Your cart is empty
0.00 Lev

Personal data protection in SuperHosting.BG

We are fully compliant with GDPR.

General information

The European Union’s General Data Protection Regulation ("GDPR"), coming into effect in 25 May 2018, lays out a new set of rules for how the personal data of people living within the EU should be handled. It sets out the protection of personal data as a guaranteed right for all citizens across EU.

As a personal data processor when offering hosting services, SuperHosting.BG is compliant with all the requirements of the regulation and meets the high standards "Data privacy by design and by default". Only the required legal minimum of personal data is gathered, processed and kept secure with the appropriate technical and organisational measures.


Information about the Controller
  1. Name SuperHosting.BG Ltd.
  2. UIC/BULSTAT :131449987
  3. Seat and registered address: Iztok Residential area, 36 G. M. Dimitrov Blvd., Izgrev area, 1797 Sofia
  4. Correspondence address: Iztok Residential area, 36 Dr G. M. Dimitrov Blvd., Izgrev area, 1797 Sofia
  5. Telephone: +359 2 8108 999.
  6. Email:
Information about the Data Protection Officer
  1. Name: 'Vladimirov Kiskinov' Attorneys-at-Law
  2. UIC/BULSTAT : 176645870
  3. Seat and registered address: 6 Nayden Gerov St., Floor 4, Office 7, Sofia
  4. Correspondence address: 6 Nayden Gerov St., Floor 4, Office 7, Sofia
  5. Telephone: 02 988 18 28
  6. Email:
Information about the Supervisory Authority
  1. Name: Commission for Personal Data Protection
  2. Seat and registered address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia
  3. Correspondence address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia
  4. Telephone: 02 915 3 518
  5. Email: kzld@government.bg, kzld@cpdp.bg
  6. Website: www.cpdp.bg
Grounds for collecting, processing and storing your personal data

Art. 1. (1) SuperHosting.BG shall collect and process your personal data in relation to the provision of hosting services, registration of domains, usage of virtual or dedicated servers and the conclusion of contracts with the Company on the grounds of Art. 6, Para. 1, Regulation (EU) 2016/679 (GDPR), and in particular on the following grounds:

    • explicit consent provided by you as a customer;
    • fulfillment of the obligations of SuperHosting.BG under contract with you;
    • compliance with a legal obligation applicable to SuperHosting.BG;
    • for the purposes of the legitimate interest of SuperHosting.BG.
    • SuperHosting.BG shall be a controller regarding your data as the User of our services. With regard to the personal data you process using our services, SuperHosting.BG shall act as a processor.
Purposes and principles for collecting, processing and storing your personal data

Art. 2. (1) SuperHosting.BG shall collect and process the personal data you provide to us in connection with the use of our hosting services and for the conclusion of a contract with the Company as well as for subscribing to our events, including for the following purposes:

  • creating a profile for full functionality in providing our services;
  • individualization of a party to this contract;
  • registration of a participant in an event organized by SuperHosting.BG;
  • accounting purposes;
  • statistical purposes;
  • information security;
  • securing the implementation of this contract for the provision of the respective service;
  • sending information e-mails, announcements about changes in services, and recommendations to improve the use of the platform, new and upgraded subscription plans etc.;
  • improving and personalizing the service by suitable offers, ads, promotional campaigns, events and other products and services that might be of interest to you;
  • provision of technical support via ticketing system or call center;
  • creating an online store via the Shopiko platform;
  • subscribing to receive notifications about latest blogposts published in SuperHosting.BG corporate blog;
  • leaving replies under our blogposts published in SuperHosting.BG corporate blog.

(2) SuperHosting.BG shall comply with the following principles when processing your personal data:

  • lawfulness, fairness and transparency;
  • limitation of the purposes for processing;
  • relevance with processing purposes and minimization of data collection;
  • accuracy and age of the data;
  • limitation of storage for the achievement of the purposes;
  • integrity and confidentiality of processing, and ensuring an adequate level of security for the personal data.

(3) When processing and storing personal data, SuperHost.BG may process and store personal data to protect the following legitimate interests of theirs:

  • fulfilling their obligations to the National Revenue Agency, the Ministry of Interior and other governmental or municipal authorities.
What kind of personal data shall SuperHosting.BG collect, process and store?

