Privacy Policy

PRIVACY POLICY

Effective Date: May 10, 2025

1. Introduction and Scope

Welcome to HostifyX (“HostifyX,” “we,” “us,” or “our”). We are committed to protecting the privacy and security of the personal data of our users (“you” or “your”). This Privacy Policy outlines our practices concerning the collection, use, disclosure, processing, and protection of your personal data in compliance with Singapore’s Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA”) and its related regulations.

This Policy applies to all personal data collected by HostifyX in relation to the server rental, cloud server solutions, VPS hosting, website hosting, and other related services (collectively, the “Services”) we provide. By accessing our website, using our Services, or otherwise providing us with your personal data, you acknowledge and agree to the terms of this Privacy Policy.

2. Personal Data We Collect

“Personal Data” refers to any data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which we have or are likely to have access.  

We may collect the following types of Personal Data:  

• Identity and Contact Data: Including your full name, email address, postal address, telephone number, date of birth, and copies of identity documents (where required for verification or by law).
• Account Data: Including your username, password, account preferences, and transaction history.
• Financial and Transaction Data: Including payment card details, bank account information, billing address, payment history, and details about products and Services you have purchased from us.
• Technical Data: Including Internet Protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Services. This may also include server logs, usage data, and performance metrics related to your use of our Services.  
• Usage Data: Information about how you use our website, products, and Services, including data hosted on our servers by you (e.g., website files, databases, server configurations) to the extent necessary for providing and troubleshooting the Services.
• Marketing and Communications Data: Including your preferences in receiving marketing from us and our third parties and your communication preferences.  
• Support Data: Information you provide when you request technical support, including summaries of the issues and resolutions.
• Any other information: Relating to you which you have provided us in any forms you may have submitted to us, or in other forms of interaction with you.  

3. How We Use Your Personal Data (Purposes)

We will only collect and use your Personal Data for purposes that a reasonable person would consider appropriate in the circumstances and for which we have obtained your consent, or as permitted or required by the PDPA or other applicable laws. These purposes include:

• Providing and Managing Services:
  • To register you as a new customer and manage your account.
  • To provision, configure, maintain, and monitor the Services you request (e.g., server rental, cloud servers, VPS hosting, website hosting).
  • To process transactions, invoices, and payments.
  • To provide technical support and customer service.
• Communication:
  • To communicate with you regarding your account, service updates, security alerts, and administrative messages.
  • To respond to your inquiries and requests.
• Improvement and Development:
  • To improve our website, Services, marketing, customer relationships, and experiences.
  • To conduct research, analysis, and development activities (including data analytics, surveys, and/or profiling) to monitor and improve our Services.
• Security and Compliance:
  • To protect the security and integrity of our Services, systems, and data, including preventing and detecting fraud, cyber-attacks, and other malicious activities.
  • To comply with applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.  
  • To manage and protect our business, including our infrastructure, and for internal operational requirements (e.g., auditing, IT services, data hosting).
• Marketing (with consent):
  • To send you marketing information about our Services, promotions, or events, where you have given your explicit consent. You can opt-out of marketing communications at any time.

We will not use your Personal Data for purposes other than what we have informed you, or which are permitted under local laws and regulations.  

4. Consent

• Obtaining Consent: We will obtain your consent before collecting, using, or disclosing your Personal Data, except where permitted or required by law. Consent can be express (e.g., by ticking a box) or, in limited circumstances, deemed (e.g., where you voluntarily provide Personal Data for an obvious purpose).
• Withdrawal of Consent: You may withdraw your consent at any time by contacting our Data Protection Officer (DPO) at the details provided below. Upon receiving your request, we will inform you of the likely consequences of withdrawing consent. Please note that withdrawing consent may prevent us from providing certain Services to you. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal or any processing that is permitted without consent under the PDPA.
• Deemed Consent by Contractual Necessity: We may collect, use, or disclose your Personal Data if it is reasonably necessary for the conclusion or performance of a contract to which you are a party. For example, if you subscribe to our server hosting services, we will need your contact and payment information to provide and bill for those services.
• Deemed Consent by Notification: We may rely on deemed consent by notification if we have provided you with appropriate notification of the purpose for which we intend to collect, use, or disclose your Personal Data and you have not opted out.

5. Disclosure of Personal Data

We may disclose your Personal Data to the following parties for the purposes set out in Section 3:

• Our Affiliates and Related Corporations: For the purpose of providing and improving our Services, and for internal administrative purposes.
• Third-Party Service Providers: We may engage third-party companies and individuals to perform services on our behalf (e.g., payment processors, data analytics providers, cloud storage providers, domain name registrars, customer support services, marketing agencies). These third parties will only have access to your Personal Data to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We will ensure that such third parties provide a standard of protection to the Personal Data so transferred that is comparable to the protection under the PDPA.  
• Professional Advisors: Including lawyers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services, where necessary for our business operations or to comply with legal obligations.
• Governmental and Regulatory Authorities: Where required by law or by any governmental or regulatory authority of Singapore or other relevant jurisdictions, or to protect our rights, property, or safety, and that of our users or the public.
• Business Transfers: In the event of a merger, acquisition, reorganization, asset sale, or bankruptcy, your Personal Data may be transferred as part of the transaction. We will notify you before your Personal Data is transferred and becomes subject to a different privacy policy.  

We will not sell, rent, or trade your Personal Data to any third parties for their marketing purposes without your explicit consent.

