AVG & Gegevensbescherming
Laatst bijgewerkt: 10/06/2025
1. Data Controller
Eurhosting SHPK
NIPT M52305043P
Email: info@eurhosting.net
DPO contact: privacy@eurhosting.net
2. Processing Activities Register
The following table summarises the personal data processing activities carried out by Eurhosting SHPK as Data Controller.
| Purpose | Data Categories | Legal Basis | Retention | Transfers |
|---|---|---|---|---|
| Service delivery & contract management | Name, email, billing address, VAT/tax ID, payment data | Art. 6.1.b β Contract performance | Duration of service + 10 years (legal obligation) | EU only |
| Technical support & ticket management | Name, email, technical data provided in support requests | Art. 6.1.b β Contract performance | Duration of service + 2 years | EU only |
| Service communications (renewals, expiries) | Name, email | Art. 6.1.b β Contract performance | Duration of service | EU only |
| Access logs & security monitoring | IP address, access timestamps, actions performed | Art. 6.1.f β Legitimate interest (security) | Duration of contractual relationship | EU only |
| Website analytics | Anonymised browsing data (Google Analytics 4) | Art. 6.1.a β Consent | 26 months (GA4 default) | Google LLC (adequate safeguards) |
| Contact form enquiries | Name, email, message content | Art. 6.1.b β Pre-contractual measures | 2 years from last contact | EU only |
| Legal & tax compliance | Invoicing data, transaction records | Art. 6.1.c β Legal obligation | 10 years | EU only |
3. Data Processor Agreement (DPA)
Customers who process personal data through Eurhosting services (e.g. websites, applications or databases hosted on our infrastructure) may require a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR.
Eurhosting provides a standard DPA to all customers upon request. To request your DPA, write to privacy@eurhosting.net with subject line "DPA Request β [your account email]".
4. Sub-processors
Eurhosting uses the following sub-processors for the delivery of its services:
- Google LLC β Website analytics (Google Analytics 4). Standard Contractual Clauses in place. Google GDPR commitments β
- Payment processors β PayPal, Stripe (credit/debit card processing). Both are PCI-DSS certified and GDPR compliant.
No personal data is shared with sub-processors outside the EU/EEA except where adequate safeguards (Standard Contractual Clauses or adequacy decisions) are in place.
5. Your Rights
Under the GDPR you have the following rights, exercisable free of charge by contacting privacy@eurhosting.net:
Obtain a copy of your personal data and information about how it is processed.
Request correction of inaccurate or incomplete personal data.
Request deletion of your personal data ("right to be forgotten").
Request that processing of your data be restricted in certain circumstances.
Receive your data in a structured, machine-readable format.
Object to processing based on legitimate interests or for direct marketing.
We will respond to all rights requests within 30 days. In complex cases, this may be extended by a further 60 days with notification.
6. Exercise Your Rights
To exercise any of the above rights, send a request to privacy@eurhosting.net with:
- Subject: "GDPR Rights Request β [type of right]"
- Your full name and account email address;
- A copy of a valid identity document (for verification purposes);
- A clear description of your request.
7. Data Breach Notification
In the event of a personal data breach, Eurhosting will notify the competent supervisory authority within 72 hours of becoming aware of the breach, where required by Art. 33 GDPR. Affected individuals will be notified without undue delay where the breach is likely to result in a high risk to their rights and freedoms (Art. 34 GDPR).
8. Infrastructure Location
All Eurhosting infrastructure β servers, storage, network equipment β is located exclusively within the European Union. No customer data is processed on servers outside the EU. This applies to all services: Shared Hosting, VPS, and Dedicated Servers.
9. Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority. As Eurhosting SHPK operates within the EU, you may contact the supervisory authority in your country of residence or the authority in the country where you believe an infringement has occurred.
A list of EU supervisory authorities is available at: European Data Protection Board β Members β
10. Contact
For all GDPR-related enquiries:
π§ privacy@eurhosting.net
π www.eurhosting.net
Eurhosting SHPK β NIPT M52305043P