Art. 3. (1) SuperHosting.BG shall perform the following operations with personal data and for the following purposes:

  • Registration of a user on the website and implementation of a contract for the provision of hosting services, registration of a domain, virtual or dedicated server, etc. The purpose of this operation shall be to create an account that is associated with the service and to allow you to manage the content of the service through the administrative panel, according to the plan chosen by you. Conclusion of the Impact assessment: Based on the Impact Assessment referred to above, the Data Protection Officer considers that the 'Conclusion of Hosting Service Contract' operation is eligible and provides sufficient guarantees to protect the rights and legitimate interests of the data subjects in accordance with the requirements of the GDPR.
  • Registration of a user for the purposes of registering a domain in or outside the .bg area. Conclusion of the Impact assessment: Based on the Impact Assessment referred to above, the Data Protection Officer considers that the 'Domain registration' operation is eligible and provides sufficient guarantees to protect the rights and legitimate interests of the data subjects in accordance with the requirements of the GDPR.
  • Conclusion and implementation of a commercial transaction with a customer or a partner. The purpose of this operation shall be to conclude and implement a contract with a business partner or customer and the administration thereof.
  • Sending information and notification e-mails. The purpose of this operation shall be to administer the process of sending notification messages to customers about service improvements, system requirements and service expiration, as stated in service contract.
  • User registration in the Shopiko platform and signing a contract for the provision of a service for the creation of online stores through it. The purpose of this operation shall be to register and create an online store.
  • Subscription for receiving notifications about new blogposts from SuperHosting.BG corporate blog – the purpose of this operation is sending articles and posts published in our blog in case you have given your consent for it.
  • Moderating replies under blogposts in SuperHosting.BG corporate blog – the purpose of this operation is giving the users the opportunity to leave a reply to the blogpost or article and share their opinion on a certain subject described in the material.

(2) SuperHosting.BG shall process the following categories of personal data and information for the following purposes, and for the following reasons:

  • Data: Your personalizing data (name and surname, e-mail, country, phone)
    • Purpose for which data is collected: 1) To register the User. 2) To establish contact with the User and to send information to them, including, when the User has asked, to send newsletters or advertising messages. 3) To create an online store via the Shopiko platform.
    • Grounds for processing your personal data. By accepting the terms and conditions, registering on the website and purchasing a service, a contractual relationship shall be established between SuperHosting.BG and you, on which basis we shall process your personal data - Art. 6, Para. 1, Item (b) of the GDPR.
  • Additional data provided by you. If you want to update your profile, you can fill in the contact details and the administration contact email.
    • Purpose for which data is collected: Updating the information in the User's account.
    • Grounds for data processing: By accepting the terms and conditions, registering on the website and purchasing a service, a contractual relationship shall be established between SuperHosting.BG and you, on which basis we shall process your personal data - Art. 6, Para. 1, Item (b) of the GDPR.
  • Other data that SuperHosting.BG shall process. When logging in to our website or your account, SuperHosting.BG shall collect data about the IP address you use.
    • Purpose for which data is collected: Improving security of the service and interface localization, statistical and marketing research.
    • Grounds for data processing: The data processing is necessary for the implementation of the contract by which the data subject is a party - Art. 6, Para. 1, Item (b) of the GDPR. Before the creation of the User's profile, the IP address shall be collected on the basis of the legitimate interests of the Controller - Art. 6, Para. 1, Item (e) of the GDPR.
  • Your invoice data. If you would like an invoice to be issued to you as a natural person, you should provide us with your personal ID number.
    • Purpose for which data is collected: Issuing an invoice for payments under a contract for the provision of services for the use of the platform for the creation of online stores.
    • Grounds for processing your personal data. By accepting the terms and conditions, registering on the website or signing a written contract, a contractual relationship shall be established between SuperHosting.BG and you, on which basis we shall process your personal data - Art. 6, Para. 1, Item (b) of the GDPR.
  • Personal data for SuperHosting.BG blog users: - Your name, e-mail address, website.
    • Purpose for which data is collected: 1) To subscribe the User to receive notifications about blogposts published in SuperHosting.BG blog. 2) To leave replies under blogposts in SuperHosting.BG blog.
    • Grounds for processing your personal data. You give your consent on which basis we shall process your personal data - Art. 6, Para. 1, Item (b) of the GDPR.

(3) SuperHosting.BG shall not collect or process personal data that relates to the following:

  • reveal racial or ethnic origin;
  • reveal political, religious or philosophical beliefs, or trade union membership;
  • genetic and biometric data, health data, or data on sexual life or sexual orientation.

(4) Personal data shall be collected by SuperHosting.BG from the persons to whom it relates.

(5) The Company shall not perform automated decision making with data.

(6) The company shall not process personal data of persons under 14 years old unless consent is given by the holder of parental responsibility over the child.


