Privacy Policy

Effective Date: February 1, 2026
Last Updated: February 8, 2026

Nitro Cloud LTD ("we," "us," "our," or "Nitro Cloud") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website (nitro4cloud.com) and services. We operate in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Dutch data protection laws.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

1. Data Controller

The data controller responsible for your personal data is:

  • Company: Nitro Cloud LTD
  • Address: Acad. Mihail Arnaudov St. No. 3, Floor 3, 7000 Ruse, Bulgaria
  • Data Center: Amsterdam (AMS01)
  • Email: noreply@nitro4cloud.com

2. Information We Collect

2.1 Personal Data Provided by You

When you register for an account, purchase services, or contact us, we may collect:

  • Full name and surname
  • Email address
  • Phone number
  • Billing and postal address
  • Company name and VAT number (if applicable)
  • Payment information (credit card details, bank account information)
  • Government-issued identification (when required for fraud prevention or legal compliance)

2.2 Data Collected Automatically

When you visit our website or use our services, we automatically collect:

  • IP address and geolocation data
  • Browser type, version, and language preferences
  • Operating system and device information
  • Pages visited, time spent, and navigation patterns
  • Referring website or source
  • Server logs, including access and error logs
  • Session identifiers and cookies

2.3 Data Related to Service Usage

In the course of providing hosting services, we may process:

  • Domain names and DNS records
  • Server resource usage (CPU, memory, bandwidth, disk space)
  • Email metadata (sender, recipient, timestamps — not email content)
  • Support ticket communications
  • Service configuration data

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Contractual Necessity (Art. 6(1)(b)): Processing necessary to fulfill our service agreements with you, including account management, billing, and service delivery.
  • Legitimate Interest (Art. 6(1)(f)): Processing necessary for our legitimate business interests, such as fraud prevention, network security, service improvement, and analytics.
  • Legal Obligation (Art. 6(1)(c)): Processing required to comply with applicable laws, including tax regulations, law enforcement requests, and regulatory requirements.
  • Consent (Art. 6(1)(a)): Where you have given explicit consent, such as subscribing to marketing communications. You may withdraw consent at any time.

4. How We Use Your Data

We use the collected information for the following purposes:

  • Provisioning, managing, and maintaining your hosting services
  • Processing payments and managing billing cycles
  • Providing customer support and resolving technical issues
  • Sending transactional communications (invoices, service notifications, renewal reminders)
  • Detecting, preventing, and addressing fraud, abuse, and security threats
  • Improving our services, website, and user experience
  • Complying with legal and regulatory obligations
  • Sending marketing communications (only with your explicit consent)
  • Generating anonymized and aggregated analytics

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the operation of our website and services, including session management and authentication. These cannot be disabled.
  • Functional Cookies: Enable enhanced functionality and personalization, such as language preferences and saved settings.
  • Analytics Cookies: Help us understand how visitors interact with our website, enabling us to improve our services. We use tools such as Google Analytics.
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness. These are only set with your consent.

5.2 Managing Cookies

You can manage your cookie preferences through your browser settings or through our cookie consent banner. Please note that disabling certain cookies may affect the functionality of our website and services.

6. Data Sharing and Third Parties

6.1 Third-Party Service Providers

We may share your data with trusted third-party providers who assist us in operating our business:

  • Payment Processors: For secure payment processing (e.g., credit card processors, PayPal)
  • Domain Registrars: For domain registration and management (WHOIS data as required by ICANN)
  • Anti-Fraud Services: For identity verification and fraud prevention
  • Analytics Providers: For website analytics and performance monitoring
  • Communication Providers: For email delivery and customer notifications
  • Data Center Partners: For infrastructure and network services

6.2 Legal Disclosures

We may disclose your data when required by law, regulation, legal process, or governmental request, or when necessary to protect our rights, property, or safety, or that of our users and the public.

6.3 International Data Transfers

Your data is primarily stored and processed in our Amsterdam (AMS01) data center within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Active Account Data: Retained for the duration of your account and service subscription.
  • Billing and Financial Records: Retained for a minimum of 7 years after the last transaction, as required by Dutch and EU tax and accounting regulations.
  • Support Communications: Retained for 3 years after ticket closure for quality assurance and dispute resolution.
  • Server Logs: Retained for up to 12 months for security and troubleshooting purposes.
  • Marketing Consent Records: Retained for 3 years after consent withdrawal for compliance documentation.
  • Terminated Account Data: Deleted or anonymized within 90 days of account termination, unless longer retention is required by law.

8. Your Rights Under GDPR

As a data subject, you have the following rights under the GDPR:

  • Right of Access (Art. 15): You may request a copy of all personal data we hold about you.
  • Right to Rectification (Art. 16): You may request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): You may request deletion of your personal data ("right to be forgotten"), subject to legal retention requirements.
  • Right to Restriction (Art. 18): You may request that we restrict the processing of your data under certain circumstances.
  • Right to Data Portability (Art. 20): You may request your data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21): You may object to the processing of your data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent (Art. 7(3)): Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.

To exercise any of these rights, please contact us at noreply@nitro4cloud.com. We will respond to your request within 30 days, as required by the GDPR.

9. Data Security

We implement comprehensive technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Firewalls, intrusion detection systems (IDS), and DDoS protection
  • Regular security audits and vulnerability assessments
  • Access controls and role-based permissions for staff
  • Secure data center facilities with physical access controls, CCTV, and biometric authentication
  • Regular data backups with encrypted storage
  • Employee training on data protection and security best practices

Despite our best efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any data breach in accordance with GDPR Article 33 and Article 34.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16 without parental consent, we will promptly delete such data.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. We will notify you of significant changes by posting the updated policy on our website and, where appropriate, by email. We encourage you to review this page periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

  • Email: noreply@nitro4cloud.com
  • Company: Nitro Cloud LTD
  • Address: Acad. Mihail Arnaudov St. No. 3, Floor 3, 7000 Ruse, Bulgaria

You may also contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at https://autoriteitpersoonsgegevens.nl if you believe your data protection rights have been violated.

WordPress
Joomla
Magento
Drupal
jQuery
MySql
Python
Contact Us
Copyright © 2026 Nitro Cloud LTD. All Rights Reserved.