Privacy Policy

This Privacy Policy describes how BlueShift Hosting Inc. handles personal information in connection with our websites, customer portal, and hosting services. We encourage you to read it in full. If you have any questions, you can reach our privacy team using the details in the Contact section below.

1. Introduction

BlueShift Hosting Inc. ("BlueShift Hosting", "we", "us", or "our") is a corporation incorporated in Canada, with its registered office at 1234 Example Street, Suite 100, Toronto, ON M5V 0A1, Canada. We provide web hosting, virtual private servers (VPS), and dedicated server services through our website at https://hosting.myportal.cx.

BlueShift Hosting Inc. is the data controller responsible for the personal information described in this policy. We are committed to protecting your privacy and handling your information responsibly, in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. For customers and visitors located in the European Union or the United Kingdom, we also apply the relevant principles of the General Data Protection Regulation (GDPR) and the UK GDPR.

2. Information we collect

We collect personal information that you provide directly to us, that is generated through your use of our services, and that is collected automatically through our website. This includes:

• Account and identity information — your name, email address, phone number, and billing address, provided when you create an account, purchase a service, or contact us.
• Payment information — billing details necessary to charge for our services. Card payments are processed by our payment processor, Stripe. We do not store full card numbers on our systems; we may retain limited information such as the card brand, the last four digits, and an expiry date for billing and fraud-prevention purposes.
• Service data — information generated as you use our hosting platform, including server and resource usage, IP addresses, connection and access logs, and technical configuration data needed to operate, secure, and troubleshoot your services.
• Support communications — the content of tickets, emails, and other correspondence you send to us, along with our responses, so that we can provide and improve support.
• Website cookies and analytics — information collected automatically when you visit our website, such as device and browser type, pages viewed, and similar usage data. See the Cookies section for details.

3. How we use information

We use personal information for the following purposes:

• Provide and bill for services — to create and manage your account, provision and operate your hosting services, and process payments and renewals.
• Customer support — to respond to your enquiries, resolve technical issues, and manage your account.
• Security and fraud prevention — to protect our network, customers, and systems; detect, investigate, and prevent abuse, fraud, and unauthorized access; and enforce our Acceptable Use Policy and Terms of Service.
• Legal compliance — to meet our legal, regulatory, tax, and accounting obligations, and to respond to lawful requests from authorities.
• Service updates — to send you important administrative or transactional messages about your account, billing, security, and changes to our services or policies.
• Marketing (with consent) — where you have consented, to send you news, offers, and product updates. You can withdraw your consent and unsubscribe at any time.

4. Legal bases for processing

Under PIPEDA, we rely primarily on your consent to collect, use, and disclose your personal information, which may be express or implied depending on the sensitivity of the information and the circumstances. Where the GDPR or UK GDPR applies to your information, we rely on one or more of the following legal bases:

• Consent — where you have given us clear consent to process your information for a specific purpose, such as marketing communications.
• Performance of a contract — where processing is necessary to provide the services you have requested and to fulfil our agreement with you.
• Legitimate interests — where processing is necessary for our legitimate business interests, such as securing our network, preventing fraud, and improving our services, provided these interests are not overridden by your rights.
• Legal obligation — where processing is necessary to comply with a legal or regulatory requirement.

5. Payment processing (Stripe)

We use Stripe to process card payments (Visa, Mastercard, and American Express). When you pay for a service, the card details you enter are collected and processed by Stripe under its own privacy terms; they are transmitted directly to Stripe and are not stored in full on our systems. We share the billing information necessary to complete your transaction — such as your name, billing address, email, and the amount and currency of the charge — with Stripe so that it can process the payment, verify it, and help prevent fraud.

All charges are in CAD (Canadian dollars), and applicable Canadian taxes (GST/HST) are added at checkout. Stripe acts as an independent data controller for the payment data it processes. We encourage you to review Stripe's privacy policy to understand how it handles your information.

6. Sharing and disclosure

We do not sell your personal information. We may share personal information only in the following limited circumstances:

• Service providers and sub-processors — with trusted third parties that perform services on our behalf, such as payment processing, data centre and infrastructure providers, email delivery, and analytics. These providers are permitted to use your information only to provide services to us and are bound by appropriate confidentiality and data-protection obligations.
• Legal requirements — where we are required to do so by law, regulation, legal process, or an enforceable governmental request, or where disclosure is necessary to protect our rights, our customers, or the security of our systems.
• Business transfers — in connection with a merger, acquisition, financing, reorganization, or sale of all or part of our business, your information may be transferred as part of that transaction, subject to appropriate confidentiality protections.

7. Data retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including to provide our services, maintain your account, and comply with our legal, tax, accounting, and regulatory obligations, resolve disputes, and enforce our agreements. Billing and transaction records are generally retained for the period required by applicable Canadian financial and tax laws. When personal information is no longer required, we take reasonable steps to securely delete, anonymize, or de-identify it.

8. International transfers

BlueShift Hosting operates data centres in multiple regions. As a result, your personal information may be processed and stored in Canada and in other jurisdictions where our service providers and data centres are located. These jurisdictions may have data-protection laws that differ from those in your home country, and information may be accessible to courts, law enforcement, and authorities in those jurisdictions in accordance with their laws.

Where we transfer personal information across borders — including transfers of EU, UK, or other regional data outside those regions — we take steps to ensure that appropriate safeguards are in place, such as contractual protections with our service providers, to help protect your information consistent with this policy and applicable law.

9. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, and loss. These measures include encryption of data in transit, access controls and authentication, network protections, least-privilege access for staff, and ongoing monitoring of our systems. While no method of transmission or storage is completely secure, we work to protect your information using safeguards appropriate to its sensitivity. You are responsible for keeping your account credentials confidential and for the security of your own systems and applications hosted with us.

10. Cookies

Our website uses cookies and similar technologies. Essential cookies are necessary for the website and customer portal to function — for example, to keep you signed in and to secure your session — and cannot be switched off through our systems. Optional analytics cookies help us understand how visitors use our website so that we can improve it.

You can control or delete cookies through your browser settings, and most browsers allow you to refuse or remove cookies. Please note that disabling essential cookies may affect the functionality of our website and portal. Where required, we will request your consent for non-essential cookies.

11. Your rights

Subject to applicable law, you have rights over your personal information. These include the right to:

• Access the personal information we hold about you and obtain information about how we use it.
• Correct personal information that is inaccurate or incomplete.
• Delete your personal information, subject to our legal and contractual retention obligations.
• Withdraw consent at any time where we rely on your consent, including to stop receiving marketing communications. Withdrawing consent may affect our ability to provide certain services.

To exercise any of these rights, please contact us using the details in the Contact section. We will respond within the time required by applicable law. If you are in Canada and are not satisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada.

If you are located in the European Union or the United Kingdom, you may also have the right, under the GDPR or UK GDPR, to restrict or object to certain processing, to data portability, and to lodge a complaint with your local data-protection supervisory authority.

12. Children

Our services are intended for businesses and adults. They are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us so that we can take appropriate steps to delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or services. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, provide additional notice. We encourage you to review this policy periodically. Your continued use of our services after an update takes effect constitutes acceptance of the revised policy.

14. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our privacy team:

• Privacy email: privacy@myportal.cx
• Registered address: BlueShift Hosting Inc., 1234 Example Street, Suite 100, Toronto, ON M5V 0A1, Canada
• Phone: +1 (647) 555-0142

This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein.