Summary: We collect minimal data, don't sell your information, and comply with GDPR. Your server data is yours—we don't access it unless required for support or legal compliance.
1. Data Controller
CoreByte, based in Copenhagen, Denmark, is the data controller for your personal data. We are subject to the EU General Data Protection Regulation (GDPR).
2. Data We Collect
Account Information:
- Name and email address
- Billing address and payment information
- Company name (if applicable)
Service Data:
- Server configuration and usage metrics
- IP addresses and access logs
- Support ticket communications
Website Analytics:
- Anonymous usage statistics via Cloudflare Analytics
- No personal tracking cookies
3. How We Use Your Data
- To provide and maintain our Services
- To process payments and send invoices
- To communicate about your account and services
- To provide technical support
- To detect and prevent abuse or fraud
- To comply with legal obligations
4. Data Sharing
We do not sell your personal data. We may share data with:
- Payment processors: To process transactions securely
- Infrastructure providers: Datacenter and network partners as necessary
- Legal authorities: When required by Danish or EU law
5. Your Server Data
Data you store on your VPS is yours. We do not access, monitor, or analyze your server contents except:
- When you explicitly request support assistance
- When required by law or court order
- To investigate violations of our Terms of Service
6. Data Retention
- Account data: Retained while your account is active, plus 12 months after closure
- Billing records: Retained for 5 years as required by Danish tax law
- Server data: Deleted within 7 days of service termination
- Support tickets: Retained for 24 months
7. Your Rights (GDPR)
As an EU citizen, you have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Receive your data in a portable format
- Objection: Object to certain data processing
- Restriction: Limit how we use your data
To exercise these rights, contact privacy@corebyte.dk.
8. Security
We implement industry-standard security measures including:
- Encryption in transit (TLS 1.3) and at rest
- Regular security audits and penetration testing
- Access controls and authentication requirements
- Physical datacenter security
9. International Transfers
Your data is stored in Denmark within the EU. If we transfer data outside the EU, we ensure appropriate safeguards under GDPR (e.g., Standard Contractual Clauses).
10. Cookies
We use only essential cookies required for website functionality. We do not use tracking cookies or third-party advertising cookies.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or website notice.
12. Contact
For privacy inquiries: privacy@corebyte.dk
Data Protection Authority: Danish Data Protection Agency (Datatilsynet)