Privacy policy for the DediStart website and services.

1. Data controller

The data controller responsible for your personal data is:

REDCLUSTER LTD
Registered address: Medousis 26, Office 202, Larnaca, 6059, Cyprus
Company number: HE387801
Email: [email protected]
Website: dedistart.com

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, you may contact us at the email address above.

2. Personal data we collect

We may collect and process the following categories of personal data:

• Full name
• Company name
• Billing address
• Email address
• Telephone number
• Country
• VAT number or tax number, where applicable
• Order details and transaction history
• Invoices and billing records
• Payment-related information provided by payment processors
• IP addresses
• Login timestamps
• Authentication and account access logs
• Browser, device and operating system information
• Website usage data
• Cookies and similar technologies
• Referral and campaign tracking data
• Support tickets, emails, phone call notes and other communications
• Fraud prevention, abuse prevention and security-related records
• Service-related administrative data, such as assigned IP addresses, server location, service configuration, abuse reports, suspension records and compliance records

We do not store full payment card details on our own systems unless expressly stated otherwise. Payments are generally processed by third-party payment providers.

We may also store other personal data that you voluntarily disclose when communicating with us by email, ticket, phone or other means.

3. How we collect your data

We may collect personal data:

• when you visit our website;
• when you create an account;
• when you place an order;
• when you use our services;
• when you contact us by email, support ticket, phone or other channels;
• when you fill in forms on our website;
• when you subscribe to marketing communications;
• when you respond to surveys or feedback requests;
• from payment processors, anti-fraud providers or compliance partners where necessary;
• from publicly available sources where necessary for fraud prevention, sanctions screening, legal compliance or dispute handling.

4. Legal bases for processing

We process personal data only where we have a lawful basis to do so under applicable law. Depending on the circumstances, we rely on one or more of the following legal bases:

• Performance of a contract – where processing is necessary to provide the services you requested, manage your account, process orders, provision services, send invoices, receive payments or provide support.
• Legal obligation – where processing is necessary to comply with accounting, tax, legal, regulatory or law enforcement obligations.
• Legitimate interests – where processing is necessary for fraud prevention, abuse prevention, service security, network and information security, internal administration, dispute resolution, legal defence, service improvement or limited direct marketing where permitted by law.
• Consent – where required by law, including for non-essential cookies, analytics, advertising technologies and marketing communications.

5. How we use your data

We may use your personal data to:

• create and manage your account;
• provide hosting, server and related services;
• process orders, renewals, upgrades, downgrades and cancellations;
• send invoices, payment confirmations and service notices;
• provide customer support;
• verify identity, order legitimacy or payment risk where necessary;
• prevent fraud, abuse, chargebacks and unauthorized access;
• maintain the security, stability and integrity of our website, systems and services;
• detect, investigate and prevent technical issues or security incidents;
• comply with legal obligations and lawful requests from authorities;
• improve our website, services and user experience;
• measure the effectiveness of advertising and marketing campaigns;
• send marketing communications where you have consented or where otherwise permitted by law.

6. Cookies and similar technologies

Our website uses cookies and similar technologies to provide functionality, improve performance, understand how visitors use the website, measure marketing performance and, where permitted, support advertising and remarketing.

Cookies may include:

• Strictly necessary cookies – used for core website functionality, security, session management, fraud prevention and essential technical operation. These do not require consent where permitted by law.
• Analytics cookies – used to understand how visitors interact with our website, improve usability and measure performance.
• Advertising and remarketing cookies – used to measure campaigns, build audiences, personalize ads where applicable and show our ads to previous visitors on third-party platforms.
• Preference cookies – used to remember selected settings or choices.

Where required by law, non-essential cookies are only set after you provide your consent through our cookie banner or consent management mechanism.

You can accept, reject or modify your cookie preferences through our cookie banner when visiting the website. You may also delete or block cookies through your browser settings, although doing so may affect some website functionality.

7. Analytics, Google Ads and Microsoft Clarity

Subject to your consent where required, we may use third-party analytics and advertising services to better understand website usage, improve performance, detect issues, measure conversions and display relevant advertising.

