FRANKHOST is committed to privacy. We fully comply with the General Data Protection Regulation (GDPR), ensuring your personal data is handled securely, transparently, and only for specific, legitimate purposes.

1. Our Roles: Controller vs. Processor

Under GDPR, FRANKHOST acts in two different capacities depending on the data:

  • Data Controller: For the information you provide to open an account (name, email, billing address). We determine how this data is used to provide your service.
  • Data Processor: For the data you host on our servers (your website files, databases, and customer emails). You are the Controller of this data; we merely process it on your behalf by storing it on our infrastructure.

2. Lawful Basis for Processing

We only collect and process personal data when we have a lawful basis. This includes:

  • Contractual Necessity: To provision your hosting, register domains, and provide customer support.
  • Legal Obligation: To maintain financial records for tax authorities and comply with ICANN domain registry policies.
  • Legitimate Interest: To monitor server security, prevent fraud, and improve our network performance.

3. Your Data Subject Rights

As a user, you have strict rights regarding your personal data. You can exercise these at any time via your Client Portal or by contacting support:

  • Right to Access: You can view all personal data we hold about you in your account dashboard.
  • Right to Rectification: You can update or correct inaccurate details at any time.
  • Right to Erasure (Right to be Forgotten): You can request the deletion of your account and personal data. Note: We may be legally required to retain specific billing invoices for tax compliance.
  • Right to Data Portability: You can download your account data and website backups in a structured, machine-readable format to move to another provider.

4. Data Breach Notification

In the highly unlikely event of a data breach that compromises your personal information, FRANKHOST will notify you and the relevant supervisory authorities within 72 hours of becoming aware of the incident, in accordance with GDPR Article 33.

5. International Data Transfers

FRANKHOST operates globally. When personal data is transferred outside the European Economic Area (EEA), we ensure it is protected by appropriate safeguards, including Standard Contractual Clauses (SCCs) and strict data processing agreements with our upstream datacenter partners.

6. Contact Our Data Protection Officer (DPO)

If you have any questions about our GDPR compliance, wish to exercise your data rights, or need a signed Data Processing Agreement (DPA) for your organization, please open a support ticket or email our privacy team directly.