MXL Hosting - Privacy Policy

Effective: May 2025 | GDPR/CCPA Compliant

Introduction

This Privacy Policy explains how MXL Hosting collects, uses, and protects your personal information when you use our hosting services. It applies to all users, including visitors, account holders, and developers using our platform.

1. Data Collection

MXL Hosting collects the following categories of personal data when you use our services:

  • Account Information: Discord user ID, username, email address (for paid accounts)
  • Service Configuration: Project names, allocated resources, subdomains, server endpoints
  • Billing Information: For paid plans, we collect payment method information through our PCI-compliant payment processor
  • Technical Data: IP addresses, access logs, performance metrics

We do not collect unnecessary personal data and limit collection to what is required to provide and improve our services.

2. Data Usage

We use collected data exclusively for the following purposes:

  • Service provisioning and maintenance
  • Authentication and security
  • Billing and account management
  • Performance monitoring and troubleshooting
  • Legal and regulatory compliance

Data is never sold to third parties. Anonymous, aggregated data may be used for statistical analysis.

3. Disclosure to Third Parties

We may share personal data with:

  • Payment Processors: For billing purposes (e.g., Stripe, PayPal), in accordance with PCI-DSS standards.
  • Cloud Service Providers: To host infrastructure and deliver services (e.g., AWS, Google Cloud).
  • Legal Authorities: If required by law or to protect our rights and users.

All third parties are contractually obligated to maintain data confidentiality and security. We ensure appropriate safeguards are in place for international data transfers.

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR) and other applicable laws, we process your personal data based on the following legal grounds:

  • Contractual Necessity: To provide hosting services you have requested.
  • Legitimate Interests: For system security, analytics, and service improvement.
  • Consent: Where explicitly given, e.g., for marketing communications.
  • Legal Obligations: To comply with tax, accounting, or regulatory requirements.

5. Data Protection

MXL Hosting implements industry-standard security measures including:

  • Encryption of data in transit (TLS 1.2+)
  • Network segmentation and firewalls
  • Regular security audits
  • Access controls and principle of least privilege

While we implement robust security measures, no system can guarantee 100% security. Customers should implement additional security measures for their specific projects.

6. Data Retention

We retain different categories of data for specific periods:

  • Account Data: Retained while account is active, deleted 30 days after termination
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Access Logs: Retained for 90 days for security monitoring

7. Your Rights

Under GDPR, CCPA, and other privacy regulations, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal requirements)
  • Object to processing of your data
  • Request export of your data in a machine-readable format

To exercise these rights, contact our Data Protection Officer at dpo@mx-labs.net.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. Continued use of our services after changes constitutes acceptance of the revised policy. You may receive a notification about significant updates if you are a registered user.