Privacy Policy

1. General Provisions and Definitions

This Privacy Policy ("Policy") governs the processing of personal data by DenyBots Secure Hosting ("DenyBots," "we," "us," "our," or the "Controller") in connection with the operation of webhosting and domain registration services accessible via Denybots.com (the "Services"). The terms "User," "you," and "your" refer to any individual accessing or utilizing our Services.

For the purposes of this Policy, "personal data" refers to any information relating to an identified or identifiable natural person as defined in Article 4(1) of Regulation (EU) 2016/679 (General Data Protection Regulation or "GDPR"). We adhere to the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality in our data processing activities.

2. Legal Framework and Applicability

This Policy has been developed in accordance with and is subject to the GDPR, relevant EU Member State legislation, and other applicable data protection laws. By accessing or using our Services, you acknowledge that you have read and understood this Policy.

The Controller of your personal data is DenyBots Secure Hosting, established in Estonia, European Union, operating under applicable European and Estonian data protection law. Any inquiries regarding data protection matters should be directed to the contact information provided in Section 12 of this Policy.

3. Categories of Personal Data Processed

In the normal course of providing our Services, we may collect and process certain personal data, which may include but is not necessarily limited to:

3.1 Account and Registration Data: Information provided during account creation, service subscription, or domain registration, including identifiers such as name, username, email address, business name (where applicable), telephone number, and postal address.

3.2 Technical and Usage Data: Information automatically generated through your interaction with our infrastructure and Services, such as IP addresses (processed in a pseudonymized format wherever technically feasible), browser characteristics, device information, operating system details, language preferences, referring URLs, length of visits, and pages viewed. Such data is primarily collected for service optimization and security monitoring purposes, in accordance with industry standards for hosting service providers.

3.3 Communication Data: Records of communications between you and DenyBots, including support inquiries, correspondence, feedback submission, and similar interactions initiated by either party.

3.4 Transactional Data: Information related to services purchased, including type of service, pricing, billing information, payment method details, transaction timestamps, service utilization metrics, and domain registration information as required by ICANN or relevant registries.

4. Legal Basis for Processing

DenyBots processes personal data in accordance with Article 6 of the GDPR, relying on the following legal bases:

4.1 Contractual Necessity: Processing necessary for the performance of our contract with you or to take steps at your request prior to entering into a contract (Article 6(1)(b) GDPR).

4.2 Legal Obligation: Processing necessary for compliance with a legal obligation to which we are subject (Article 6(1)(c) GDPR).

4.3 Legitimate Interests: Processing necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms (Article 6(1)(f) GDPR). Our legitimate interests include: ensuring network and information security, preventing fraud, improving our Services, and direct marketing to existing customers regarding similar services.

4.4 Consent: Where applicable and required, processing based on your freely given, specific, informed, and unambiguous consent (Article 6(1)(a) GDPR).

5. Data Sharing and Third Parties

DenyBots maintains a strict commitment to data protection and privacy. We do not sell, rent, trade, or otherwise transfer user data to external parties for marketing, profiling, or commercial exploitation purposes. Data sharing is strictly limited to the following circumstances:

• With essential third-party service providers who operate under confidentiality obligations and solely for the purpose of enabling specific operational functions necessary for service delivery (e.g., payment processing, security infrastructure, domain registration).
• When legally compelled to do so pursuant to a valid court order, subpoena, or similar legal process issued exclusively within Estonian jurisdiction or applicable EU jurisdiction, and only after thorough verification of the legitimacy of such requests.
• In an anonymized, aggregated, or otherwise de-identified format that cannot reasonably be used to identify individual users for analytical, statistical, or research purposes.
• In exceptional circumstances where disclosure is necessary to protect the vital interests of the data subject or another natural person, to protect the security of our network and Services, or to detect or prevent fraud or other illegal activities.

Any third parties with whom data is shared for operational purposes are contractually obligated to implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data.

6. Data Retention and Storage Limitations

DenyBots implements a data retention policy that limits the storage of personal data to the period necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. The specific retention periods vary depending on the category of data, the nature of the relationship with the user, and applicable legal obligations. Technical infrastructure data may be retained for security and operational optimization purposes for periods consistent with industry standards. Upon termination of services, user data is securely deleted or anonymized according to established protocols, except where retention is required by law or legitimate business purposes.

7. International Data Transfers

DenyBots primarily processes and stores personal data within the European Economic Area (EEA). In instances where data may be processed outside the EEA, we implement appropriate safeguards in accordance with Chapter V of the GDPR, including but not limited to Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other legally valid transfer mechanisms. The Controller undertakes regular assessments of cross-border data transfer mechanisms to ensure ongoing compliance with applicable data protection regulations.

8. Security Measures

DenyBots implements comprehensive technical and organizational security measures in accordance with Article 32 of the GDPR to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include, but are not limited to, encryption protocols, access controls, authentication mechanisms, regular security assessments, data backup procedures, staff training, and incident response protocols. The specific security configurations are regularly reviewed and updated in accordance with evolving industry standards and threat landscapes applicable to hosting service providers.

9. Cookies and Similar Technologies

DenyBots utilizes cookies and similar technologies to facilitate essential service functionality, enhance user experience, and collect certain technical data as described in Section 3.2. These technologies operate in accordance with applicable laws, including the ePrivacy Directive and relevant national implementations. Detailed information regarding cookie usage, configuration options, and management preferences is available through our separate Cookie Policy accessible via our website.

10. Data Subject Rights

In accordance with Chapter III of the GDPR, users may exercise various rights related to their personal data, subject to applicable legal limitations and requirements:

10.1 Right of Access: The right to obtain confirmation as to whether personal data concerning you is being processed, and, where that is the case, access to the personal data and certain supplementary information.

10.2 Right to Rectification: The right to have inaccurate personal data rectified and, taking into account the purposes of the processing, to have incomplete personal data completed.

10.3 Right to Erasure: Under certain circumstances, the right to have personal data erased when it is no longer necessary, when consent is withdrawn (if applicable), or when there are no overriding legitimate grounds for processing.

10.4 Right to Restriction of Processing: The right to restrict the processing of personal data under specific conditions outlined in Article 18 of the GDPR.

10.5 Right to Data Portability: Where technically feasible and legally applicable, the right to receive personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

10.6 Right to Object: The right to object to processing based on legitimate interests, including profiling, and to direct marketing.

10.7 Rights Related to Automated Decision-Making: The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you, subject to certain exceptions.

To exercise these rights, please contact us using the information provided in Section 12. We will respond to all legitimate requests within the timeframes prescribed by applicable law. In certain cases, we may ask for verification of identity to protect against fraudulent requests.

11. Policy Updates and Amendments

DenyBots reserves the right to modify this Policy at any time to reflect changes in our data processing practices, legal requirements, or technological advancements. While we may notify users of significant changes in some cases, users are responsible for periodically reviewing this Policy to stay informed about our current data protection practices. We may not always announce minor changes or updates. Continued use of our Services following any changes to this Policy constitutes acceptance of the updated Policy, regardless of whether you have been notified of such changes.

12. Contact Information

For any inquiries, concerns, or requests related to this Privacy Policy or our data processing activities, please contact us

Without prejudice to any other administrative or judicial remedy that might be available under applicable law, users may, subject to relevant jurisdictional and procedural requirements, have recourse to competent regulatory bodies in accordance with Articles 77-79 of the GDPR, the extent and applicability of which shall be determined by the relevant authority in consideration of all pertinent circumstances.

© 2025 DenyBots Secure Hosting. All rights reserved.