Categories of personal data requested and processed

The website is structured in a way that allows visiting or using it without the need to disclose any personal information on the part of its visitors. At each visit/use of the Website, the server collects and stores in the form of electronic logs for short periods of time basic information including the IP address, the browser used, the name of the referring domain (through which the visitor arrived to Website), access hours, duration of visit and pages visited. Apart from the IP address, none of this traffic data represents identifiable information, it is only stored for statistical / analysis purposes in order to improve the services and of course, for the purposes of preventing fraud or abuse of the computer system. This data is not disclosed to any natural or legal person outside HytHost in any form. Any other information is provided strictly voluntarily by the visitor/user, there being no obligation in providing personal data to HytHost. Although some services offered by HytHost cannot be used without the provision of certain data, its transmission is strictly voluntary.

a) Website visitor

• the data provided in the sections that involve filling in a form:
  Direct Mode: Name, Email
  Indirect Mode: IP
• the data provided in the interaction with members of the HytHost team by using the online support system:
  Direct Mode: Name, Email
  Indirect Mode: IP

b) Client of the Website

• the data provided when creating a customer account or placing an order:
  Surname
  Surname
  Secondary contact*
  Email
  Secondary email*
  Address
  Postal code
  Telephone
  CNP (natural persons)**

In the case of a company:
Company Name
Registration number at the Trade Registry Office
Fiscal Code/Unique Registration Code

Indirect : IP
* - optional
** - required to register certain domain extensions

3. Purposes of processing

Our general principles regarding the processing of personal data belonging to website visitors (considered to be purchasers of any of the services available on the Website) as well as those belonging to website visitors are presented below.

a) Website visitor

• to respond to requests sent by filling in the forms available on the Website
• to respond to requests submitted through the online support system
• to monitor traffic and improve the experience offered on the Website

b) Client of the Website

Regarding the Clients or potential Clients, the data provided by them during the conclusion of the contract or after it, will be used exclusively for the execution of the contract between HytHost and the respective Client, not being transmitted in any form to third parties, nor will they be the subject of any disclosures.

• carrying out the contractual relationship between the client and HytHost, respectively for taking over, validating, invoicing and activating the order placed on the Website and informing you about the status of the order
• fulfilling the legal obligations incumbent on HytHost in the context of the services provided through the Website, including obligations in fiscal matters as well as in matters of archiving.
• communication of information about the state of the network and possible maintenance work/interruptions in the provision of services.
• the transmission, by means of remote communication means (e-mail, sms) of commercial communications regarding the services offered by HytHost

The processing of your data for these purposes is based on the contract concluded between the client and HytHost, defined in the Terms and Conditions , and is required based on legal obligations. Refusal to provide data may result in HytHost being unable to comply with its legal obligations and therefore unable to offer you services through the Website. The processing of data for marketing purposes is based on your consent, if you choose to provide it by checking the appropriate box at the time of account creation or after this action, through the customer account.

The provision of data for any of the above situations in which you find yourself is voluntary, but it is necessary for the use of the above services and the conclusion of a contract between you and HytHost. The refusal to provide data may result in the impossibility of developing the contractual relations between you and HytHost.

c) General

The processing of your data is based on the legitimate interest of HytHost to ensure the correct functioning of the Website, as well as for a permanent improvement of the experience of the Website visitors, including by solving various comments, questions or complaints.

• administering and improving the services provided
• commercial activities of sales services, research / market studies, statistics.
• advertising, marketing and promotional activities of OKLAKO SRL services, conducting promotional campaigns, tracking and monitoring service sales and consumer behavior.
• post-sales activities, including customer relations services, informing users / customers regarding the evaluation of the services offered (including the evaluation of the services on the Website)

4. Duration for which we keep / process the data

As a matter of principle, HytHost will process your personal data for as long as is necessary to achieve the processing purposes mentioned above.

If you are a customer, we will process your data for the entire duration of the contractual relationship and subsequently according to the legal obligations that fall under the responsibility of HytHost.

