Legal

Privacy Policy

Your privacy matters. Here's exactly how we handle your data.

Contents
0. Summary 1. Information We Collect 2. How We Use Data 3. Legal Basis (GDPR) 4. Data Sharing 5. International Transfers 6. Cookies & Tracking 7. Data Retention 8. Data Security 9. Your Rights 10. Children's Privacy 11. Third-Party Links 12. Policy Changes 13. Contact & DPO
Effective Date: January 1, 2025  |  Last Updated: March 21, 2026
Summary: We collect minimal data to provide and improve our services. We do not sell your data to third parties. You have the right to access, correct, and delete your information at any time. This policy applies to all Clytrix Web Services, including hosting, domain registration, and email services.

1. Information We Collect

We collect information in the following ways:

Account Information: Name, email address, phone number, billing address, and payment information (processed securely by our payment processor — we never store full card details on our servers).

Technical Data: IP address, browser type and version, operating system, device type, referring URLs, pages visited, and time spent on our website. This data is used for security monitoring, fraud prevention, and aggregate analytics.

Service Data: Domain names you register or manage, server access logs, support tickets, and any files, databases, or applications you upload to our hosting infrastructure.

Communication Data: Emails, chat transcripts, and support tickets you send us. These are retained to provide support continuity and improve our services.

Usage Analytics: Aggregated, anonymized statistics about how features are used. No personally identifiable information is included in analytics reports.

Domain WHOIS Data: If you register a domain, your name, organization, email, and address are transmitted to ICANN-designated domain registries as required by law. WHOIS Privacy protection replaces this with proxy information where supported by the registry.

2. How We Use Your Data

  • To provision, manage, and support your hosting services
  • To process payments and send invoices
  • To communicate with you about your account, service updates, and support
  • To send marketing emails (you can opt out at any time)
  • To detect and prevent fraud, abuse, and security threats
  • To comply with legal obligations

For customers in the European Union or UK, we process personal data under one or more of the following legal bases:

  • Contract Performance: Processing necessary to provide the services you have purchased (account management, billing, provisioning).
  • Legitimate Interests: Security monitoring, fraud prevention, improving service quality, and direct marketing to existing customers. We balance these interests against your privacy rights.
  • Legal Obligation: Compliance with tax laws, ICANN policies, and court orders.
  • Consent: Marketing emails, non-essential cookies, and analytics. You may withdraw consent at any time without affecting the lawfulness of prior processing.

4. Data Sharing

We do not sell, rent, or trade your personal information. We may share data with:

  • Payment processors: Stripe, PayPal for secure payment processing
  • ICANN / Registries: Domain registration data as required by ICANN policy
  • Legal authorities: When required by law, court order, or to protect our rights
  • Service providers: Analytics, email, and infrastructure partners under strict data processing agreements

5. International Data Transfers

Clytrix is based in India. If you are located in the European Union, United Kingdom, or other jurisdictions with data transfer restrictions, your personal data may be transferred to and processed in India.

We ensure adequate safeguards are in place for such transfers including:

  • Standard Contractual Clauses (SCCs) with third-party processors
  • Adequacy decisions where applicable
  • Contractual obligations requiring equivalent data protection standards

By using our services, you consent to the transfer of your data to India and other countries where our service providers operate.

6. Cookies & Tracking Technologies

We use the following categories of cookies:

CategoryPurposeRetention
EssentialSession management, login authentication, security tokensSession / 24 hrs
FunctionalLanguage preference, currency selection, regional settings30 days
AnalyticsGoogle Analytics (anonymized IP), page view counts, feature usage2 years
MarketingRetargeting pixels, Google Tag Manager conversion tracking (opt-in only)90 days

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling essential cookies will affect your ability to log in and use our services. You can opt out of analytics by installing the Google Analytics Opt-out Browser Add-on.

7. Data Retention

We retain different categories of data for different periods based on business necessity and legal requirements:

  • Account data: Retained while your account is active and for 3 years after closure for tax and legal compliance
  • Billing records: 7 years from the date of transaction (required by Indian tax law)
  • Server access logs: 90 days, then automatically purged
  • Support tickets: 2 years from resolution, or longer if relevant to ongoing legal matters
  • Marketing data: Until you unsubscribe or request deletion
  • Backup data: 30 days rolling, after which old backups are overwritten

You may request early deletion of your personal data at any time, subject to our legal retention obligations. We will acknowledge deletion requests within 72 hours and complete them within 30 days.

8. Data Security

We take data security seriously and implement multiple layers of protection:

  • In transit: TLS 1.3 encryption for all data transmitted between you and our servers
  • At rest: AES-256 encryption for sensitive data including passwords (bcrypt hashed) and payment tokens
  • Access control: Role-based access with least-privilege principles; staff access to customer data is logged and audited
  • Infrastructure: Firewalls, intrusion detection systems, DDoS mitigation, and 24/7 security monitoring
  • Incident response: Data breaches affecting your personal data will be reported to the relevant authorities within 72 hours and to affected customers without undue delay

Despite these measures, no internet transmission or storage system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): Request a copy of all personal data we hold about you
  • Right to Rectification (Art. 16): Correct inaccurate or incomplete information
  • Right to Erasure / "Right to be Forgotten" (Art. 17): Request deletion of your personal data, subject to legal retention requirements
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format (JSON/CSV)
  • Right to Restrict Processing (Art. 18): Limit how we use your data in certain circumstances
  • Right to Object (Art. 21): Object to processing based on legitimate interests, including direct marketing
  • Right to Withdraw Consent: Withdraw consent for optional processing at any time without affecting past processing
  • Right to Lodge a Complaint: File a complaint with your national data protection authority (e.g., ICO in the UK, CNIL in France)

To exercise any of these rights, email [email protected] with your request and proof of identity. We will respond within 30 days (72 hours for urgent security concerns).

10. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children. If we discover we have collected data from a child, we will delete it immediately.

11. Third-Party Links & Services

Our website and control panel may contain links to third-party websites and integrate third-party services (e.g., cPanel, Cloudflare, payment gateways). These third parties have their own privacy policies, and we are not responsible for their data practices. We encourage you to review the privacy policies of any third-party services you use through our platform.

Third-party integrations we use include:

  • Google Analytics: Anonymized website traffic analysis — Google Privacy Policy
  • Cloudflare: CDN and DDoS protection — processes IP addresses and request data
  • Tawk.to: Live chat support — chat data stored per Tawk.to's privacy policy
  • cPanel/WHM: Server control panel — access logs retained for 90 days

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by email and post the updated policy on this page with the new effective date. Continued use of our services after changes means you accept the updated policy.

13. Contact & Data Protection Officer

For privacy-related questions, data requests, or to report a concern:

Privacy Officer / DPO: Clytrix Web Services
Email: [email protected]
Phone: +91 7735 998 288
Address: Clytrix Web Services, Bhubaneswar, Odisha, India 751001
Response SLA: We acknowledge all privacy requests within 72 hours and resolve within 30 days.