In this privacy policy, you can read about how we at HostUp handle personal data and cookies. Below you will find the most important points in short:
This policy (“Privacy policy”) describes how HostUp AB, organization number 559290-1325 (“HostUp”), manages your personal information in connection with the subscription service (“Service”) that HostUp provides.
Since HostUp processes personal data, we act as the data controller for the information you, as a customer, provide to us. HostUp aims to comply with the General Data Protection Regulation (GDPR) and other relevant Swedish regulations.
1.1 We use cookies (small text files) to improve your experience. When you browse the website, these cookies are stored on your computer, mobile device, or tablet.
1.2 Cookiebot and categories
We use Cookiebot so you can decide which cookies you want to allow. Through our cookie banner, you can easily adjust your preferences for the following categories:
1.3 Google Analytics and other analytics cookies
Under the “Statistics” category, we use services such as Google Analytics to understand how visitors use our website.
If you decline statistics cookies, no analytics data will be collected. By accepting these cookies, you help us better
understand and improve the user experience of our website.
1.4 How to change cookie settings
If you wish to change your settings later, you can open the cookie banner again via a button at the bottom left of
the page and adjust your choices. You can also block or delete cookies in your browser, but some features of the site may
stop working if you do so.
2.1 When you visit our website, certain information that your browser sends to us is automatically stored, such as your IP address and web requests. When you log in and use your account in the customer zone, we also log your account history and any changes.
2.2 Why do we log data and for how long?
We use this information to monitor and protect our servers from unauthorized access and other security issues.
Log files like http access.log, firewall logs, and error logs are automatically deleted after 1 week,
often by using the logrotate tool. This ensures that we do not retain data longer than necessary.
3.1 When you register on our website, we store information such as your email address, password, organization/personal ID number, full name, any company name, address, and phone number.
3.2 Why do we need this information?
These details are required to provide the services you order, such as domain registration and billing. They are also used to maintain security and offer support when needed.
4.1 We follow Swedish law and GDPR. We only use your personal data to deliver the services you purchase and to fulfill our agreement with you.
5.1 You can request at any time that we close your account and delete all the information we have stored about you. You may also request that we provide or correct any personal data we hold about you.
5.2 How do you contact us?
To exercise your rights (for example, request deletion or correction) or if you have any other questions about our data processing, please contact us via our support form:
https://min.hostup.se/tickets/new/.
We normally respond to your request within 30 days, in accordance with GDPR.
6.1 Your information security is our priority. If you choose servers located in Sweden, your data stays in Sweden and is not stored abroad.
6.2 Our live chat, analytics tool, and ticketing system run on separate systems and do not leave HostUp.
7.1 We only share your information when necessary to deliver the services you have purchased. Below is an overview of who we share data with and what type of data is shared.
7.1.1 Stripe – payments
We use Stripe (Stripe Payments Europe, Ltd) for credit card payments.
Read more in their privacy policy.
Personal data: billing address, email address, first name, last name, payment information, and purchase history, etc., according to Stripe’s policy.
7.1.2 Openprovider – domain registration
We use Openprovider (Hosting Concepts B.V) to register domains.
Read more in their privacy policy.
Personal data: first name, last name, company name (if applicable), phone number, postal address, email address, etc., according to their policy.
7.1.3 The Swedish Internet Foundation – domain registration
We use the Swedish Internet Foundation (Stiftelsen för internetinfrastruktur) to register .se domains.
Read more in their privacy policy and
Registration terms.
Personal data: first name, last name, company name (if applicable), phone number, postal address, email address, personal or organization number, according to their policy.
7.1.4 MaxMind – fraud protection
We use MaxMind (MaxMind, Inc) to verify the accuracy of the information you provide.
Read more in their privacy policy.
7.1.5 MailChannels – email (applies only to web hosting)
We use MailChannels (MailChannels Corporation) to send email, so that your emails do not end up in spam filters.
Read more in their privacy policy.
8.1 HostUp uses Cloudflare as a proxy to manage and protect website traffic. Among other things, Cloudflare provides a Web Application Firewall (WAF) and a Content Delivery Network (CDN) to enhance security and performance.
8.2 Purpose of using Cloudflare
By routing traffic through Cloudflare, we aim to:
8.3 Data transfer and processing
When traffic is routed through Cloudflare, certain technical information (e.g., IP addresses and HTTP requests) may be transferred to countries outside the EEA.
8.4 GDPR and data protection
HostUp has a Data Processing Agreement (DPA) with Cloudflare to ensure that any processing of personal data is performed in accordance with GDPR.
You can read more about Cloudflare’s data processing in their DPA:
https://www.cloudflare.com/sv-se/cloudflare-customer-dpa/.
HostUp is responsible for:
8.5 User consent and rights
By using HostUp’s services, you consent to having your website traffic handled via Cloudflare. You may request information about which personal data is processed and how. You may also opt-out of this and request that your website is no longer protected by Cloudflare by contacting us.
8.6 Transfer of data outside the EEA
When transferring data to Cloudflare outside the EEA, HostUp uses the EU’s Standard Contractual Clauses (SCC).
8.7 Rights
You have the right to request access to your personal data, rectification, erasure, or restriction of processing. You may also object to processing and request data portability.
9.1 Do you store my card details?
No, we do not. Your card details are stored by Stripe.
Tokenization is used by Stripe to handle card details or other personally identifiable information. We only receive a token that provides us with limited information, such as the last four digits and expiration date of the card.
9.2 Backups and storage drives
All backups and storage are encrypted to protect your data from unauthorized physical access. Backups are stored on servers owned by us where only we have access to them in RAID-5 or RAID-6.
We reserve the right to make changes to this privacy policy at any time. Please visit this page periodically to stay up to date on any changes.
AddRevenue.io
If you place an order after clicking on an affiliate link from addrevenue.io, certain technical information may be shared with them in order to process your order. This is done in accordance with our privacy policy and applicable legislation.
11.1 Your ticket or email conversation may be automatically filtered through OpenAI’s API to remove offensive or harassing content.
11.2 The purpose is to protect the working environment of our support staff and to prevent them from being exposed to unpleasant or abusive messages. This also ensures a more positive and professional experience for you when contacting our support.
11.3 According to OpenAI’s policy, no information is stored from these API requests, and no data is used for training or further development of AI models. All data is immediately deleted after filtering.
11.3.1 Example of filtering: If a message includes personal insults or rude remarks along with a support request, the insulting parts are removed, and our support team only receives the core request. For instance, “You are all incompetent. Fix my billing issue!” becomes “Please assist with my billing issue.” This ensures that our staff are not subjected to abusive content but can still address your question or problem.
11.4 If you mark your message as containing sensitive information, it will not be automatically filtered through the API. Instead, it will be handled manually by our support staff. Please note that this may affect the processing time.
12.1 We use the third-party service Fortnox to manage our accounting, invoicing and finances. These services have access to the necessary personal data to perform their tasks in accordance with our agreements and applicable data protection regulations.
Last updated: 05/01/2025