical Security Measures

Encryption and Data Protection

  • Data in Transit: TLS 1.2+ encryption for all data transmission
  • Data at Rest: AES-256 encryption for stored data
  • Password Security: Bcrypt hashing with salt for password storage
  • Database Security: Encrypted database connections and backups

Infrastructure Security

  • Multi-layered firewall protection
  • Intrusion detection and prevention systems
  • Regular security patches and updates
  • Network segmentation and access controls
  • 24/7 security monitoring and incident response

2. Access Controls

Employee Access

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA) required
  • Regular access reviews and audits
  • Principle of least privilege enforcement
  • Comprehensive security training programs

Customer Access Security

  • Strong password requirements
  • Optional two-factor authentication
  • Session timeout and management
  • IP-based access restrictions
  • Account activity monitoring

3. Compliance and Certifications

🏆 Security Standards

  • ISO 27001 Information Security
  • SOC 2 Type II Compliance
  • GDPR and CCPA Compliance
  • Industry security best practices

🔍 Regular Audits

  • Third-party security assessments
  • Penetration testing
  • Vulnerability scanning
  • Code security reviews

4. Incident Response

Breach Notification Process

  1. Immediate containment and assessment
  2. Investigation and impact analysis
  3. Notification to authorities (within 72 hours if required)
  4. Customer notification (without undue delay)
  5. Remediation and preventive measures
  6. Post-incident review and improvements

5. Data Backup and Recovery

  • Regular automated backups (daily, weekly, monthly)
  • Geographically distributed backup locations
  • Encrypted backup storage
  • Regular backup integrity testing
  • Comprehensive disaster recovery plan

🔐 Security by Design

Security is built into every aspect of our infrastructure and processes, not added as an afterthought. We continuously evaluate and improve our security measures.

Cookies & Tracking

Our use of cookies and tracking technologies

1. Types of Cookies We Use

Cookie Type Purpose Duration Required
Essential Authentication, security, session management Session Yes
Functional User preferences, language settings 1 year Optional
Analytics Usage statistics, performance monitoring 2 years Optional
Marketing Advertising, remarketing campaigns 90 days Optional

2. Third-Party Tracking Services

Analytics and Performance

  • Google Analytics: Website usage and performance analytics
  • Server Monitoring: Uptime and performance tracking
  • Error Tracking: Application error monitoring and reporting

Marketing and Advertising

  • Google Ads: Conversion tracking and remarketing
  • Facebook Pixel: Social media advertising optimization
  • LinkedIn Insights: B2B marketing and lead generation

3. Managing Your Cookie Preferences

Browser Controls

  • Enable or disable cookies in browser settings
  • Delete existing cookies from your device
  • Set preferences for third-party cookies
  • Use private/incognito browsing mode

Our Cookie Management

  • Cookie consent banner with granular controls
  • Cookie preference center in account settings
  • Easy opt-out for non-essential cookies
  • Regular review of cookie usage and purposes

4. Do Not Track

We respect browser "Do Not Track" signals and will not track users who have enabled this setting. However, this may limit some functionality of our services.

5. Local Storage and Other Technologies

  • Local Storage: Storing user preferences and application data
  • Session Storage: Temporary data for current browsing session
  • Web Beacons: Tracking email opens and engagement
  • API Tokens: Secure authentication for API access

🍪 Cookie Policy Updates

We regularly review and update our cookie practices. Any significant changes will be communicated through our website and email notifications.

Your Privacy Rights

Understanding and exercising your privacy rights

1. Access and Information Rights

Right to Access

  • Request a copy of all personal data we hold about you
  • Understand how your data is being processed
  • Learn about data sharing and recipients
  • Access information about data retention periods

Right to Information

  • Transparent information about data processing
  • Details about the legal basis for processing
  • Information about automated decision-making
  • Contact details for privacy-related inquiries

2. Control and Correction Rights

Right to Rectification

  • Correct inaccurate personal information
  • Update incomplete data records
  • Modify outdated contact information
  • Request verification of data accuracy

Right to Restriction

  • Limit processing of your personal data
  • Temporarily suspend data processing
  • Object to certain types of processing
  • Request data processing limitations

3. Deletion and Portability Rights

Right to Erasure ("Right to be Forgotten")

  • Request deletion of personal data when no longer necessary
  • Withdraw consent for data processing
  • Object to unlawful data processing
  • Exercise deletion rights for marketing data

Right to Data Portability

  • Receive your data in a machine-readable format
  • Transfer data to another service provider
  • Export account and service configuration data
  • Obtain structured data exports

4. Consent and Objection Rights

Right to Withdraw Consent

  • Withdraw consent for marketing communications
  • Opt out of optional data processing
  • Revoke consent for cookies and tracking
  • Change privacy preferences at any time

Right to Object

  • Object to processing based on legitimate interests
  • Opt out of direct marketing activities
  • Object to automated decision-making
  • Challenge processing for research purposes

5. How to Exercise Your Rights

📧 Contact Methods

Email Request

support@vcclhosting.com

Support Portal

Submit privacy request ticket

Account Dashboard

Privacy settings and controls

Phone Support

+91-9637136077

6. Response Timeline

  • Acknowledgment: Within 48 hours of request
  • Simple Requests: Completed within 7 days
  • Complex Requests: Completed within 30 days
  • Extensions: Additional 60 days if necessary (with notification)