Personal data storage period

Art. 4. (1) SuperHosting.BG shall store your personal data for no longer than the duration of existence of your website profile. Upon expiry of this period, SuperHosting.BG shall take reasonable care to erase and destroy all your data without undue delay.

(2) SuperHosting.BG shall notify you in case the storage period needs to be extended in order to achieve the purposes, the implementation of the contract, in view of the legitimate interests of SuperHosting.BG or otherwise.

(3) (4) SuperHosting.BG shall store your personal data processed on given consent grounds until you explicitly withdraw your consent. The latter shall not apply to already published replies as to keeping the reasonable continuity of the blogpost replies.

(4) SuperHosting.BG shall keep the personal data that they are required to keep under the applicable legislation for the required term, which may exceed the duration of your registration.


Transfer of your personal data for processing

Art. 5. (1) SuperHosting.BG may, at their sole discretion, transmit all or part of your personal data to personal data processors for the fulfillment of the processing purposes, subject to the requirements of Regulation (EU) 2016/679.

(2) SuperHosting.BG shall notify you in case of intent to transmit all or part of your personal data to third countries or international organizations.


Your rights when collecting, processing or storing your personal data

Withdrawal of consent to process your personal data

Art. 6. (1) If you do not wish all or any of your personal data to continue to be processed by SuperHosting.BG for a particular or for any processing purpose, you may, at any time, withdraw your consent to processing by filling in the form in your profile or a request in free text.

(2) SuperHosting.BG may require you to prove your identity and your identity with the data subject.

(3) Your account shall become inactive if you withdraw your consent for the processing of personal data which is required for creating and maintaining your registration for the use of the services.


Right of access

Art. 7. (1) You shall have the right to request and obtain from SuperHosting.BG confirmation as to whether or not personal data about you is being processed.

(2) You shall have the right to access the data relating to it as well as the information relating to the collection, processing and storage of your personal data.

(3) SuperHosting.BG shall provide you, upon request, with a copy of the processed personal data about you, in electronic or other appropriate form.

(4) Providing access to the data shall be free of charge, but SuperHosting.BG shall reserve the right to impose an administrative fee in the event of recurrence or disproportionate claims.


Right to rectification or filling in

Art. 8. You can rectify or fill in the inaccurate or incomplete personal data about you directly through your website profile or by sending a request to SuperHosting.BG.


Right to erasure ('right to be forgotten')

Art. 9.(1) You shall have the right to request from SuperHosting.BG the erasure of the personal data about you, and SuperHosting.BG shall have the obligation to erase it without undue delay where one of the following grounds applies:

  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • you withdraw your consent on which the data processing is based and where there is no other legal ground for the processing;
  • you object to the processing of the data about you, including for the purposes of the direct marketing, and there are no overriding legitimate grounds;
  • the personal data has been unlawfully processed;
  • the personal data has to be erased for compliance with a legal obligation in the EU or Member State law to which SuperHosting.BG is subject;
  • the personal data has been collected in relation to the offer of information society services.

(2) SuperHosting.BG shall not be obliged to erase the personal data, if they store and process the data:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by the EU or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
  • for reasons of public interest in the area of public health;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes;
  • for the establishment, exercise or defense of legal claims.

(3) In order to exercise your right to be 'forgotten', you should submit a request through the option in your profile or a written request sent to SuperHosting.BG as well as to authenticate your identity and identity with the person to whom the data provided to SuperHosting.BG relates, by presenting your ID card on the spot for identification purposes and, if necessary, entering your login data for the account of the person to whom the data relates before an employee of SuperHosting.BG.

(4) SuperHosting.BG shall not erase the data that they have a legal obligation to store, including for protection against claims brought against them or proof of their rights.


Right to restriction

Art. 10. You shall have the right to request from SuperHosting.BG restriction of processing of data about you where one of the following applies:

  • you contest the accuracy of the personal data, for a period enabling SuperHosting.BG to verify the accuracy of the personal data;
  • the processing is unlawful, but you oppose the erasure of the personal data and only request the restriction of their use instead;
  • SuperHosting.BG no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of your legal claims;
  • you have objected to processing, pending the verification whether the legitimate grounds of SuperHosting.BG override those of yours.
Right to data portability

Art. 11. (1) You may, at any time, download, directly through your profile or by email request, the data about you that are stored and processed in connection with the use of SuperHosting.BG services.

(2) You can request SuperHosting.BG to transmit your personal data directly to another controller, chosen by you, where technically feasible.


Right to receive information

Art. 12. You may request from SuperHosting.BG to inform you of all recipients to whom personal data has been disclosed for which rectification, erasure or limitation of the processing has been requested. SuperHosting.BG may refuse to provide this information if this would not be possible or would require disproportionate effort.


