🔒 Your Secrets are Safe

Privacy Policy.

We are in the business of hosting websites, not selling data. Below is our formal policy regarding the collection, use, and protection of your personal information.

The "Too Long; Didn't Read" Summary

  • 1. We don't sell data: Your personal info stays with us. We do not sell it to advertisers.
  • 2. ID Verification: We use Stripe to verify you are real. We do NOT store your ID photos.
  • 3. Locations: Our servers are in France. Our billing system is hosted by Alpha Internet.
  • 4. You are in control: Want to see your data or delete it? Just email us.

1. DATA CONTROLLER AND OWNER

For the purposes of the General Data Protection Regulation (GDPR), the Data Controller responsible for your personal information is:

2. TYPES OF DATA COLLECTED

Among the types of Personal Data that this Website collects, by itself or through third parties, there are:

  • Identity Data: First name, last name, date of birth (for age verification).
  • Contact Data: Email address, physical address, country, postal code, and phone number.
  • Technical Data: IP address, browser type/version, time zone setting, operating system, and platform.
  • Usage Data: Information about how you use our website, products, and services (e.g., login timestamps).
  • Biometric Data (Processed via Stripe): Identification documents and facial recognition data used solely for identity verification purposes. This data is not stored on FruityHost servers.

3. LEGAL BASIS FOR PROCESSING

We process Personal Data based on the following legal grounds:

  • Performance of a Contract: Processing is necessary for the provision of the Service (e.g., setting up your hosting account via Fossbilling).
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which the Controller is subject (e.g., reporting illegal content).
  • Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by the Controller (e.g., fraud prevention, network security via Cloudflare).

4. METHODS OF PROCESSING AND SECURITY

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

Security Measures:

  • Encryption: All data is transmitted via SSL/TLS encryption.
  • Hashing: Passwords are hashed and salted using industry-standard algorithms.
  • Access Control: Access to personal data is restricted to authorized personnel with a legitimate business need.

5. THIRD-PARTY DATA PROCESSORS

We utilize trusted third-party service providers ("Data Processors") to perform specific functions. We have entered into Data Processing Agreements (DPA) with these providers to ensure GDPR compliance.

  • OVHcloud (France): Infrastructure Provider. Hosts the physical web servers (`web01-rbx`) and provides Anti-DDoS protection.
  • Alpha Internet Limited (UK/Global): Hosts our billing and automation software (Fossbilling). They process contact details to provision accounts.
  • Stripe (EU/Global): Payment and Identity Verification processor. Handles sensitive biometric data.
  • Zendesk (Global): Customer Support Platform. Stores communication history and support tickets.
  • Cloudflare (USA/Global): Content Delivery Network (CDN) and Security. Processes IP addresses and traffic logs for security purposes.
  • Discord (USA): Community Platform. Processing is subject to Discord's own Privacy Policy.

6. PLACE OF PROCESSING AND DATA TRANSFER

The Data is processed at the Data Controller's operating offices and in any other places where the parties involved in the processing are located.

International Transfers: Some Data Processors (e.g., Cloudflare, Zendesk) may be based outside the EEA. In such cases, data transfers are safeguarded by Standard Contractual Clauses (SCCs) or adequacy decisions adopted by the European Commission.

7. RETENTION TIME

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

  • Active Accounts: Retained for the duration of the service agreement.
  • Terminated Accounts: Personal data is deleted from the active database immediately upon account closure. Backups may retain data for up to 30 days.
  • Security Logs: Server access logs and IP addresses are retained for up to 12 months for security auditing and legal compliance.

8. THE RIGHTS OF USERS

Users may exercise certain rights regarding their Data processed by the Owner. Under the GDPR, you have the right to:

  • Right of Access: Obtain confirmation as to whether or not your Personal Data is being processed.
  • Right to Rectification: Verify the accuracy of your Data and ask for it to be updated or corrected.
  • Right to Erasure (Right to be Forgotten): Request the removal of your Personal Data from our systems.
  • Right to Restrict Processing: Request the restriction of the processing of your Data.
  • Right to Data Portability: Receive your Data in a structured, commonly used, and machine-readable format.
  • Right to Object: Object to the processing of your Data.

Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

9. COOKIE POLICY

This Website uses Cookies. To learn more and for a detailed cookie notice, the User may consult the Cookie Policy.

Strictly Necessary Cookies: We use session cookies required for the operation of the KeyHelp control panel and Fossbilling client area. Disabling these cookies will render the Service unusable.

10. CHANGES TO THIS PRIVACY POLICY

The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

11. CONTACT INFORMATION

All inquiries regarding data privacy should be directed to our Data Protection Officer (DPO) via email:

Email:

Last Updated: Tuesday, January 6, 2026