Privacy Policy
Last updated: July 2026 · This is a template — have it reviewed by a qualified lawyer before launch.
1. Who we are
The data controller is [COMPANY LEGAL NAME — e.g. LastraHost SARL], [REGISTERED ADDRESS]. Privacy contact: privacy@lastrahost.com.
2. Data we collect
Account data: name, email, billing address, country, and hashed password. Billing data: invoices and payment references — full card numbers are handled by our payment processors and never stored by us. Technical data: IP addresses in server and security logs, and support correspondence. Preferences such as language and theme are stored locally in your browser.
3. Why we process it
To provide and bill the services (contract), to comply with tax and accounting law (legal obligation), to prevent fraud and abuse (legitimate interest), and — only with your consent — to send product news you can opt out of at any time.
4. Processors & transfers
We share data only with the processors needed to run the service: payment providers (e.g. Stripe, PayPal), email delivery, and our datacenter partners. Where data leaves the EEA, transfers rely on adequacy decisions or Standard Contractual Clauses. A current processor list is available on request.
5. Retention
Account data is kept while your account is active and deleted or anonymized within 12 months of closure, except invoices, which we retain for the period required by tax law (typically 10 years). Server data is permanently deleted after the post-expiry grace period.
6. Your rights
You may request access, rectification, erasure, restriction, portability, or object to processing by emailing privacy@lastrahost.com. You may also lodge a complaint with your supervisory authority (in France, the CNIL).
7. Cookies & local storage
The marketing site sets no advertising cookies. We use browser local storage for your language and theme choices only. If we introduce analytics, it will be privacy-respecting and disclosed here first.
8. Security
Data is protected with encryption in transit, access controls, and least-privilege staff access. Report security issues to security@lastrahost.com.