Right to object

Art. 13. You shall have the right to object, on grounds relating to your particular situation, at any time, to processing of personal data about you, by SuperHost.BG including profiling or direct marketing.


Your rights upon personal data security breach

Art. 14. (1) If SuperHosting.BG become aware of a breach in your personal data that is likely to result in a risk to your rights and freedoms, we shall, without undue delay, notify you about this breach and about the measures that have been undertaken or are to be undertaken.

(2) SuperHosting.BG shall not be obliged to notify you if:

  • they have implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach;
  • they have taken subsequent measures which ensure that the high risk to your rights and freedoms is no longer likely to materialize;
  • the notification would involve disproportionate effort.
Persons provided with your personal data

Art. 15. For domain registration in or outside of the .bg area, and upon request submitted by you, SuperHosting.BG shall transmit the necessary information to the respective domain registrar who shall process your data as a controller for the purpose of registering the requested domain.

Art. 16. The Controller shall not transfer your data to third countries.

Other provisions

Art. 17. In case of violation of your rights under the above or applicable data protection laws, you shall have the right to file a complaint with the Commission for Personal Data Protection as follows:

  1. Name: Commission for Personal Data Protection
  2. Seat and registered address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia
  3. Correspondence address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia
  4. Telephone: 02 915 3 518
  5. Email: kzld@government.bg, kzld@cpdp.bg
  6. Website: www.cpdp.bg

Art. 18. You may exercise all of your rights to protect your personal data through the forms enclosed with this information. Of course, these forms shall not be mandatory and you can make your claims in any form that contains a statement about it and identifies you as the data holder.

Art. 19. If the consent relates to transfer, the Controller shall describe the possible risks in the transfer of data to third countries in the absence of a decision for adequate protection and appropriate remedies.

Art. 20(1). When assigning SuperHosting.BG to process personal data to a third party for the purposes of using the service, SuperHosting.BG shall act in their capacity of a personal data processor.

(2). In the cases under Para. 1, SuperHosting.BG shall act only on your instruction as the User of the service and only as long as they may have control over the personal data you are processing. SuperHosting.BG shall have no control over the content and data that you as a service user choose to be uploaded to the service (including whether or not this data includes personal data). In this case, SuperHosting.BG shall have no role in the decision-making process whether the User uses the data processing service, for what purposes and whether it is protected. Accordingly, the responsibility of SuperHosting.BG in this case shall be limited to 1) complying with the instructions of the User of the service, pursuant to the contract and the general terms and conditions, and 2) providing information about the service and functionalities through their interface.

The current Privacy policy is last revised on March 21, 2019

 

This document informs Users about the technologies that help this Website to achieve the purposes described below. Such technologies allow the Owner to access and store information (for example by using a Cookie) or use resources (for example by running a script) on a User’s device as they interact with this Website.

For simplicity, all such technologies are defined as "Trackers" within this document – unless there is a reason to differentiate.

For example, while Cookies can be used on both web and mobile browsers, it would be inaccurate to talk about Cookies in the context of mobile apps as they are a browser-based Tracker. For this reason, within this document, the term Cookies is only used where it is specifically meant to indicate that particular type of Tracker.

Some of the purposes for which Trackers are used may also require the User's consent. Whenever consent is given, it can be freely withdrawn at any time following the instructions provided in this document.

This Website uses Trackers managed directly by the Owner (so-called “first-party” Trackers) and Trackers that enable services provided by a third-party (so-called “third-party” Trackers). Unless otherwise specified within this document, third-party providers may access the Trackers managed by them.

The validity and expiration periods of Cookies and other similar Trackers may vary depending on the lifetime set by the Owner or the relevant provider. Some of them expire upon termination of the User’s browsing session.

In addition to what’s specified in the descriptions within each of the categories below, Users may find more precise and updated information regarding lifetime specification as well as any other relevant information — such as the presence of other Trackers — in the linked privacy policies of the respective third-party providers or by contacting the Owner.

Activities strictly necessary for the operation of this Website and delivery of the Service

This Website uses so-called “technical” Cookies and other similar Trackers to carry out activities that are strictly necessary for the operation or delivery of the Service.

First-party Trackers

Storage duration:

  • sh_app_site: duration of the session
  • sh_app_curr: duration of the session
  • sh_app_regn: duration of the session
  • li_sugr: duration of the session
  • bcookie: duration of the session

Trackers managed by third parties

Google Tag Manager (Google LLC)

Google Tag Manager is a tag management service provided by Google LLC.

