Privacy Policy

Last updated: may 2025

This Privacy Policy explains how budgethost.io (“we,” “us,” or “our”) collects, uses, and protects personal data. It applies to all visitors and customers of budgethost.io.

As a hosting provider, one of our key responsibilities is to protect the data you entrust to us and to help you meet the security requirements of your own customers. We also safeguard the personal data you provide when you become a customer of budgethost.io.

By entering into an agreement with Budgethost AB or using our website budgethost.io, you consent to the processing of your personal information in accordance with applicable data protection laws and this Privacy Policy.

Only authorized management and relevant personnel at Budgethost AB have access to your personal information.

The data controller for personal information collected through product sales, service usage, or use of the website budgethost.io is:

Budgethost AB
Hulta 6525
SE-242 95 Hörby
VAT No.: SE559255575801

The term personal data refers to any information that can be used to identify an individual, including but not limited to their name, age, gender, address, email address, or other contact details.

Under the General Data Protection Regulation (GDPR), personal data is generally divided into two categories: general and sensitive information.

• General information includes names, addresses, email addresses, and phone numbers of employees, customers, or members.
• Sensitive information refers to data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health information, or details about criminal offences.

As a hosting provider, budgethost.io may process personal data on behalf of our customers. In such cases, you (the customer) act as the data controller for the data you collect and store, while budgethost.io acts as the data processor.

For example, if you operate an online store or manage a membership website that collects personal details, you are responsible for ensuring that such data is processed in compliance with the GDPR.

When you are a direct customer of budgethost.io, we act as the data controller for the personal information you provide to us. We primarily use this information for support, account management, and billing purposes.

If your business or organization is hosted on a budgethost.io product, you are the data controller for all personal data collected and stored through your services.

Since budgethost.io stores and processes this data on your behalf, we act as your data processor.

To comply with the GDPR, you must enter into a Data Processing Agreement (DPA) with us. You can easily request a Data Processing Agreement using the form available on this page.

If you have questions regarding the DPA or data protection in general, we recommend consulting a qualified data protection adviser or legal professional.

We process your personal data on one or more of the following legal grounds:

• Consent – when you have given us explicit permission.
• Contract – when processing is necessary to prepare or fulfill an agreement with you.
• Legal obligation – when required by applicable law.
• Legitimate interest – when processing is necessary for our legitimate business purposes, provided that your rights are not overridden.

To purchase and receive products or services from budgethost.io, we collect certain personal information necessary to process transactions and deliver our services.

You always have the right to refuse to provide personal data; however, without the required information, we may be unable to provide specific products or services.

We collect and process your personal data when you:

• Purchase or attempt to purchase products or services.
• Create or manage an account.
• Contact us or request support.
• Subscribe to newsletters or updates.

If you begin but do not complete an order, we delete any information collected from that incomplete order after 30 days.

When you purchase a product, we collect the following information:

• Name
• Address
• Country
• Phone number
• Email address
• Company name
• VAT number
• IP address
• Credit card type
• Credit card token

Optional information you may provide in your control panel includes:

• Google User ID
• GitHub User ID
• Mobile phone number
• Social security number

We use collected personal data to:

• Provide and maintain our products and services.
• Communicate with you about your account or product status.
• Offer customer support and handle inquiries.
• Send service updates or subscription reminders.
• Detect and prevent fraud or misuse.
• Develop, market, and improve our services.

We have a legitimate interest in continuously improving, maintaining, and marketing our services. Accordingly, we may use personal data for setup, maintenance, troubleshooting, marketing, and administrative purposes.

All customer passwords are stored securely — either encrypted or as a hashed value — to ensure maximum protection.

If you have given your consent, we will use your email address to send newsletters and updates. You can unsubscribe at any time using the link provided in each email.

We log IP addresses to detect and prevent unauthorized use of our products and services, and to investigate or prevent illegal or abusive activities.

This processing is part of our legitimate interest as data controller. We also use IP data to analyze trends, administer and optimize our offerings, and monitor website usage.

Your data is stored on our own servers located in secure data centers in Sweden.

To detect and prevent fraud, we use a payment verification system.

When a purchase is made, certain personal data may be analyzed by a specialized fraud prevention provider, which assigns a fraud score based on automated processing.

We will never sell your personal data to any third party.

In certain cases, we may share personal data with trusted partners and service providers, such as fraud prevention companies, customer satisfaction survey providers, and newsletter services. These partners process data solely on our behalf and in accordance with our instructions.

We may disclose personal data if required by law or in response to a binding request from an authorized public or judicial authority. In such cases, we always verify that a valid legal basis exists before disclosing any information.

When you pay for our services using a credit card, we use external payment service providers to process and accept payments securely.

These providers act as independent data controllers for your payment information.

We only share data necessary to complete the transaction, and all transfers occur securely in compliance with data protection laws.

Currently we use the following payment providers:

• Nets A/S
• PensoPay

We maintain strict technical and organizational security measures to prevent unauthorized access, alteration, disclosure, or destruction of your personal data.

Access to information is restricted to employees and partners who need it to perform their duties and is protected by appropriate safeguards.

We use SSL/TLS encryption to ensure the secure transmission of your data and communications with budgethost.io.

Our security measures are regularly reviewed and updated.

In the unlikely event of a data breach that may affect your rights or freedoms, we will promptly notify the relevant supervisory authority and, where required, the affected individuals.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.

Even after your account or products are terminated, certain data may be retained to:

• Document important actions taken during the customer relationship.
• Comply with statutory retention obligations.
• Establish or defend legal claims.

We regularly review stored data to ensure it is not kept longer than necessary.

As a data subject, you have the following rights under applicable data protection laws:

• Access your personal data.
• Rectify or update inaccurate data.
• Request deletion (“right to be forgotten”).
• Object to processing.
• Lodge a complaint with a supervisory authority.

You can manage or delete data via your control panel.
Deleting your account will remove your data, except for information we are legally required to retain (e.g., for accounting or tax purposes).

If you have questions or wish to exercise your rights, please contact our support team.

Supervisory Authority:
Integritetsskyddsmyndigheten (IMY)
Website: https://www.imy.se

budgethost.io reserves the right to amend or update this Privacy Policy at any time. Changes will be published on this page, and the “last updated” date will be revised accordingly.