TLSServers

Privacy Policy

Last Updated: May 26, 2026

TLSServers ("Company," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the EU/UK Privacy Addendum (Section 13) applies to you and governs the processing of your personal data under the GDPR and UK GDPR.

1. Information We Collect

We may collect the following information:

  • Name, email address, and contact information
  • Billing and payment-related information
  • IP addresses and server connection information
  • Server configurations and usage data
  • Support tickets and communications
  • Website analytics and browser information

2. How We Use Information

We use collected information to:

  • Provide and manage hosting services
  • Process billing and payments
  • Respond to support requests
  • Maintain network security and service stability
  • Improve infrastructure and customer experience
  • Prevent fraud, abuse, and unauthorized access
  • Comply with legal obligations

3. Payment Information

Payment information is processed securely through third-party payment providers such as Stripe and PayPal. TLSServers does not directly store full payment card information on its systems.

4. Data Sharing

We do not sell customer personal information.

Information may be shared only with trusted third-party providers necessary to operate our services, including:

  • Payment processors
  • Infrastructure and hosting providers
  • DDoS protection and security providers
  • Support and communication platforms
  • Legal authorities where required by law

EU/EEA & UK customers: Where required by GDPR or UK GDPR, we maintain Data Processing Agreements (DPAs) with third-party processors. For transfers of personal data outside the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or the UK International Data Transfer Agreement (IDTA).

5. Data Security

We implement reasonable industry-standard administrative, technical, and physical safeguards designed to protect customer data.

Access to customer information is restricted to authorized personnel and contractors with legitimate operational needs.

However, no online platform or transmission method can be guaranteed completely secure.

EU/EEA & UK customers: In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours where required by GDPR or UK GDPR, and will notify affected individuals without undue delay where the breach poses a high risk to their rights and freedoms.

6. Data Retention

We retain information only as long as reasonably necessary to:

  • Provide services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements and policies
  • Maintain security and abuse-prevention records

EU/EEA & UK customers: Personal data is retained only as long as necessary for the purposes for which it was collected, in accordance with GDPR Article 5(1)(e) and UK GDPR. You may request deletion subject to our legal retention obligations.

7. Customer Rights

Depending on applicable laws, customers may request:

  • Access to personal information
  • Correction of inaccurate information
  • Deletion of personal information
  • Restriction of certain processing activities

Certain information may be retained where required for legal, security, fraud-prevention, or operational purposes.

EU/EEA & UK customers: See Section 13.4 for your full rights under GDPR and UK GDPR.

8. Cookies & Analytics

Our website may use cookies, session storage, and basic analytics technologies to improve functionality, performance, and user experience.

Users may disable cookies through their browser settings, though some features may not function properly.

EU/EEA & UK customers: We obtain your consent for non-essential cookies before placing them, in accordance with the EU ePrivacy Directive and UK PECR. You may withdraw consent at any time via our cookie settings.

9. Third-Party Services

Our services may integrate with or link to third-party platforms and services. We are not responsible for the privacy practices or content of third-party websites or providers.

10. Children's Privacy

Our services are not directed toward children under the age of 13. We do not knowingly collect personal information from children under 13.

EU/EEA & UK customers: The minimum age is 16 in certain EU member states and 13 in the UK under the Age Appropriate Design Code. We do not knowingly collect data from children below these applicable thresholds.

11. Changes to This Policy

TLSServers may update this Privacy Policy at any time. Continued use of services following updates constitutes acceptance of the revised policy.

EU/EEA & UK customers: We will provide advance notice of material changes and, where required, seek renewed consent.

12. Contact

For privacy-related questions, data requests, or legal inquiries, please contact us through our official support channels.

Join our Discord

13. EU/EEA & UK Privacy Addendum (GDPR & UK GDPR)

This addendum applies to individuals located in the European Economic Area (EEA), United Kingdom, or Switzerland. It supplements the Privacy Policy above and governs processing of your personal data under the General Data Protection Regulation (GDPR) (EU) 2016/679, the UK GDPR, and the UK Data Protection Act 2018.

13.1 Data Controller

TLSServers acts as the data controller for personal data collected through our website and services. For enquiries regarding the processing of your personal data, contact us at:

13.2 Legal Bases for Processing

We process your personal data on the following legal bases under GDPR Article 6 (and equivalent UK GDPR provisions):

  • Contract performance (Art. 6(1)(b)): Processing necessary to provide the hosting services you have purchased and manage your account.
  • Legal obligation (Art. 6(1)(c)): Processing necessary to comply with applicable laws, including tax, financial, and regulatory requirements.
  • Legitimate interests (Art. 6(1)(f)): Processing for fraud prevention, network security, abuse detection, and service improvement, where our interests are not overridden by your rights.
  • Consent (Art. 6(1)(a)): For non-essential cookies and analytics, where we have obtained your consent.

13.3 International Data Transfers

TLSServers is based in the United States. When your personal data is transferred outside the EEA or UK, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Agreements (IDTAs) for UK transfers
  • Transfers to countries benefiting from an EU or UK adequacy decision

You may request a copy of the relevant safeguards by contacting us.

13.4 Your Rights Under GDPR & UK GDPR

As an EU/EEA or UK data subject, you have the following rights:

  • Right of Access (Art. 15): Request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Art. 17): Request deletion of your personal data where we no longer have a lawful basis to process it ("right to be forgotten").
  • Right to Restriction of Processing (Art. 18): Request that we limit how we use your data in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your personal data in a structured, machine-readable format and transfer it to another controller.
  • Right to Object (Art. 21): Object to processing based on legitimate interests, including profiling.
  • Right to Withdraw Consent (Art. 7(3)): Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
  • Right not to be subject to Automated Decision-Making (Art. 22): Not be subject to solely automated decisions producing significant legal or similarly significant effects.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before fulfilling your request.

13.5 Data Breach Notification

In the event of a personal data breach, TLSServers will:

  • Notify the competent supervisory authority within 72 hours of becoming aware of the breach, where feasible and required under GDPR Art. 33 / UK GDPR Art. 33.
  • Notify affected data subjects without undue delay where the breach is likely to result in a high risk to their rights and freedoms, in accordance with GDPR Art. 34 / UK GDPR Art. 34.

13.6 Automated Processing & Profiling

We do not make solely automated decisions that produce significant legal or similarly significant effects on you. Fraud prevention systems may flag accounts automatically; however, human review is involved in any account suspension or termination decision.

13.7 Complaints

You have the right to lodge a complaint with your national data protection supervisory authority.

We encourage you to contact us first at [email protected] so we can try to resolve your concern directly.

13.8 Data Protection Officer

TLSServers does not currently have a formally appointed Data Protection Officer (DPO). Privacy and data protection matters are handled by our management team. Contact us at [email protected] for any data protection enquiries.