Back to Home

Privacy Policy

Mino UG
[Business Address]
Germany

Version 1.0 | Updated January 15, 2025

Effective Date: January 15, 2025
GDPR Art. 13/14 Compliant
PIPEDA Compliant

1. Data Controller and Contact Information

Responsible Entity (Data Controller)

Mino UG
[Business Address]
Germany
Email: [email protected]
Phone: [Phone Number]

This privacy policy explains how Mino UG (operating as "vps.direct") collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and the Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Legal Basis and Purpose of Data Processing

We process your personal data based on the following legal grounds under Article 6 GDPR:

Art. 6(1)(b) GDPR - Contract Performance

Processing necessary for the performance of our hosting services contract

Art. 6(1)(c) GDPR - Legal Obligation

Processing for compliance with legal obligations (tax law, telecommunications law)

Art. 6(1)(f) GDPR - Legitimate Interest

Processing for our legitimate interests in providing secure and reliable hosting services

Art. 6(1)(a) GDPR - Consent

Processing based on your explicit consent for marketing communications

3. Categories of Personal Data Collected

Account and Registration Data

  • Name (first name, last name)
  • Email address
  • Billing address
  • Phone number (optional)
  • Company information (for business accounts)
  • VAT number (where applicable)
  • Account credentials (encrypted passwords)

Technical and Usage Data

  • IP addresses and connection logs
  • Server resource usage statistics
  • Service uptime and performance metrics
  • Support ticket communications
  • System error logs and security events
  • Bandwidth usage and transfer volumes

Payment and Billing Data

  • Payment method information (processed by secure payment providers)
  • Transaction history and invoices
  • Billing preferences and payment status
  • Tax-relevant information

4. Purposes of Data Processing

Service Provision

  • • Account creation and management
  • • VPS deployment and configuration
  • • Technical support and maintenance
  • • Service monitoring and optimization

Billing and Payment

  • • Invoice generation and processing
  • • Payment collection and verification
  • • Tax compliance and reporting
  • • Fraud prevention and detection

Security and Compliance

  • • Infrastructure security monitoring
  • • Abuse prevention and investigation
  • • Legal compliance obligations
  • • Network integrity protection

Communication

  • • Service notifications and updates
  • • Technical support communications
  • • Marketing communications (with consent)
  • • Legal notices and policy updates

5. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law:

Account Data

Duration of contract + 30 days

Billing Records

10 years (tax law requirements)

Server Logs

7 days (security), 30 days (billing)

Support Communications

3 years after issue resolution

6. Data Sharing and International Transfers

We do not sell, trade, or rent your personal data to third parties. We only share your data in the following circumstances:

Service Providers

We work with trusted service providers for payment processing, infrastructure management, and support services. All processors are bound by data processing agreements (DPAs) and GDPR compliance requirements.

Legal Requirements

We may disclose your data when required by law, court order, or to protect our rights, property, or safety of our users. We will notify you of such requests unless legally prohibited.

Data Center Locations

Your data is processed in our data centers located in Germany and Canada. No data is transferred to countries outside the EU/EEA without adequate protection measures or your explicit consent.

7. Your Rights Under GDPR and PIPEDA

You have the following rights regarding your personal data:

Right of Access

Request access to your personal data and information about how we process it

Right to Rectification

Request correction of inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data under certain circumstances

Right to Portability

Receive your personal data in a structured, machine-readable format

Right to Restrict Processing

Request limitation of processing under certain circumstances

Right to Object

Object to processing based on legitimate interests or for marketing purposes

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

8. Data Security Measures

We implement comprehensive technical and organizational measures to protect your personal data:

Technical Measures

  • • End-to-end encryption (TLS 1.3)
  • • Data encryption at rest (AES-256)
  • • Regular security audits and penetration testing
  • • Multi-factor authentication
  • • Network segmentation and firewalls
  • • Automated backup systems

Organizational Measures

  • • Staff training on data protection
  • • Access controls and role-based permissions
  • • Data processing agreements with vendors
  • • Incident response procedures
  • • Regular policy reviews and updates
  • • Physical access controls to data centers

9. Cookies and Similar Technologies

Privacy-First Approach: Essential Cookies Only

vps.direct uses only essential cookies that are strictly necessary for website functionality and security. We do not use analytics, marketing, or tracking cookies. No consent banner is required because all cookies we use are technically necessary for the service you have explicitly requested.

Our website uses the following types of cookies and similar technologies:

Essential Functionality Cookies

These cookies are strictly necessary for the operation of our website and services. They enable core functionality such as security, authentication, and basic website operations.

Purpose:
  • User authentication and session management
  • Security features and CSRF protection
  • Basic website functionality and navigation
  • Load balancing and server communication
  • Form submission and data processing

Legal Basis: Article 6(1)(f) GDPR - Legitimate Interest
Retention: Session duration or until logout
Consent Required: No - These cookies are strictly necessary

What We Don't Use

To protect your privacy, we deliberately do not use the following types of cookies or tracking technologies:

  • Analytics or tracking cookies (Google Analytics, etc.)
  • Marketing or advertising cookies
  • Social media tracking pixels or buttons
  • Third-party tracking scripts
  • Cross-site tracking mechanisms
  • Behavioral profiling cookies

Managing Cookies: Since we only use essential cookies required for website functionality, there is no need for cookie preferences or consent management. However, you can always manage or delete cookies through your browser settings. Please note that disabling essential cookies may prevent certain parts of our website from functioning properly.

Browser Settings: Most web browsers allow you to view, manage, and delete cookies through their settings menu. Consult your browser's help documentation for specific instructions.

Transparency Commitment: If we ever decide to use analytics or marketing cookies in the future, we will update this privacy policy and implement appropriate consent mechanisms before any such cookies are deployed. You will be notified of any changes to our cookie practices.

10. Children's Privacy

Age Restrictions

Our services are not intended for individuals under the age of 16 (or 13 in jurisdictions where applicable). We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Post the updated policy on our website with a new effective date
  • Notify you by email of material changes that affect your rights
  • Provide 30 days notice before significant changes take effect
  • Maintain previous versions for reference upon request

Continued use of our services after changes become effective constitutes acceptance of the updated policy.

Privacy Contact Information

For any questions about this privacy policy or to exercise your data protection rights:

Data Protection Officer

[email protected]

General Inquiries

[email protected]

Mailing Address

Mino UG
Data Protection Department
[Business Address]
Germany

Supervisory Authority

German Data Protection Authority
(Bundesbeauftragte für den Datenschutz)
www.bfdi.bund.de

This Privacy Policy is effective as of January 15, 2025 and complies with GDPR (EU) 2016/679 and PIPEDA requirements.
Last reviewed and updated: January 15, 2025