Privacy Policy

Last updated: December 26, 2025

1. Introduction

nordhost.io ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our game server hosting service.

2. Information We Collect

We collect the following types of information:

Account Information:

• Email address (for account creation and communication)
• Password (stored securely hashed)

Payment Information:

• Billing details processed through Stripe
• We do not store your full credit card information

Usage Information:

• Server usage hours and activity
• Game server configurations
• IP addresses for server connections

Technical Information:

• Browser type and version
• Device information
• Log data for troubleshooting

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Process payments and manage subscriptions
• Track usage for billing purposes
• Send service-related communications
• Improve and optimize the Service
• Detect and prevent fraud or abuse
• Comply with legal obligations

4. Data Storage and Security

Your data is stored on:

• Supabase: User accounts and subscription data (hosted in EU)
• Hetzner Cloud: Game server data (Helsinki, Finland)
• Stripe: Payment processing (PCI-DSS compliant)

We implement appropriate technical and organizational measures to protect your data, including encryption in transit and at rest.

5. Data Sharing

We do not sell your personal data. We may share data with:

• Service Providers: Stripe (payments), Supabase (authentication), Hetzner (infrastructure)
• Legal Requirements: When required by law or to protect our rights

6. Your Rights (GDPR)

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data
• Portability: Receive your data in a portable format
• Object: Object to certain processing
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@nordhost.io.

7. Data Retention

We retain your data for as long as your account is active. After account deletion:

• Account data is deleted within 30 days
• Game server data is deleted within 30 days
• Payment records are retained as required by law (typically 7 years)
• Anonymized usage statistics may be retained indefinitely

8. Cookies

We use essential cookies for:

• Authentication and session management
• Security and fraud prevention

We do not use advertising or tracking cookies.

9. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe we have collected such data, please contact us.

10. International Transfers

Your data is primarily processed within the EU/EEA. Any transfers outside the EEA are conducted with appropriate safeguards in place.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service.

12. Contact Us

For privacy-related questions or to exercise your rights:

• Email: privacy@nordhost.io
• Address: Sweden

13. Supervisory Authority

You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) or your local data protection authority.