7. Identity Verification

To protect your privacy, we may require identity verification before processing certain requests:

  • Account credentials verification
  • Email confirmation from registered address
  • Additional identification for sensitive requests
  • Security questions or two-factor authentication

8. Limitations and Exceptions

⚠️ Important Limitations

Some rights may be limited in certain circumstances:

  • Legal obligations requiring data retention
  • Ongoing service provision requirements
  • Fraud prevention and security measures
  • Legitimate business interests

Data Retention

How long we keep your information

1. Retention Principles

  • Purpose Limitation: Data kept only as long as necessary for stated purposes
  • Legal Compliance: Retention to meet legal and regulatory requirements
  • Business Necessity: Data kept for legitimate business operations
  • User Control: Ability to request early deletion in most cases

2. Retention Periods by Data Type

Data Type Retention Period Reason
Account Information Account lifetime + 3 years Service provision, legal compliance
Billing Records 7 years Tax and accounting requirements
Support Communications 3 years Service improvement, legal
Usage Logs 1 year Security, performance optimization
Marketing Data Until consent withdrawn Marketing communications
Security Incident Data 5 years Security analysis, compliance

3. Active vs. Inactive Accounts

Active Account Data

  • Data retained for active service provision
  • Regular backups and data protection
  • Immediate access for account holders
  • Continuous security monitoring

Inactive Account Data

  • Accounts inactive for 12+ months receive retention notice
  • Data archived after 18 months of inactivity
  • Complete deletion after 3 years (unless legally required)
  • Option to reactivate account within retention period

4. Deletion Procedures

Secure Deletion Process

  1. Data marked for deletion in all systems
  2. Removal from production databases
  3. Deletion from backup systems (next backup cycle)
  4. Secure destruction of physical media
  5. Verification of complete removal
  6. Documentation of deletion process

Legal Hold Exceptions

  • Data under litigation hold retained until resolution
  • Regulatory investigation data preserved as required
  • Security incident data retained for analysis
  • Tax and audit-related data kept per legal requirements

5. Data Portability Before Deletion

Before account deletion, we offer:

  • Complete data export in portable formats
  • 30-day grace period for data retrieval
  • Migration assistance to other providers
  • Backup of critical configuration data

📅 Retention Schedule Review

We regularly review our data retention policies to ensure they remain appropriate and compliant with evolving legal requirements and business needs.

International Data Transfers

Cross-border data transfers and protections

1. Global Operations

VcclHosting operates globally and may transfer your personal data to countries outside your jurisdiction to provide our services effectively. We ensure appropriate safeguards are in place for all international transfers.

2. Primary Data Locations

🏢 Primary Locations

  • India (Primary data center)
  • European Union (EU customers)
  • United States (Global operations)
  • Singapore (Asia-Pacific hub)

🔒 Transfer Safeguards

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions recognition
  • Privacy Shield successor frameworks
  • Binding Corporate Rules (BCRs)

3. Legal Basis for Transfers

Adequacy Decisions

  • Transfers to countries with adequacy decisions from relevant authorities
  • Recognized equivalent data protection standards
  • No additional safeguards required

Standard Contractual Clauses (SCCs)

  • EU Commission-approved standard clauses
  • Contractual obligations for data protection
  • Rights and remedies for data subjects
  • Regular compliance monitoring

Necessity for Service Provision

  • Transfers necessary for contract performance
  • Cross-border support and technical services
  • Global infrastructure optimization
  • Fraud prevention and security measures

4. Data Localization Options

Regional Data Residency

  • Option to keep data within specific regions
  • Local data center selection
  • Compliance with local data residency laws
  • Premium data localization services

Government and Enterprise Customers

  • Dedicated local infrastructure options
  • Custom data residency agreements
  • Compliance with sector-specific requirements
  • Regular compliance reporting

5. Transfer Risk Assessment

Country-Specific Risk Evaluation

  • Regular assessment of destination country laws
  • Evaluation of government access risks
  • Monitoring of legal and political developments
  • Implementation of additional safeguards when needed

Supplementary Measures

  • Enhanced encryption for high-risk transfers
  • Pseudonymization and anonymization techniques
  • Technical measures to limit access
  • Contractual restrictions on data use

6. Your Rights Regarding Transfers

  • Right to information about transfer destinations
  • Right to object to transfers in certain circumstances
  • Right to request data localization options
  • Right to receive information about safeguards in place

🌍 Transfer Transparency

We maintain transparency about our data transfers:

  • Published list of transfer destinations
  • Details about safeguards in place
  • Regular updates on transfer practices
  • Customer notification of significant changes

7. Monitoring and Compliance

  • Regular audits of transfer practices
  • Compliance monitoring by data protection authorities
  • Annual review of transfer safeguards
  • Incident reporting for transfer-related issues

Privacy Questions or Concerns?

Our privacy team is here to help you understand your rights and how we protect your data.

Contact Privacy Team General Support

Privacy Officer: support@vcclhosting.com | Data Protection Officer: abues@vcclhosting.com