In order to understand Google's use of Data, consult their partner policy (https://policies.google.com/technologies/partner-sites) and their Business Data page (https://business.safety.google/privacy/).

Personal Data processed: Trackers and Usage Data.

Place of processing: United States

Other activities involving the use of Trackers

Functionality

This Website uses Trackers to enable basic interactions and functionalities, allowing Users to access selected features of the Service and facilitating the User's communication with the Owner.

Interaction with live chat platforms

This type of service allows Users to interact with third-party live chat platforms directly from the pages of this Website, in order to contact and be contacted by this Website‘s support service.

If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service. Moreover, live chat conversations may be logged.

Crisp Widget (Crisp IM SARL)

The Crisp Widget is a service for interacting with the Crisp live chat platform provided by Crisp IM SARL.

Personal Data processed: Data communicated while using the service, Trackers, Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: France

Registration and authentication

By registering or authenticating, Users allow this Website to identify them and give them access to dedicated services.

Depending on what is described below, third parties may provide registration and authentication services. In this case, this Website will be able to access some Data, stored by these third-party services, for registration or identification purposes.

Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.

Facebook Oauth (Meta Platforms Ireland Limited)

Facebook Oauth is a registration and authentication service provided by Meta Platforms Ireland Limited and is connected to the Facebook social network.

Personal Data processed: Trackers and various types of Data.

Place of processing: Ireland.

Storage duration:

  • _fbp: 3 months

Facebook Authentication (Meta Platforms Ireland Limited)

Facebook Authentication is a registration and authentication service provided by Meta Platforms Ireland Limited and is connected to the Facebook social network.

Personal Data processed: Trackers and various types of Data as specified in the privacy policy of the service.

Place of processing: Ireland

Storage duration:

  • _fbp: 3 months
  • fbssls_*: duration of the session

Experience

This Website uses Trackers to improve the quality of the user experience and enable interactions with external content, networks and platforms.

Hotjar surveys (Hotjar Ltd.)

Hotjar surveys is a survey builder and data collection platform provided by Hotjar Ltd. Hotjar surveys may use cookies to track User behavior. Users can Opt-Out of Hotjar surveys cookie tracking by visiting this opt-out page.

Hotjar surveys respects the Do Not Track option available in most modern browsers that, if activated, sends a special signal to stop tracking User activity. Users can find more information on how to enable Do Not Track for each supported browser here : https://www.hotjar.com/policies/do-not-track .

Personal Data processed: Data communicated while using the service, Trackers and Usage Data.

Place of processing: Malta.

Storage duration:

  • _hjAbsoluteSessionInProgress: 30 minutes
  • _hjCachedUserAttributes: duration of the session
  • _hjClosedSurveyInvites: 1 year
  • _hjDonePolls: 1 year
  • _hjFirstSeen: duration of the session
  • _hjIncludedInSessionSample: 30 minutes
  • _hjLocalStorageTest: duration of the session
  • _hjMinimizedPolls: 1 year
  • _hjSession*: 30 minutes
  • _hjSessionRejected: duration of the session
  • _hjSessionResumed: duration of the session
  • _hjSessionTooLarge: 1 hour
  • _hjSessionUser*: 1 year
  • _hjSessionUser_*: 2 years
  • _hjShownFeedbackMessage: 1 year
  • _hjTLDTest: duration of the session
  • _hjUserAttributesHash: duration of the session
  • _hjViewportId: duration of the session
  • _hjid: 1 year
  • hjActiveViewportIds: duration of the session

Hotjar Recruit User Testers (Hotjar Ltd.)

The Hotjar Recruit User Testers widget is a service for interacting with the Hotjar data collection platform provided by Hotjar Ltd. Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers.

Personal Data processed: Trackers, Usage Data and various types of Data.

Place of processing: Malta.

Storage duration:

  • _hjAbsoluteSessionInProgress: 30 minutes
  • _hjCachedUserAttributes: duration of the session
  • _hjClosedSurveyInvites: 1 year
  • _hjDonePolls: 1 year
  • _hjFirstSeen: duration of the session
  • _hjIncludedInSessionSample: 30 minutes
  • _hjLocalStorageTest: duration of the session
  • _hjMinimizedPolls: 1 year
  • _hjSession*: 30 minutes
  • _hjSessionRejected: duration of the session
  • _hjSessionResumed: duration of the session
  • _hjSessionTooLarge: 1 hour
  • _hjSessionUser*: 1 year
  • _hjSessionUser_*: 2 years
  • _hjShownFeedbackMessage: 1 year
  • _hjTLDTest: duration of the session
  • _hjUserAttributesHash: duration of the session
  • _hjViewportId: duration of the session
  • _hjid: 1 year

Hotjar Poll & Survey widgets (Hotjar Ltd.)