In the case of the customer account - it will be kept for a period of 5 years from the last financial transaction recorded on your account, being deleted automatically at the end of this period if there are no more active services on the account.

In the case of supporting financial-accounting documents, as well as contracts, respectively additional documents, the retention period provided by law is 10 years from the date of the end of the financial year.

If you want your personal data to stop being processed or if you want the data to be deleted, you can exercise your rights detailed in point 7 below.

Deleting the account is possible, however, only if there are no active services on it. If there are one or more active services on the account, it can only be closed if one of the following conditions is met:

• the contracted period of the active service(s) on the account is expected to end
• the active service/services on the account are renounced by means of a written request, respectively the transfer of the active service/services to other providers/registrations

If you withdraw your consent for data processing for marketing purposes, HytHost will stop processing your personal data for this purpose, but without affecting the processing carried out by HytHost based on the consent expressed by you before its withdrawal.

At the same time, the storage of personal data for a longer period of time can be done for internal notes, compilation of statistics, improvement of services and research / market studies.

5. Disclosure of personal data

The registered information is intended for use by HytHost, but to satisfy the contractual relationship and provide the requested services, the information may be communicated to the following third parties:

• contractual partners of HytHost but only on the basis of a confidentiality commitment from them, guaranteeing that this data is kept safe and that the provision of this personal information is done in accordance with the applicable law
• service providers (marketing, payment / banking or other services, registrars, courier companies), including entities that assist HytHost in data processing, as authorized representatives and other companies in the same group as OKLAKO SRL
• public authorities, if they are requested for the prevention, investigation and repression of crimes, legal authorities, for the purpose of verifying commercial transactions or other legal authorities for carrying out any checks justified under the law

In the case of using the domain registration service, the data will be sent to the registrar/HytHost partner registry in charge of the actual domain registration. This partner can be located in the country, in the European Union or outside it, depending on the extension ordered.

In the case of the purchase of SSL certificates, the data will be sent to the HytHost partner in charge of issuing the ordered certificate.

6. Transfer of personal data

Personal data will be transferred outside the country or outside the European Union only if the fulfillment of the contractual relationship depends on this transfer.

For example, within the domain registration service, depending on the requested domain extension, personal data may be transmitted outside the country or outside the EU.

7. Your rights

Under the conditions provided by the legislation on the processing of personal data, as data subjects, you benefit from the following rights:

• the right to information, respectively the right to receive details regarding the processing activities carried out by HytHost, as described in this document;
• the right to access the data, respectively the right to obtain confirmation from HytHost regarding the processing of personal data, as well as details regarding the processing activities such as the way in which the data are processed, the purpose for which the processing is done, the recipients or the categories of data recipients, etc.;
• the right to rectification, respectively the right to obtain the correction, without justified delay, by HytHost, of inaccurate/unjustified personal data, as well as the completion of incomplete data; The correction/completion will be communicated to each recipient to whom the data were sent, unless this proves impossible or involves disproportionate efforts.
• the right to delete data, without undue delay, ("the right to be forgotten"), if one of the following reasons applies:

- they are no longer necessary to fulfill the purposes for which they were collected or processed;
- if consent is withdrawn and there is no other legal basis for processing;
- if the data subject objects to the processing and there are no legitimate reasons to prevail;
- if the personal data were processed illegally;
- if personal data must be deleted to comply with a legal obligation;
- personal data were collected in connection with the provision of information society services according to Union law or the internal law under which the operator is subject.

