Skip to main content
Host UK Host UK

Privacy Policy

How we handle your data. Written in English, not legalese.

Last updated: 25 December 2024

The Short Versi... Who We Are What We Collect How We Use Your... Where Your Data... Data Retention + more below

The Short Version

  • We collect only what we need to provide our services.
  • Your data stays in the EU (Germany and Finland).
  • We don't sell your data. Ever.
  • You can export or delete your data anytime.
  • We use cookies for essential functions only—no creepy tracking.

Who We Are

Host UK Limited ("Host UK", "we", "us", "our") operates the Host UK platform and associated services including BioHost, SocialHost, MailHost, NotifyHost, TrustHost, and AnalyticsHost. We are registered in the United Kingdom and maintain our primary data infrastructure within the European Union.

What We Collect

Account Information

When you create an account, we collect your email address and display name. If you upgrade to a paid plan, we collect payment information through our payment processors (Stripe, PayPal, BTCPay Server). We don't store full card numbers—that's handled by PCI-compliant processors.

Content You Create

Bio pages, scheduled posts, short links, QR codes, email aliases—whatever you build on our platform is stored to provide the service. This is yours. You can export it or delete it anytime.

Usage Data

Basic analytics: page views, click counts, feature usage. This helps us improve the platform. We aggregate this data and don't build individual profiles for advertising (because we don't do advertising).

Technical Data

Server logs contain IP addresses, browser types, and request timestamps. These are kept for security and debugging purposes and are automatically purged after 30 days.

How We Use Your Data

  • Providing and maintaining our services
  • Processing payments and managing subscriptions
  • Sending service-related communications (not marketing spam)
  • Improving our platform based on aggregate usage patterns
  • Detecting and preventing fraud or abuse
  • Complying with legal obligations

Where Your Data Lives

All personal data is stored in the European Union—specifically in data centres in Germany (Nuremberg and Falkenstein) and Finland (Helsinki). We use a global CDN with 96+ edge locations for performance, but these caches contain only static assets and anonymised data. Your personal information never leaves the EU.

Data Retention

We keep your data for as long as your account is active, plus a reasonable period afterward in case you want to come back. If you delete your account, we remove your personal data within 30 days, except where we're legally required to retain it (financial records, for example).

Your Rights (GDPR)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Export your data in a standard format
  • Objection: Object to certain types of processing
  • Restriction: Limit how we process your data

To exercise any of these rights, email privacy@host.uk.com. We'll respond within 30 days.

Cookies

We use essential cookies to keep you logged in and remember your preferences. We don't use tracking cookies, advertising cookies, or any of those annoying cookie consent popups that follow you around the internet. If you block all cookies, some features won't work—but we won't guilt-trip you about it.

Third-Party Services

Payment Processors

Stripe, PayPal, and BTCPay Server handle payments. They have their own privacy policies. We chose them because they're reputable and don't do weird things with your data.

Social Platforms

When you connect social accounts to SocialHost, those platforms receive your posts. We don't control what they do with that data—check their privacy policies.

Infrastructure

We use Hetzner (Germany/Finland) for hosting and Bunny.net for CDN. Both are GDPR-compliant and don't process personal data beyond what's necessary for the service.

Security

All data is encrypted in transit (TLS) and at rest. We use industry-standard security practices, regular security audits, and we don't store passwords in plaintext (obviously). If we ever have a security incident affecting your data, we'll notify you promptly and honestly.

Children

Our services are not intended for children under 16. If we discover we've collected data from a child, we'll delete it. If you're a parent and believe your child has signed up, contact us.

Changes to This Policy

We'll update this policy when things change. Significant changes will be announced via email and/or a notice on our website. We won't bury important changes in legal jargon.

Contact Us

Questions about privacy? Email privacy@host.uk.com. For general enquiries, see our Contact page. We're real humans and we actually read these emails.

Related Documents

Terms of Service Contact Us FAQ