The Hotjar Poll & Survey widgets are services that enable interaction with the Hotjar platform provided by Hotjar Ltd. Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers.

Personal Data processed: Trackers, Usage Data and various types of Data.

Place of processing: Malta.

Storage duration:

  • _hjAbsoluteSessionInProgress: 30 minutes
  • _hjCachedUserAttributes: duration of the session
  • _hjClosedSurveyInvites: 1 year
  • _hjDonePolls: 1 year
  • _hjFirstSeen: duration of the session
  • _hjIncludedInSessionSample: 30 minutes
  • _hjLocalStorageTest: duration of the session
  • _hjMinimizedPolls: 1 year
  • _hjSession*: 30 minutes
  • _hjSessionRejected: duration of the session
  • _hjSessionResumed: duration of the session
  • _hjSessionTooLarge: 1 hour
  • _hjSessionUser*: 1 year
  • _hjSessionUser_*: 2 years
  • _hjShownFeedbackMessage: 1 year
  • _hjTLDTest: duration of the session
  • _hjUserAttributesHash: duration of the session
  • _hjViewportId: duration of the session
  • _hjid: 1 year

Measurement

This Website uses Trackers to measure traffic and analyze User behavior to improve the Service.

Analytics

The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

Google Analytics 4 (Google Ireland Limited)

Google Analytics 4 is a web analysis service provided by Google Ireland Limited (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.

Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

In Google Analytics 4, IP addresses are used at collection time and then discarded before Data is logged in any data center or server. Users can learn more by consulting Google’s official documentation.

Personal Data processed: number of Users, session statistics, Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • _ga: 2 years
  • _ga_*: 2 years

Heat mapping and session recording

Heat mapping services are used to display the areas of this Website that Users interact with most frequently. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior.

Some of these services may record sessions and make them available for later visual playback.

Hotjar Heat Maps & Recordings (Hotjar Ltd.)

Hotjar is a session recording and heat mapping service provided by Hotjar Ltd.

Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.

Personal Data processed: Trackers, Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: Malta.

Storage duration:

  • _hjAbsoluteSessionInProgress: 30 minutes
  • _hjCachedUserAttributes: duration of the session
  • _hjClosedSurveyInvites: 1 year
  • _hjDonePolls: 1 year
  • _hjFirstSeen: duration of the session
  • _hjIncludedInSessionSample: 30 minutes
  • _hjLocalStorageTest: duration of the session
  • _hjLocalStorageTest: duration of the session
  • _hjMinimizedPolls: 1 year
  • _hjSession*: 30 minutes
  • _hjSessionRejected: duration of the session
  • _hjSessionResumed: duration of the session
  • _hjSessionTooLarge: 1 hour
  • _hjSessionUser*: 1 year
  • _hjSessionUser_*: 2 years
  • _hjShownFeedbackMessage: 1 year
  • _hjTLDTest: duration of the session
  • _hjUserAttributesHash: duration of the session
  • _hjViewportId: duration of the session
  • _hjid: 1 year

Marketing

This Website uses Trackers to deliver personalized marketing content based on User behavior and to operate, serve and track ads.

Advertising

This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Website, possibly based on User interests.

This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.

Some of the services listed below may use Trackers for identifying Users, behavioral retargeting i.e. displaying ads tailored to the User’s interests and behavior, or to measure ads performance. For more information, please check the privacy policies of the relevant services.

Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section "How to opt-out of interest-based advertising" in this document.

Meta ads conversion tracking (Meta pixel) (Meta Platforms Ireland Limited)

Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms Ireland Limited that connects data from the Meta Audience Network with actions performed on this Website. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • _fbp: 3 months
  • fr: 3 months

Meta Lookalike Audience (Meta Platforms Ireland Limited)

Meta Lookalike Audience is an advertising and behavioral targeting service provided by Meta Platforms Ireland Limited that uses Data collected through Meta's Custom Audience in order to display ads to Users with similar behavior to Users who are already in a Custom Audience list on the basis of their past use of this Website or engagement with relevant content across Meta's apps and services.

On the basis of these Data, personalized ads will be shown to Users suggested by Meta Lookalike Audience.

