1. Who We Are

Virtual Host (Virtual Dedicated Datacenter Services) is the controller of your personal data for purposes of this policy. You can reach us at:

• Email: privacy@virtualhost.ae
• Address: Dubai Silicon Oasis, DDP, Building A2, Dubai, UAE
• Phone: +971-4-358-6563

2. What We Collect

2.1 Information you give us

• Account details — name, email, phone, billing address, company.
• Payment data — handled by our payment processors (we do not store full card numbers; we keep the last four digits and expiry for record-keeping).
• Identity verification — for some payment methods or higher-risk orders we may collect a copy of a government-issued ID, retained only as required.
• Support content — anything you send us in tickets, emails, or calls.

2.2 Information we collect automatically

• Network logs — connection metadata (IPs, timestamps, ports, bytes) for security and abuse handling.
• Web analytics — pages viewed, browser type, referrer, approximate region. We use first-party analytics; we do not use tracking pixels or third-party advertising trackers.
• Cookies — session cookies for authentication, and a small number of preference cookies. See §7.

2.3 What we do NOT collect

We do not access the data inside your servers or virtual machines except as needed to deliver support you have requested, to comply with law, or to respond to a confirmed abuse incident. We do not sell or rent your personal data to anyone.

3. How We Use It

• Deliver the Services — provision servers, route traffic, send invoices, respond to support.
• Billing and fraud prevention — process payments, detect chargebacks and fraud.
• Security — investigate abuse, brute-force attempts, and breaches; protect our network.
• Service communications — maintenance windows, security advisories, billing reminders.
• Marketing — only if you've opted in. You can opt out at any time via the unsubscribe link in any marketing email.
• Legal compliance — comply with UAE law, court orders, and regulator requests.

4. Legal Bases (where applicable)

Where the GDPR or similar regimes apply, we rely on:

• Contract performance — to deliver the Services you ordered.
• Legitimate interests — to secure the network, prevent fraud, and improve the Services.
• Consent — for marketing emails and any non-essential cookies.
• Legal obligation — to retain billing records and respond to lawful requests.

5. How We Share It

We share personal data only with:

• Sub-processors we use to run the business — payment processors, email providers, accounting software, customer support tooling. They are contractually bound to use the data only to deliver their service to us.
• Datacenter and network partners at the locations you provision in.
• Authorities when legally required (court order, regulator demand, or to protect rights and safety).
• Successors in connection with a merger, acquisition, or sale of assets — with notice to you.

A current list of sub-processors is available on request to privacy@virtualhost.ae.

6. International Transfers

Our headquarters are in the UAE, and our datacenters span the UAE, the EU, the UK, and the US. By using our services in those regions you accept the transfer of your data to those locations. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

7. Cookies

We use a small number of cookies on this website and the client portal:

• Strictly necessary — session and CSRF cookies required for login and form submission. These cannot be disabled.
• Preference — your dashboard layout choices.
• Analytics — a single first-party analytics cookie. You can opt out via the cookie banner on first visit.

We do not use third-party advertising cookies.

8. How Long We Keep It

• Account and billing records — for the duration of your account plus 7 years (UAE tax retention).
• Support tickets — 3 years from closure.
• Network and security logs — 90 days unless an active investigation requires longer.
• Marketing preferences — until you opt out.
• Backups — replaced on a 30-day rolling cycle.

9. Your Rights

Subject to applicable law, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion ("right to be forgotten") of data we no longer have a lawful basis to keep.
• Object to or restrict processing in certain circumstances.
• Receive a portable copy of data you provided to us.
• Withdraw consent for any processing based on consent.
• Lodge a complaint with your local data protection authority.

To exercise any of these, email privacy@virtualhost.ae. We respond within 30 days.

10. Security

We protect personal data with administrative, technical, and physical measures including encryption in transit (TLS 1.2+), encryption at rest for backups and credentials, role-based access control, multi-factor authentication for staff, and 24/7 monitoring. No system is perfectly secure; we will notify you and the relevant authorities of confirmed breaches affecting your data without undue delay.

11. Children

Our services are not directed to anyone under 18. We do not knowingly collect personal data from minors. If you believe we have, contact us and we will delete it.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be announced by email to the Account contact and posted at the top of this page at least 30 days before they take effect.