Premium Insured Web Hosting

+49 15678 397267
[email protected]
Get Started
Get Started

Privacy Policy

Graham Miranda
Hosting.GrahamMiranda.com
Hasselfelder Straße 23
38889 Blankenburg (Harz), Germany

Last updated: 25. Oktober 2025

1. Controller

The data controller under Art. 4 No. 7 GDPR is:

Graham Miranda
Hasselfelder Straße 23
38889 Blankenburg (Harz), Germany
Email: [email protected]

2. Types of Data Processed

We process the following personal data:

  • Name, address, email, payment information
  • Contract and usage data (orders, IP, server access, support requests)
  • Technical data (browser type, OS, referrer, log data)

3. Purpose and Legal Basis of Processing

Processing purposes include:

  • Contractual fulfilment and service provision (Art. 6(1)(b) GDPR)
  • Legal obligations (Art. 6(1)(c) GDPR, e.g., retention under § 147 AO)
  • Legitimate interests (Art. 6(1)(f) GDPR, e.g., IT security, abuse prevention)
  • Consent (Art. 6(1)(a) GDPR, e.g., newsletter, cookies)

4. Disclosure to Third Parties and International Transfers

We use the following providers for services and data storage:

  • RackNerd (France/USA, server hosting & infrastructure)
  • Hostkey and Yottasrc (based on data center location)
  • Cloudflare Inc. (USA, CDN, DDoS protection, WAF)
  • AWS (Amazon Web Services, partly outside the EU)
  • Apple iCloud Private Relay (email routing, partly outside the EU)

Transfers to third countries (notably the US, France) are based on adequacy decisions and Standard Contractual Clauses per Art. 46 GDPR. You provide consent separately for each service as needed.

5. Retention and Deletion

We comply with statutory retention periods:

  • Invoices and accounting records: 10 years (§ 147 AO)
  • Business correspondence: 6 years (§ 147 AO)
  • Customer contracts and tax documents: 10 years

Your data will be deleted after these periods unless other legal obligations apply.

6. Your Rights

You have the following rights under Art. 15-22 GDPR:

  • Access your stored data
  • Rectification of inaccurate data
  • Erasure (“right to be forgotten”)
  • Restriction of processing
  • Objection to processing
  • Data portability

To exercise your rights, contact [email protected].

7. Data Security

We implement technical and organizational security measures according to industry standards (encryption, access control, monitoring, regular updates).

8. Cookies and Tracking

See separate Cookie Policy.

9. Changes to Privacy Policy

We reserve the right to modify this policy as needed; the current version is available on our website.

10. Right to Complain

For privacy complaints, contact the competent authority:

State Data Protection Officer of Saxony-Anhalt
Postfach 1947
39009 Magdeburg, Germany

Data Retention Periods and Deletion

Legal Retention Requirements:

  • Invoices and accounting documents: 10 years (§ 147 AO)
  • Business correspondence: 6 years (§ 147 AO)
  • Customer contracts and orders: 10 years (§ 147 AO)
  • Tax-relevant documents: 10 years (§ 147 AO)

Your personal data will be stored for the duration of statutory retention periods and deleted thereafter, unless other legal obligations exist.

Legal Basis:

  • Datenschutz-Grundverordnung (DSGVO / GDPR)
  • Bundesdatenschutzgesetz (BDSG)
  • Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG)
  • § 147 AO (Aufbewahrungsfristen)

This policy is designed to fully comply with German and EU data protection law and protects user rights as required by GDPR.