Users can opt out of Meta's use of Trackers for ads personalization by visiting this opt-out page.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • _fbp: 3 months

Google Ads conversion tracking (Google Ireland Limited)

Google Ads conversion tracking is an analytics service provided by Google Ireland Limited that connects data from the Google Ads advertising network with actions performed on this Website.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • IDE: 2 years
  • test_cookie: 15 minutes

Google Ads Similar audiences (Google Ireland Limited)

Similar audiences is an advertising and behavioral targeting service provided by Google Ireland Limited that uses Data from Google Ads Remarketing in order to display ads to Users with similar behavior to Users who are already on the remarketing list due to their past use of this Website.

On the basis of this Data, personalized ads will be shown to Users suggested by Google Ads Similar audiences.

Users who don't want to be included in Similar audiences can opt out and disable the use of advertising Trackers by going to: Google Ad Settings.

In order to understand Google's use of Data, consult Google's partner policy.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • AID: 2 years
  • ANID: 2 years
  • Conversion: 3 months
  • DSID: 14 days
  • FCNEC: 1 year
  • FLC: 10 seconds
  • FPAU: 3 months
  • FPGCLAW: 3 months
  • FPGCLDC: 3 months
  • FPGCLGB: 3 months
  • IDE: 2 years
  • NID: 6 months
  • RUL: 1 year
  • TAID: 14 days
  • __gads: 2 years
  • __gsas: 2 years
  • _gac_: 3 months
  • _gac_gb_: 3 months
  • _gcl_au: 3 months
  • _gcl_aw: 3 months
  • _gcl_dc: 3 months
  • _gcl_gb: 3 months
  • _gcl_gf: 3 months
  • _gcl_ha: 3 months
  • id: 2 years
  • test_cookie: 15 minutes

Hotjar Form Analysis and Conversion Funnels (Hotjar Ltd.)

Hotjar is an analytics service provided by Hotjar Ltd. Hotjar honors generic Do Not Track headers. This means your browser can tell its script not to collect any of your data. This is a setting that is available in all major browsers.

Personal Data processed: Trackers and Usage Data.

Place of processing: Malta.

Storage duration:

  • _hjAbsoluteSessionInProgress: 30 minutes
  • _hjCachedUserAttributes: duration of the session
  • _hjClosedSurveyInvites: 1 year
  • _hjDonePolls: 1 year
  • _hjFirstSeen: duration of the session
  • _hjIncludedInSessionSample: 30 minutes
  • _hjLocalStorageTest: duration of the session
  • _hjLocalStorageTest: duration of the session
  • _hjMinimizedPolls: 1 year
  • _hjSession*: 30 minutes
  • _hjSessionRejected: duration of the session
  • _hjSessionResumed: duration of the session
  • _hjSessionTooLarge: 1 hour
  • _hjSessionUser*: 1 year
  • _hjSessionUser_*: 2 years
  • _hjShownFeedbackMessage: 1 year
  • _hjTLDTest: duration of the session
  • _hjUserAttributesHash: duration of the session
  • _hjViewportId: duration of the session
  • _hjid: 1 year

Remarketing and behavioral targeting

This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.

This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.

Some services offer a remarketing option based on email address lists.

Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section "How to opt-out of interest-based advertising" in this document.

Facebook Remarketing (Meta Platforms Ireland Limited)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Meta Platforms Ireland Limited that connects the activity of this Website with the Meta Audience Network.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • _fbp: 3 months

Google Ads Remarketing (Google Ireland Limited)

Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google Ireland Limited that connects the activity of this Website with the Google Ads advertising network and the DoubleClick Cookie.

In order to understand Google's use of Data, consult Google's partner policy.

Users can opt out of Google's use of Trackers for ads personalization by visiting Google's Ads Settings.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Storage duration:

  • AID: 2 years
  • ANID: 2 years
  • Conversion: 3 months
  • DSID: 14 days
  • FCNEC: 1 year
  • FLC: 10 seconds
  • FPAU: 3 months
  • FPGCLAW: 3 months
  • FPGCLDC: 3 months
  • FPGCLGB: 3 months
  • IDE: 2 years
  • NID: 6 months
  • RUL: 1 year
  • TAID: 14 days
  • __gads: 2 years
  • __gsas: 2 years
  • _gac_: 3 months
  • _gac_gb_: 3 months
  • _gcl_au: 3 months
  • _gcl_aw: 3 months
  • _gcl_dc: 3 months
  • _gcl_gb: 3 months
  • _gcl_gf: 3 months
  • _gcl_ha: 3 months
  • id: 2 years
  • test_cookie: 15 minutes

Google Signals (Google Ireland Limited)

This Website uses Google Signals, a feature of Google Analytics, which will associate the visitation information that it collects from this Website with Google information from accounts of signed-in Google-account users who have consented to this association for the purpose of ads personalization. This Google information may include User location, search history, YouTube history and Data from sites that partner with Google – and is used to provide aggregated and anonymized insights into Users' cross device behaviors.