6. International Transfer of Personal Data

Your Personal Data may be transferred to, stored, or processed in countries outside of Singapore where our servers, affiliates, or third-party service providers are located. We will take appropriate steps to ensure that any transfer of Personal Data to a territory outside of Singapore will be in accordance with the PDPA, ensuring that the recipient organization is bound by legally enforceable obligations to provide a standard of protection comparable to that under the PDPA. This may include entering into appropriate data transfer agreements or ensuring the recipient is certified under a recognized data protection framework.

7. Protection of Your Personal Data (Security Obligation)

We are committed to protecting your Personal Data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks. We have implemented reasonable administrative, physical, and technical security measures, including:  

• Data Encryption: Using encryption (e.g., SSL/TLS) for data transmission.
• Access Controls: Implementing strict access controls to limit access to Personal Data to authorized personnel only, based on their roles and responsibilities.
• Secure Infrastructure: Utilizing secure server environments and network architecture.
• Regular Security Audits and Assessments: Conducting periodic reviews of our security measures to ensure their effectiveness.
• Internal Policies and Training: Implementing internal data protection policies and providing training to our employees on data protection best practices.

While we strive to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. You are also responsible for keeping your account credentials confidential.  

8. Retention of Personal Data (Retention Limitation Obligation)

We will retain your Personal Data only for as long as it is necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable laws. This includes retention for legal, regulatory, accounting, or reporting requirements.  

When your Personal Data is no longer required for these purposes, or upon your request for deletion (subject to legal and contractual restrictions), we will take steps to securely destroy, anonymize, or permanently delete your Personal Data in accordance with our data retention policies and applicable laws.

9. Accuracy of Personal Data (Accuracy Obligation)

We will make reasonable efforts to ensure that the Personal Data we collect is accurate and complete if it is likely to be used by us to make a decision that affects you, or if it is likely to be disclosed to another organization. However, we rely on you to provide us with accurate and up-to-date information. You should inform us of any changes to your Personal Data by contacting our DPO.

10. Your Rights (Access, Correction, Withdrawal, Data Portability)

Under the PDPA, you have the following rights regarding your Personal Data:

• Right to Access: You have the right to request access to your Personal Data that is in our possession or under our control and information about the ways in which your Personal Data has been or may have been used or disclosed by us within a year before the date of the request. We may charge a reasonable fee for processing access requests.  
• Right to Correction: You have the right to request the correction of any error or omission in your Personal Data that is in our possession or under our control.
• Right to Withdraw Consent: As detailed in Section 4, you have the right to withdraw your consent to the collection, use, or disclosure of your Personal Data.
• Right to Data Portability: You have the right to request that we transmit your Personal Data, which you have provided to us and is in our possession or under our control, to another organization in a commonly used machine-readable format, where such processing is based on consent or contract and is carried out by automated means. This right is subject to certain conditions and limitations as prescribed by the PDPA.

To exercise any of these rights, please contact our Data Protection Officer (DPO) using the contact details provided below. We will respond to your request as soon as reasonably possible and in accordance with the PDPA.  

11. Data Breach Notification

In the event of a data breach that is likely to result in significant harm to individuals whose Personal Data is affected, or is of a significant scale, we will:

• Take immediate steps to contain and assess the breach.
• Notify the Personal Data Protection Commission (PDPC) of Singapore as soon as practicable, and in any case, no later than three (3) calendar days after determining that a notifiable data breach has occurred.
• Notify affected individuals as soon as practicable if the data breach is likely to result in significant harm to them, unless exceptions apply (e.g., if remedial actions have been taken to render significant harm unlikely, or if the data was encrypted).

Our data breach response plan includes procedures for assessment, containment, notification, and review.

12. Cookies and Tracking Technologies

Our website and Services may use cookies, pixel tags, and other similar tracking technologies to enhance user experience, analyze trends, administer the website, track users’ movements around the site, and gather demographic information about our user base as a whole.  

• Cookies: Small text files stored on your device. You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.  
• Types of Cookies Used: We may use session cookies (which expire when you close your browser) and persistent cookies (which stay on your device until you delete them). We use cookies for purposes such as authentication, preferences, analytics, and advertising (where applicable and with consent).  

By using our website and Services, you consent to our use of cookies and tracking technologies as described, unless you have configured your browser settings to reject them.

13. Third-Party Links

Our website or Services may contain links to other websites or services operated by third parties. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read the privacy policies of any third-party site you visit.  

14. Children’s Privacy

Our Services are not directed to individuals under the age of 13 (or a higher age as required by applicable law). We do not knowingly collect Personal Data from children. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our servers. If you believe that we might have any Personal Data from or about a child, please contact our DPO.  

15. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technological advancements. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the “Effective Date.” We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our Services after any changes to this Privacy Policy will constitute your acceptance of such changes.  

16. Data Protection Officer (DPO) and Contact Information (Accountability)

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our compliance with the PDPA and handling any privacy-related queries or complaints. If you have any questions about this Privacy Policy, our data protection practices, or if you wish to exercise any of your rights, please contact our DPO:

Data Protection Officer

HostifyX

8 HOUGANG STREET 92 #08-02 REGENTVILLE SINGAPORE (538686)

Email: [email protected]

Please allow reasonable time for your request to be processed.

17. Governing Law

This Privacy Policy and your use of our Services shall be governed in all respects by the laws of Singapore.