roast logo

roast.host

Data Protection Policy

Last updated: April 22, 2025

1. Controller Information

This Data Protection Policy explains how ROAST.host ("we", "us", "our") collects, processes, and protects your personal data when you use our services.

Data Protection Officer (DPO)
Email: [email protected]

2. Data We Collect

We may collect and process the following data:

  • Account data: email address, username
  • Technical data: IP address, browser type, device information
  • Usage data: logs of your activity on our platform
  • Server configuration data you provide to us

3. Legal Basis for Processing

We process your data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services
  • Legitimate Interests: Improving our services, ensuring security
  • Legal Obligation: Compliance with applicable laws
  • Consent: Where you have explicitly agreed to specific processing

4. Data Retention

We retain your personal data as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Account data is kept until you delete your account or request data deletion.

5. Your GDPR Rights

Under the GDPR, you have the following rights:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data
  • Restriction: Request limitation of processing
  • Data Portability: Request transfer of your data
  • Objection: Object to processing of your data
  • Automated Decision-Making: Rights related to automated decisions

To exercise these rights, please contact our DPO at [email protected]. We will respond to your request within one month.

6. Third-Party Service Providers

Hosting Providers

Hetzner
We use Hetzner for server hosting. Hetzner processes data in accordance with EU data protection laws. For more information, visit: Hetzner Privacy Policy

Cloudflare
We use Cloudflare for content delivery and security services. Cloudflare may process user IP addresses and technical information. For more information, visit: Cloudflare Privacy Policy

Authentication

Hanko
We use Hanko for authentication services. When you log in, Hanko processes authentication data. For more information, visit: Hanko Privacy Policy

7. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements, such as Standard Contractual Clauses.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include encryption, access controls, and regular security assessments.

9. Cookies and Similar Technologies

We use essential cookies that are necessary for the functioning of our website. These cookies do not track you for marketing purposes.

10. Changes to this Policy

We may update this policy from time to time. If we make significant changes, we will notify you through our website or by email.

11. Complaints

If you have concerns about our data processing, please contact us first at [email protected]. You also have the right to lodge a complaint with your local data protection authority.