At ExpanseHost, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our services.
Cosmorack LTD (Company No. 15759478), registered in the United Kingdom, is the Data Controller responsible for personal data processed by Expanse Host. You may contact our Data Protection team at [email protected].
We collect several types of information to provide and improve our services:
This includes your name, email address, billing address, phone number, and payment information when you register for an account or purchase our services.
We automatically collect IP addresses, browser types, device information, operating system details, and access times when you use our services.
We collect information about how you interact with our services, including pages visited, features used, and performance metrics.
We use cookies and similar tracking technologies to enhance your experience and analyze site usage.
We use the collected information for the following purposes:
We process personal data under the following legal bases:
We take the security of your data seriously and implement industry-standard measures to protect it.
Your data is stored on secure servers in data centers with physical and digital security measures. We use encrypted connections and secure protocols for all data transmission.
We employ encryption, firewalls, access controls, and regular security audits to protect your information from unauthorized access, disclosure, or destruction.
We retain your personal data only for as long as necessary to provide our services and comply with legal obligations. Account data is retained while your account is active and for a reasonable period after closure. Security and access logs are retained for up to 12 months unless a longer retention period is required for investigation or legal compliance.
We process certain technical data for security purposes, including detecting fraud, abuse, DDoS attacks, and unauthorized access. This includes IP logs, traffic patterns, and system-level metadata.
We do not access customer server content unless required for troubleshooting with your permission or to comply with legal obligations. System logs (e.g., access logs, performance metrics) may be collected for security and operational purposes.
We do not sell your personal information. We may share your data only in the following circumstances:
We work with trusted third-party subprocessors such as payment processors (e.g., Stripe), datacenter operators, analytics providers, and email service providers. These subprocessors only receive information necessary to perform their function. A list is available upon request.
In the event of a data breach affecting your personal data, we will notify you and relevant authorities in accordance with applicable laws.
You have certain rights regarding your personal information:
You can access and update your account information at any time through your account dashboard or by contacting our support team.
You have the right to request a copy of your personal data in a structured, machine-readable format.
You can request deletion of your account and personal data, subject to our legal obligations to retain certain information.
You can opt out of marketing emails by clicking the unsubscribe link in any promotional email or by adjusting your account preferences.
We use cookies and similar technologies to improve your experience on our website.
Users in the EU/EEA will be presented with a cookie consent banner allowing acceptance or rejection of non-essential cookies.
We use essential cookies (required for site functionality), analytics cookies (to understand usage patterns), and preference cookies (to remember your settings).
You can control cookies through your browser settings. Note that disabling certain cookies may affect site functionality.
Our services may integrate with or link to third-party services that have their own privacy policies. We are not responsible for the privacy practices of these external services. We recommend reviewing their privacy policies before sharing your information.
Our services are not intended for individuals under 13 (or under 16 in jurisdictions where consent laws differ). We do not knowingly collect personal information from children. If we become aware that we have collected data from a minor, we will take steps to delete that information.
If personal data is transferred outside the UK or EU, we use safeguard mechanisms such as Standard Contractual Clauses (SCCs) or equivalent lawful measures to ensure adequate protection.
We do not sell personal information. California residents have the right to know, delete, correct, and opt out of data selling/sharing. To exercise these rights, contact [email protected]
Deleting your account does not automatically delete active service data such as servers or backups. Billing records may be retained for legal and tax compliance. Backups may persist temporarily as part of routine system operation.
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the new policy on our website and updating the 'Last Updated' date. Your continued use of our services after changes constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at [email protected] or through our support ticket system.