Privacy Policy

A. Information You Provide Directly

• Contact details (email address, name) when submitting server resources or contacting support
• Account registration credentials (username, password)
• User-generated content (server configurations, resource metadata, technical specifications)

B. Information Collected Automatically

• Device & Technical Data: IP address, browser type, operating system, device identifiers
• Usage Analytics: Pages visited, session duration, clickstream data, referring URLs
• Location Data: Approximate location derived from IP address (not precise GPS)

C. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies as detailed in our separate Cookie Policy. These include:

• Essential cookies (required for core functionality)
• Analytics cookies (Google Analytics, Plausible)
• Preference cookies (language settings, display preferences)

We process your information solely for specified, legitimate purposes:

• Deliver and maintain our server resource aggregation services
• Authenticate users and prevent unauthorized access
• Process server resource submissions and user contributions
• Generate aggregated analytics for service optimization
• Respond to inquiries and provide technical support
• Detect security incidents and prevent malicious activities
• Comply with legal obligations and enforce our Terms of Service

Legal Basis Under GDPR: Processing is justified under Article 6(1)(b) (contract performance), Article 6(1)(f) (legitimate interests in service improvement), and Article 6(1)(a) (consent for optional features) .

We restrict information sharing to these limited circumstances:

• Service Providers: Carefully vetted partners assisting with hosting (e.g., AWS), analytics, and customer support under strict contractual obligations
• Legal Compliance: When required by law enforcement, court order, or regulatory authorities
• Business Transfers: In connection with mergers, acquisitions, or asset sales (notified to users)
• Aggregated/Anonymized Data: Non-identifiable analytics shared with researchers or advertisers

We do not sell personal information to third parties as defined under CCPA/CPRA .

As a global platform, your data may be transferred to and processed in countries outside your jurisdiction:

• EU/UK data transfers utilize GDPR-compliant mechanisms such as Standard Contractual Clauses (SCCs)
• Malaysian CBPDT Guidelines compliance for transfers requiring adequacy determinations
• US-based processing adheres to state privacy laws effective as of 2025

We implement enterprise-grade technical and organizational safeguards including:

• Encryption of data in transit (TLS 1.3+) and at rest (AES-256)
• Strict access controls and principle of least privilege
• Regular penetration testing and vulnerability assessments
• Security awareness training for personnel
• Third-party vendor audits for compliance verification

Despite these measures, absolute security cannot be guaranteed. We maintain an incident response plan compliant with GDPR Article 33 and CCPA requirements [[15], [24]].

We retain personal information only as necessary for the purposes outlined:

• Account data: Until user deletion request or 24 months after last activity
• Server resource submissions: Retained indefinitely unless deletion requested
• Technical logs: Automatically deleted after 12 months
• Marketing data: 18 months from last engagement

Retention periods may be extended to comply with legal obligations or resolve disputes.

A. GDPR Rights (EU/UK Residents)

• Access and portability of your personal data
• Rectification of incomplete or inaccurate information
• Erasure ("right to be forgotten") under certain conditions
• Restrict or object to processing activities
• Withdraw consent at any time

B. CCPA/CPRA Rights (California Residents)

• Know categories of personal information collected/sold/shared
• Opt-out of sale/sharing of personal information
• Limit use of sensitive personal information
• Non-discrimination for exercising rights

C. State Privacy Laws (Effective 2025)

Residents of Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, and Maryland have additional rights including:

• Correction rights (except Iowa)
• Opt-out of profiling (except Iowa)
• Appeal processes for denied requests

To exercise rights, submit verifiable requests via our Data Request Portal. We respond within 45 days (extendable under certain laws).

We provide granular cookie controls through our consent management platform:

• Mandatory cookie banner with opt-in toggle for analytics/advertising cookies
• Cookie preference center accessible anytime via website footer
• Automatic honoring of GPC signals

Detailed information is available in our dedicated Cookie Policy .

• We do not knowingly collect sensitive data (e.g., racial origin, health information)
• Technical server data submitted by users is processed as non-sensitive technical information
• Minors under 16 are prohibited from using our services

We may periodically revise this Policy to reflect:

• Changes in service functionality or data practices
• Evolution of privacy regulations
• Feedback from users or regulators

Material changes will be communicated via website notice or email at least 30 days before implementation. Archived versions are available upon request.