These services may collect information such as:

• IP address
• browser and device information
• approximate geographic location
• pages viewed
• session duration
• referral source
• clicks, scrolls and other interaction data
• conversion-related information

The services we may use include:

• Google Ads, including conversion tracking and remarketing features;
• Google Analytics;
• Microsoft Clarity.

If enabled based on your consent, Google Ads and related technologies may use cookies or similar technologies to help us measure campaign performance and show ads to users who previously visited our website.

If enabled based on your consent, Google Analytics helps us understand how visitors use our website, such as which pages are visited, how often they are visited and how users navigate the site.

If enabled based on your consent, Microsoft Clarity helps us analyze website behavior through heatmaps, session replay features and interaction analytics in order to improve usability and diagnose website issues.

8. Sharing of personal data

We may share personal data with the following categories of recipients, where necessary:

• payment processors and payment service providers;
• banks and financial institutions;
• fraud prevention and anti-abuse providers;
• email delivery providers;
• hosting, infrastructure, network or technical service providers;
• analytics and advertising providers;
• professional advisers such as lawyers, accountants, auditors or consultants;
• courts, regulators, public authorities or law enforcement where required by law;
• buyers, investors or advisers in connection with a corporate transaction, subject to confidentiality obligations.

Where third-party service providers process personal data on our behalf, we require them to process it only for authorized purposes and subject to appropriate safeguards.

9. Fraud prevention and abuse databases

Where necessary to protect our business, customers, infrastructure and payment systems, we may process and share relevant personal data for fraud prevention, chargeback prevention, abuse prevention and security purposes.

This may include sharing relevant identifiers, account details, transaction-related information, risk indicators, abuse history or other necessary data with payment providers, fraud prevention partners or anti-abuse partners where lawful and proportionate.

Where appropriate, we may reduce the amount of data shared or apply technical measures such as hashing or pseudonymization. However, this does not necessarily make the data anonymous.

10. International transfers

We aim to store and process personal data within the European Economic Area (“EEA”) where possible.

However, some of our service providers or partners may be located outside the EEA or may access personal data from outside the EEA. Where personal data is transferred outside the EEA, we will ensure that appropriate safeguards are in place as required by applicable law, such as an adequacy decision, Standard Contractual Clauses or another lawful transfer mechanism.

11. Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including legal, tax, accounting, security and dispute-resolution purposes.

Indicative retention periods may include:

• Account data: for the duration of the customer relationship and a reasonable period thereafter;
• Invoices and financial transaction records: for at least 10 years where required by applicable law;
• Support tickets and correspondence: for as long as reasonably necessary for support, record-keeping and dispute handling;
• Security, login and abuse prevention logs: for as long as reasonably necessary for security, fraud prevention, service integrity and legal defence;
• Marketing consent records: for as long as necessary to demonstrate consent or until consent is withdrawn and any required retention period expires;
• Cookie-related data: in accordance with the relevant cookie lifespan and your consent choices.

When personal data is no longer needed, we will delete it, anonymize it or securely archive it where retention is legally required.

12. Data security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, loss or destruction.

These measures may include access controls, authentication controls, logging, monitoring, staff access restrictions, encryption where appropriate and contractual safeguards with third-party processors.

However, no method of transmission or storage is completely secure and we cannot guarantee absolute security.

13. Mandatory data

Where personal data is required for us to enter into or perform a contract with you, or to comply with a legal obligation, failure to provide such data may mean that we cannot create your account, process your order, provide the requested services, accept payment or comply with legal requirements.

14. Your rights

Subject to applicable law, you may have the following rights:

• the right of access;
• the right to rectification;
• the right to erasure;
• the right to restriction of processing;
• the right to object;
• the right to data portability;
• the right to withdraw consent at any time where processing is based on consent;
• the right to lodge a complaint with a competent supervisory authority.

To exercise any of your rights, please contact us at [email protected].

15. Complaints

If you believe that we have processed your personal data unlawfully or in breach of applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority.

For Cyprus, this is the Office of the Commissioner for Personal Data Protection.

16. Third-party websites

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices, content or security of such third-party websites or services. We recommend reviewing their privacy policies before providing any personal data to them.

17. Children

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If you believe that a child has provided personal data to us, please contact us and we will take appropriate steps.

18. Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect legal, technical or business changes. Any updated version will be published on this page with a revised “Last updated” date.

19. Contact