Privacy Policy
Mino UG (haftungsbeschränkt)
Windbergstr. 23 · 01189 Dresden · Germany
Version 1.1 · Updated August 11, 2025
1) Controller & Contact
Mino UG (haftungsbeschränkt) (operating as vps.direct) is responsible for your personal data. Contact: [email protected] · General: [email protected].
This notice explains how we collect, use, and protect personal data in line with the GDPR.
2) Legal Basis
Art. 6(1)(b) Contract
Account setup, VPS provisioning, support, billing.
Art. 6(1)(c) Legal Duty
Tax/commercial retention, lawful requests.
Art. 6(1)(f) Legitimate Interests
Security, abuse prevention, service analytics strictly necessary.
Art. 6(1)(a) Consent
Optional marketing and non‑essential tech. Withdraw anytime.
We do not intentionally process special categories (Art. 9). Device access in Germany follows §25 TDDDG: strictly necessary under §25(2); otherwise with prior consent under §25(1).
3) Data We Process
Account
Name, email, (optional) billing address/phone/company/VAT, hashed passwords.
Technical
IP addresses, logs, performance/uptime metrics, diagnostics, abuse/fraud signals.
Payments
Tokenized payment data via providers, transactions, invoicing, tax‑relevant info.
Sources: directly from you, service usage (automatic collection), and lawful third parties (e.g., payment/fraud providers).
4) Purposes (at a glance)
Service
- • Account/VPS setup
- • Support & maintenance
- • Monitoring & optimization
Billing
- • Invoices & payments
- • Fraud prevention
- • Tax compliance
Security
- • Infrastructure monitoring
- • Abuse investigation
- • Network integrity
Communication
- • Service notices
- • Support replies
- • Marketing with consent
5) Retention
We keep data only as long as needed for the stated purposes or as required by law.
Account Data
Contract term + 30 days
Billing Records
10 years (statutory)
Server Logs
7 days (security) · 30 days (billing)
Support Threads
3 years after resolution
7) Your Rights (GDPR)
Access (Art. 15)
Info and copies of your data.
Rectification (Art. 16)
Fix inaccurate/incomplete data.
Erasure (Art. 17)
Delete where conditions apply.
Portability (Art. 20)
Structured, machine‑readable copy.
Restriction (Art. 18)
Limit processing in cases.
Objection (Art. 21)
Legitimate interests / direct marketing.
Art. 21: You may object at any time to processing based on Art. 6(1)(e) or (f), including profiling. We will stop unless we show compelling grounds or for legal claims. For direct marketing (and related profiling), you can object at any time.
Withdraw consent anytime with effect for the future. To exercise rights contact [email protected]. You can lodge a complaint with any EU supervisory authority (e.g., BfDI in Germany).
8) Security
Technical
- • TLS 1.3; encryption at rest (e.g., AES‑256)
- • MFA; firewalls; segmentation
- • Backups; audits/pen‑tests
Organizational
- • Staff training; access controls (RBAC)
- • Vendor DPAs; incident response
- • Policy reviews; physical DC controls
Payments
Handled by certified providers over encrypted connections. We do not store full card data.
10–13) Other
Provision of data
Certain data are contractually required (e.g., account/billing). Without them, we cannot provide the service. Statutory duties may apply.
Automated decisions
We do not use automated decision‑making (Art. 22). If this changes, we will inform you in advance.
Children
Services are not intended for under‑16s (or 13 where applicable). If a child shared data, please contact us.
Changes
We update this policy as practices/legal requirements change. Material changes: notice by email; major updates take effect after 30 days. Prior versions on request.
Contact
Data Protection
[email protected]Support
[email protected]Mailing
Mino UG (haftungsbeschränkt) — Data Protection · Windbergstr. 23 · 01189 Dresden · Germany
Supervisory authority
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
www.bfdi.bund.de
Effective August 11, 2025 · GDPR (EU) 2016/679 compliant · Last reviewed: August 11, 2025