Privacy Policy
Last Updated: August 25, 2025
Hi there, We’ve always tried to keep our Privacy Policy simple and easy to read. Some parts have to sound a bit formal because the law requires it, but beyond that, our goal is straightforward: we want you to understand what happens with your data and to feel in control of it. We’re not here to sell or exploit your information. We just want to offer you a service that works well, and sometimes that means using things like cookies to keep everything running smoothly. At the end of the day, your trust means everything to us. We respect your privacy, and we’ll always treat your data with care.
0. Introduction
These Terms of Service ("Terms") constitute a legally binding agreement between you ("User," "you," or "your") and Zenith Hosting KLG ("Company," "we," "us," or "our"), a limited liability company incorporated under the laws of Switzerland.
By accessing or using our services ("Services"), you acknowledge that you have read, understood, and agree to be bound by these terms. If you do not agree to these terms, you must not access or use our Services.
We reserve the right to modify these terms at any time by posting the updated version on our website. If you continue to use our Services after changes are posted, you agree to the revised terms. We will post a notice on our website and make sure you need to accept the new terms before continuing to use our services. Such as making you log in again.
1. What Data We Collect
- Directly from you:
- Your email, account details
- Messages and support requests
- Automatically:
- IP address, browser and OS details, server interaction data
- Last login and activity times
- Approximate location (from IP address)
- Payment information (via Stripe)
- Automatic generated IDs (cookies, user IDs)
2. How We Use Your Data
| Purpose | Data Used |
|---|---|
| Account setup and management | Identity, technical data |
| Providing our services | Identity, usage, technical |
| Processing payments | Identity, payment info |
| Customer support | Identity, communications |
| Website improvement/analytics | Usage, technical data |
| Security and fraud prevention | Usage, technical data |
3. Sharing Your Data (Third Parties)
We only share your data with trusted partners for essential operations:
- Polar.sh (EU/USA): Payment processing and Merchant of Record services.
- Brevo.com (France): Transactional email (for signup, password resets, etc.).
- instatus (USA): Service status monitoring and notifications. Only when accessing our status page.
- bunny.net (Slovenia): Content delivery and DNS (improves loading speeds globally).
- PostHog EU (EU): Analytics, userId and email.
- Cloudflare (USA/EU): Security and web performance.
- Hetzner (Germany/Helsinki): Server hosting.
- OVH (France): Server hosting.
- Spur (USA): Fraud detection and connection risk assessment on login and checkout pages.
We also run some self-hosted services:
- Plausible Analytics (self-hosted): Anonymous usage analytics.
- Chatwoot (self-hosted): Customer support messages.
- Sentry/Glitchtip (self-hosted): Error tracking.
If you log in to our website we automatically redirect you to your mail provider to handle your login.
All partners comply with the GDPR and Swiss FADP or provide adequate safeguards for Swiss/EU data. Polar.sh acts as our Merchant of Record and handles all payment data processing, tax compliance, and customer invoicing in accordance with international regulations.
4. International Data Transfers
- Mostly within Switzerland/EU: All processing happens in the EU or Switzerland except for a few services (see above).
- Safeguards: For transfers outside Switzerland/EU, we rely on Standard Contractual Clauses and similar legal protections.
5. Data Retention
| Data Type | How Long? |
|---|---|
| Account data | 3 months after last login (if no servers) |
| Payment data | 7 years (legal compliance) |
| Analytics data | 7 years |
| Support data | As long as necessary for support |
| Error data | As long as necessary |
| Auth cookies | 7 days |
When you delete your account, associated data is erased unless we’re required to keep it for compliance (e.g., payment records). You can also request specific data deletions by contacting us.
6. Your Rights (FADP & GDPR)
As a user of our website, you have the right to:
- Information & access: Ask what data we hold and receive a copy.
- Correction/rectification: Fix incorrect data.
- Deletion: Request deletion (“right to be forgotten”).
- Restriction/Objection: Limit or object to how we use your data.
- Portability: Get your data in a readable format.
- Withdraw consent: Anytime for analytics/cookies/marketing.
- Automated decisions/profiling: Ask for human review.
Just email support@zenith.ms to use these rights—we’ll answer within 30 days.
7. Cookies & Tracking
- Essential cookies: Login/session (expire after 7 days), Cloudflare security.
- Functional cookies: Chatwoot (support chats, up to 1 year).
- Third-party cookies: Polar.sh (payments).
On your first visit, you’ll see a cookie banner to accept or reject non-essential cookies.
8. Data Security
We use industry-standard safeguards:
- HTTPS encryption for all data in transit
- Access controls, regular staff training, and security audits
- Data minimized to what’s strictly necessary
9. Data Breach Response
If there’s a data breach risking your rights, we’ll notify both you and the Swiss Federal Data Protection and Information Commissioner (FDPIC) within 72 hours.
10. Privacy by Design
We collect only what’s needed, limit data use to stated purposes, and update/delete it as required.
11. Children’s Privacy
Children under 13 need parental consent to use our services. If you’re under 13, please get permission first. If you think we have data from a child under 13 without consent, contact us to delete it.
12. Policy Updates
We’ll let you know about significant changes via email and update this document’s date.
13. Contact
Questions or requests? Email: support@zenith.ms
By using our Services, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service.
By using our Services, you acknowledge that you have read, understood, and agreed to this document.