It is possible that following the data deletion request, HytHost will anonymize this data (thus depriving it of its personal character) and continue processing for statistical purposes under these conditions;

• the right to restrict processing to the extent that: the person disputes the accuracy of the data, for a period that allows us to verify the correctness of the data; the processing is illegal and the data subject opposes the deletion of personal data, requesting instead the restriction of their use; the operator no longer needs the personal data for the purpose of processing, but the data subject requests them for establishing, exercising or defending a right in court; or the data subject has objected to the processing (other than those for direct marketing), for the period of time in which it is verified whether the legitimate rights of the operator prevail over those of the data subject.
• the right to data portability, i.e. the right to receive personal data in a structured way, commonly used and in an easy-to-read format, as well as the right to have this data transmitted by HytHost to another data controller , to the extent that the conditions stipulated by law are met;
• the right to oppose – with regard to processing activities, the right to oppose can be exercised by submitting a request as indicated below; at any time, for reasons related to the particular situation in which the data subject finds himself, that the data concerning him be processed on the basis of the legitimate interest of HytHost or on the basis of the public interest, except in cases where HytHost can demonstrate that it has legitimate reasons and imperatives that justify the processing and that prevail over the interests, rights and freedoms of the data subjects or that the purpose is to ascertain, exercise or defend a right in court; at any time, free of charge and without any justification, that the data concerning it be processed for direct marketing purposes.
• the right not to be subject to an automated individual decision, i.e. the right not to be the subject of a decision taken solely on the basis of automated processing activities, including the creation of profiles, which produce legal effects concerning the data subject or similarly affect him in -a significant measure;
• the right to address the National Supervisory Authority for the Processing of Personal Data or the competent courts, to the extent you consider necessary.

The right of access and rectification is provided through the application used to access the customer account.

For any additional questions regarding how personal data is processed and to exercise your rights mentioned above, please contact the email address: [email protected]

8. Control, Access and Security

Personal data of customers is stored by organizational and technical methods in accordance with the GDPR to ensure their protection against destruction as a result of a security breach, alteration, disclosure or any other type of illegal processing.

HytHost will make available to certain employees the information and personal data provided by you for the sole purpose of providing the appropriate services. Each of these employees has active confidentiality agreements and will receive special instructions regarding the processing of this data, with HytHost assuming responsibility for how they record, store and use this data.

Personal information of HytHost customers is stored and processed through the WHMCS application (more information at https://www.whmcs.com).

A customer's personal information is accessible only to that customer and HytHost operators, and access to it is only possible based on a username and password that is different for each customer.

In addition, customers can activate "Two Factor Authentication", this being an additional security measure regarding account access that requires obtaining a code from an external device for authentication in the customer account. Data are processed exclusively in OKLAKO SRL offices and data centers in Moldova.

However, we point out that no information security program is infallible.

9. Special provisions related to minors

HytHost does not knowingly or intentionally collect data about minors. We do not offer services to minors.

10. Social Media

We maintain an online presence on social networks and platforms to communicate with customers and potential customers in order to inform them about our services. We use Facebook, Twitter, Linkedin and G+. When visiting any of these platforms, the processing terms and conditions of the respective platform operator apply. We also process the data communicated to us on these platforms and social networks. The Website includes Social Media functionality, such as Facebook, Twitter and G+ Share buttons. These functionalities are subject to the Privacy Policy of the companies that provide them.
The website contains links to other websites. We do not control and are not responsible for the content or practices of other sites.
The provision of links does not constitute an endorsement of those sites, their content, their owners or their activities. This Privacy Policy does not apply to those websites, as they are under the control of their own Privacy Policies.

11. Processor

As a processor HytHost will:

• process the information provided by you only for the precise purposes imposed by you
• apply strict security standards both at the level of equipment and at the level of infrastructure
• report any data breach without undue delay
• process personal data only for the time indicated by you
• ensure that the data is and will remain your property
• store information only on servers in Moldova

12. Refund Policy

The money is not refunded and you are responsible for any payment made, for any payment not paid on time or refused but there is an exception, if you have a death in the family we can make a return of your money. For this it will be necessary to provide proof of death in your family provided by your state. We can also provide a refund if fraud has been committed, but you will need to provide us with evidence related to this subject to prove it.

13. Validity of the document

This privacy policy is valid for an indefinite period.

HytHost reserves the right to make changes to this document, which is why customers are asked to consult it periodically.

If you have additional questions related to the Privacy Policy or would like to be informed about the personal data processed by HytHost that directly concern you, please contact us.

Last update: 24 February 2024