GDPR Compliance

Last Updated: May 18, 2025

At HostAsia, we are committed to protecting your personal data and ensuring compliance with the European Union's General Data Protection Regulation (GDPR). This page outlines how we adhere to GDPR principles and your rights under this regulation.

1. What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It addresses the transfer of personal data outside the EU and EEA areas.

The GDPR aims to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

2. Our Role Under GDPR

HostAsia acts as both a data controller and a data processor:

  • Data Controller: We determine the purposes and means of processing personal data collected from our customers when they register for our services, subscribe to newsletters, or interact with our website.
  • Data Processor: For the content and data you store on our servers as part of your hosting account, you are the data controller, and we act as a data processor, processing this data on your behalf.

3. GDPR Principles We Follow

HostAsia adheres to the following GDPR principles in our data processing activities:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and transparently.
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes.
  • Data minimization: We limit the data we collect to what's necessary for the purposes for which it's processed.
  • Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date.
  • Storage limitation: We keep personal data for no longer than necessary.
  • Integrity and confidentiality: We process data securely, protecting against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
  • Accountability: We take responsibility for complying with GDPR principles and can demonstrate our compliance.

4. Legal Basis for Processing

We process personal data on the following legal grounds:

  • Contract: Processing necessary for the performance of a contract with you (e.g., to provide hosting services you've purchased).
  • Legitimate Interests: Processing necessary for our legitimate interests (e.g., to improve our services, for fraud prevention, or for network security), provided these interests don't override your rights.
  • Legal Obligation: Processing necessary for compliance with a legal obligation.
  • Consent: Processing based on your specific consent (e.g., for marketing communications).

5. Your Rights Under GDPR

The GDPR provides you with several rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct inaccurate personal data.
  • Right to Erasure: You can request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You can request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to our processing of your personal data in certain circumstances.
  • Rights Related to Automated Decision Making: You have rights related to automated decision making and profiling.

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below.

6. Data Protection Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data during transmission and at rest
  • Regular testing, assessing, and evaluation of the effectiveness of security measures
  • Ability to restore availability and access to personal data in a timely manner in the event of an incident
  • Regular security audits and staff training
  • Access controls and authentication requirements

7. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data, such as:

  • Transferring to countries that the European Commission has determined provide an adequate level of protection
  • Using specific contracts approved by the European Commission that give personal data the same protection it has in Europe
  • Implementing binding corporate rules or standard contractual clauses

8. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the appropriate supervisory authority without undue delay and, if possible, within 72 hours of becoming aware of it.

If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly, unless we have implemented appropriate technical and organizational protection measures, or it would involve disproportionate effort.

9. Data Protection Officer

While not legally required for our organization, we have voluntarily appointed a Data Protection Officer (DPO) to oversee our GDPR compliance. You can contact our DPO at dpo@hostasia.co.in.

10. GDPR Compliance for Our Customers

If you use our hosting services to collect or process personal data of EU residents, you are responsible for ensuring your own GDPR compliance. We provide features and tools to help you comply with GDPR requirements, including:

  • Ability to implement SSL certificates for secure data transmission
  • Regular backups to prevent data loss
  • Server locations within the EU for data residency requirements
  • Data processing agreements upon request

11. Contact Us

If you have any questions about our GDPR compliance or wish to exercise your data protection rights, please contact us at:

  • Email: privacy@hostasia.co.in
  • Phone: +91 7314345053
  • Address: HostAsia Technologies Pvt. Ltd. 3rd Floor, Keshav Tower,Sitaram Ji Ki Bawri Road, Bhilwara, Rajasthan 311001

You also have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes the GDPR.