Privacy policy

Last updated: 2026-04-26. HostStack (“we”) respects the privacy of visitors and customers in India and abroad who use www.hoststack.pro.

1. Data we collect

We collect information you provide (name, email, phone, billing address, payment tokens through processors—not full card data on our servers in typical flows), and technical data (IP, device, log files, and cookies) to operate security, prevent abuse, and improve performance. We may also receive verification signals from your bank or Razorpay / card networks / UPI to confirm a transaction, without storing your full UPI VPA in a way that makes it a marketing field.

2. Cookies, analytics, and marketing

We use cookies and similar technologies to keep you logged in, to remember your preferences, to measure the effectiveness of certain campaigns, and to run essential security. Optional analytics and advertising cookies may be set with your consent if we surface a banner. You can block non-essential cookies in your browser; some parts of the client area may not function if essential cookies are disabled.

3. How we use and share data

We use data to deliver hosting, to invoice you, to protect our network, and to communicate with you about security and service changes. We share with subprocessors in order to provide the service: payment gateways, KYC/AML where applicable, support tooling, and infrastructure partners. We do not sell your personal information to random third-party ad networks as a business model, and we expect partners to be bound by data-processing obligations appropriate to the role (controller vs processor) under the Information Technology Act, 2000, read with applicable rules, and, where the GDPR is relevant, appropriate safeguards for international transfers in specific situations.

4. Your choices and access

You can request a copy, correction, or deletion of your personal data, subject to legal and billing retention rules. We may need to retain invoices and abuse-related logs for a period even after account closure. To exercise a request, email [email protected] with “Privacy request” in the subject, or message us on WhatsApp from a verified account phone number. You may also opt out of non-essential marketing by using the link in a campaign email, when present.

5. Data retention, security, and subprocessors

We keep personal data for as long as you have a relationship with us, plus a reasonable business and legal hold period. Security measures include access controls, encryption in transit for modern panels and APIs where applicable, and monitoring for anomalous patterns. Subprocessors (payment gateways, support desks, and infrastructure) are chosen to handle categories of data you would expect. We will update a subprocessor list in the client area or on request when the roster material changes in a way that matters for you; keep your notification email up to date so you can review changes.

6. Children, sensitive categories, and cross-border

The HostStack website and checkout flows are for adults and for businesses, not for children to operate alone. We do not knowingly market to minors. Health, biometric, and other sensitive categories of data are not a focus of the marketing site; if you process special-category data, you are responsible for lawful ground and, where needed, a data-processing agreement. Some infrastructure may be outside India: when that is true, we choose providers with defensible security postures, and you should layer your own compliance program on top, especially for regulated businesses.