Knowledge Base

Privacy_Policy_(GDPR)

Privacy Policy

I. Introduction

This Privacy Policy explains how personal data is collected, used, and protected when visiting the website or using the services. Personal data refers to any information that can identify a person, such as name, email, and IP address, as per GDPR.

II. Data Controller

Blesta.Store (Sebastian-Wilhelm Graf)
Email: support@blesta.store
Phone: +43 670 5555 666
Address: Morsegasse 1/2/34, 1210 Vienna, Austria

III. Data Collection & Usage

1- Website Usage
Technical data (e.g., IP addresses, browser info) is gathered to ensure proper functionality and security of the website (Article 6(1)(f) GDPR). Logs may be retained for longer periods when required for fraud prevention or service improvements. Session cookies may be used for website operation.

2 - Live Chat Support
Any data shared during live chat support is used solely to provide assistance and improve service quality (Article 6(1)(f) GDPR). Session cookies may be used for live-chat operation.

3 - Service Registration & Usage
When registering for services, personal data (e.g., name, email, billing info) is collected to manage the account and provide the requested services (Article 6(1)(b) GDPR). Session cookies may be used for service operation.

4 - Service Delivery
Personal data is collected and processed to operate and deliver services efficiently, in accordance with contractual obligations and industry standards (Article 6(1)(b) GDPR).

5- Billing & Payments
Data is processed for invoicing and payment purposes, including fraud prevention and internal KYC procedures to verify identity (Article 6(1)(b), 6(1)(c), 6(1)(f) GDPR). Payment details are handled by third-party providers, and their privacy policies apply.

6 - Network & Data Center Services
Network traffic and physical access are monitored for billing, quality control, and abuse prevention (Article 6(1)(b), 6(1)(f) GDPR). Log data may be retained for longer periods for fraud detection or to improve service quality.

7 - Domain Registration & Hosting
For domain registration services, personal data may be shared with third parties, such as domain registrars or external Third-Party Services/Databases. If necessary, personal data may be transferred outside the EU to provide the required services. Email services may also log support requests for troubleshooting purposes.

8 - LIR Services
For LIR services, identity verification is conducted under RIPE's due diligence policy (Article 6(1)(c) GDPR). The submitted data is securely transferred to RIPE. Their privacy policy is available on their website.

9 - Virtual Servers
When using virtual server services, data such as IP addresses, server usage statistics, and traffic information is collected to ensure service quality and prevent misuse (Article 6(1)(b) GDPR). Logs may be retained longer to support billing, prevent abuse, or improve service quality (Article 6(1)(f) GDPR).

10 - Third-Party Software Licenses
When utilizing third-party software licenses through the services (e.g., Blesta licenses), necessary data is processed to manage and validate these licenses. Limited information may be shared with the software vendor to ensure compliance with licensing agreements (Article 6(1)(b) GDPR). Data protection measures are in place to ensure information is shared only for licensing and compliance purposes.

IV. Data Sharing

Personal data may be shared with third-party service providers (e.g., domain registrars, anti-fraud databases) to facilitate service delivery. Data may also be transferred to organizations outside the EU where necessary. Additionally, personal data may be disclosed to law enforcement agencies or courts, as required by law.

V. Your Rights

Under GDPR, individuals have the right to:

  • Access their personal data.
  • Correct inaccurate data.
  • Request deletion of their data.
  • Restrict processing of their data.
  • Portability of their data.
  • Object to certain processing.
  • Withdraw consent at any time.

To exercise any of these rights, contact the Data Controller using the details provided above. Complaints regarding data protection can also be filed with the Austrian Data Protection Authority.

VI. Data Retention

Personal data is retained for as long as necessary to provide services or fulfill legal obligations. Accounting-related data (e.g., invoices) is stored for up to 10 years to comply with tax laws. Data collected for network services, fraud prevention, or service improvements may be retained longer when required.

VII. Complaints

For concerns regarding data handling, complaints can be submitted to the Austrian Data Protection Authority:
Website: https://www.dsb.gv.at

Please rate this article to help us improve our Knowledge Base.

0 0