If a User falls under the described association, they may access and/or delete such Data via My Activity provided by Google.

Personal Data processed: Trackers and Usage Data.

Place of processing: Ireland.

Meta Custom Audience (Meta Platforms Ireland Limited)

Meta Custom Audience is a remarketing and behavioral targeting service provided by Meta Platforms Ireland Limited that connects the activity of this Website with the Meta Audience Network.

Users can opt out of Meta's use of Trackers for ads personalization by visiting this opt-out page.

Personal Data processed: email address and Trackers.

Place of processing: Ireland.

Storage duration:

  • _fbp: 3 months

Mailjet (SAS Mailjet)

Mailjet is an email address management and message sending service provided by SAS Mailjet.

Personal Data processed: email address, Trackers and Usage Data.

Place of processing: France.

How to manage preferences and provide or withdraw consent

There are various ways to manage Tracker related preferences and to provide and withdraw consent, where relevant:

Users can manage preferences related to Trackers from directly within their own device settings, for example, by preventing the use or storage of Trackers.

Additionally, whenever the use of Trackers is based on consent, Users can provide or withdraw such consent by setting their preferences within the cookie notice or by updating such preferences accordingly via the relevant consent-preferences privacy widget, if available.

It is also possible, via relevant browser or device features, to delete previously stored Trackers, including those used to remember the User’s initial consent preferences.

Other Trackers in the browser’s local memory may be cleared by deleting the browsing history.

With regard to any third-party Trackers, Users can manage their preferences via the related opt-out link (where provided), by using the means indicated in the third party's privacy policy, or by contacting the third party.

Locating Tracker Settings

Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses:

  • Google Chrome
  • Mozilla Firefox
  • Apple Safari
  • Microsoft Internet Explorer
  • Microsoft Edge
  • Brave
  • Opera

Users may also manage certain categories of Trackers used on mobile apps by opting out through relevant device settings such as the device advertising settings for mobile devices, or tracking settings in general (Users may open the device settings and look for the relevant setting).

How to opt out of interest-based advertising

Notwithstanding the above, Users may follow the instructions provided by YourOnlineChoices (EU and UK), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.

The Digital Advertising Alliance offers an application called AppChoices that helps Users to control interest-based advertising on mobile apps.

Consequences of denying the use of Trackers

Users are free to decide whether or not to allow the use of Trackers. However, please note that Trackers help this Website to provide a better experience and advanced functionalities to Users (in line with the purposes outlined in this document). Therefore, if the User chooses to block the use of Trackers, the Owner may be unable to provide related features.

Owner and Data Controller

SuperHosting.BG Ltd, Iztok Residential area, 36 G. M. Dimitrov Blvd., Izgrev area, 1797 Sofia

Owner contact email: sh-cookie@superhosting.bg

Since the use of third-party Trackers through this Website cannot be fully controlled by the Owner, any specific references to third-party Trackers are to be considered indicative. In order to obtain complete information, Users are kindly requested to consult the privacy policies of the respective third-party services listed in this document.

Given the objective complexity surrounding tracking technologies, Users are encouraged to contact the Owner should they wish to receive any further information on the use of such technologies by this Website.

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data

Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.

User

The individual using this Website who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor (or Processor)

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.

This Website (or this Application)

The means by which the Personal Data of the User is collected and processed.

Service

The service provided by this Website as described in the relative terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookie

Cookies are Trackers consisting of small sets of data stored in the User's browser.

Tracker

Tracker indicates any technology - e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting - that enables the tracking of Users, for example by accessing or storing information on the User’s device.

Legal information

This privacy policy relates solely to this Website, if not stated otherwise within this document.

 

What security measures have been taken in SuperHosting.BG infrastructures to keep your personal data safe?

Long before GDPR compliance steps were made, a whole new security system was developed and implemented on our infrastructure - SH Protect. It is a multilevel working system monitoring and protecting the websites and personal data of our customers from a considerable number of malicious action attempts. The system is updated every day so that customer information is being secured in the most effective way.
It was 3 years ago when a whole system against DDoS attacks was implemented. It detects around 95% of the common DDoS attacks and is being continuously updated with newly registered attacks.
Our team keeps working on blocking malicious actions towards data stored in our infrastructure as well as improving the quality of the secure systems.
You can find more information how we keep your website and mail data safe in our blog: https://blog.superhosting.bg/en/security-challenge-accepted.html