Our Commitment to GDPR
Hostinger International Ltd. is fully committed to compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). The GDPR sets strict standards for the collection, processing, and protection of personal data of individuals in the European Economic Area (EEA). This page explains your rights under GDPR and how we uphold them.
Who Is the Data Controller?
Hostinger International Ltd. acts as the data controller for personal data collected when you use our website and services. Our registered address is:
Hostinger International Ltd.
61 Lordou Vironos Street, 6023 Larnaca, Cyprus
Where Hostinger processes personal data on your behalf (e.g., data stored on your hosting account), Hostinger acts as the data processor and you are the controller.
Lawful Basis for Processing
We process your personal data under the following lawful bases:
- Contract performance: Processing necessary to fulfil our service agreement with you.
- Legitimate interests: Fraud prevention, network security, and service improvement.
- Legal obligation: Compliance with applicable laws and regulations.
- Consent: Marketing communications and non-essential cookies (you may withdraw consent at any time).
Your Rights Under GDPR
As a data subject in the EEA, you have the following rights:
Right of Access
Request a copy of all personal data we hold about you and information on how it is processed.
Right to Rectification
Request correction of inaccurate or incomplete personal data without undue delay.
Right to Erasure
Request deletion of your personal data ("right to be forgotten") under certain circumstances.
Right to Restrict Processing
Request that we limit the processing of your data while a dispute is resolved.
Right to Data Portability
Receive your data in a structured, machine-readable format and transfer it to another controller.
Right to Object
Object to processing based on legitimate interests or for direct marketing purposes at any time.
How to Exercise Your Rights
To submit a data subject request, please contact our Data Protection Officer. We will respond within 30 days of receiving your request. We may ask you to verify your identity before processing your request.
Data Protection Officer
Email: dpo@hostinger.com
Address: Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus
Response time: within 30 days
Data Transfers Outside the EEA
When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Transfers to countries with an adequacy decision from the European Commission.
- Where applicable, Binding Corporate Rules for intra-group transfers.
Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to you personally, we will also notify you directly without undue delay.
Data Retention
We retain personal data only for as long as necessary for the purposes it was collected, or as required by law. When data is no longer needed, it is securely deleted or anonymised. You may request deletion of your data at any time by contacting our DPO.
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. For users in Cyprus, the relevant authority is:
Commissioner for Personal Data Protection
1 Iasonos Street, 1082 Nicosia, Cyprus
Website: www.dataprotection.gov.cy
Updates to This Page
We review and update our GDPR compliance documentation regularly. Material changes will be communicated by email or via a notice on our website.