Privacy Policy

HexaLabs Hosting is a game server hosting company based in France. We operate the website hexalabs.fr and provide game server hosting services. For GDPR purposes, HexaLabs Hosting acts as the data controller for personal data collected through our website and services.

2.1 Account & Contact Information

When you create an account or contact us, we may collect:

• Full name
• Email address
• Billing address
• Payment information (processed securely via our payment provider — we do not store raw card data)
• Communications you send to our support team

2.2 Usage & Technical Data

We automatically collect certain technical data when you visit our website:

• IP address
• Browser type and version
• Pages visited and time spent
• Referring URL
• Device and operating system type

2.3 Server Activity Data

For the servers you manage with us, we may collect performance metrics, resource usage statistics, and activity logs for the purpose of providing and improving our hosting services. This data relates to server activity, not the content of communications between players.

We use your personal data to:

• Create and manage your hosting account
• Process payments and send invoices
• Provide technical support
• Monitor server health and performance
• Send important service notifications (e.g., maintenance windows)
• Comply with legal obligations
• Improve our website and services

We will only send you marketing communications if you have explicitly opted in, and you can unsubscribe at any time.

Under the GDPR, we rely on the following legal bases:

• Contract performance: processing necessary to fulfill our hosting services agreement with you
• Legal obligation: processing required to comply with applicable laws
• Legitimate interests: such as fraud prevention, network security, and service improvement
• Consent: where you have specifically consented, such as to marketing emails

We do not sell your personal data to anyone, ever. We may share data with trusted third parties only as necessary:

• Payment processors — to securely handle billing (e.g., Stripe). These providers operate under their own privacy policies and GDPR compliance frameworks.
• Infrastructure providers — hosting partners operating within the EU/France.
• Legal authorities — if required by law, court order, or to protect the rights and safety of HexaLabs or our users.

We retain your personal data only for as long as necessary to provide our services and comply with legal obligations. Account data is retained for the duration of your account. After account deletion, we may retain anonymised usage data and billing records for up to 5 years as required by French law.

As a user in the EU, you have the following rights regarding your personal data:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate data
• Right to erasure: request deletion of your data ("right to be forgotten")
• Right to restriction: request that we limit how we process your data
• Right to data portability: receive your data in a machine-readable format
• Right to object: object to processing based on legitimate interests
• Right to withdraw consent: at any time, without affecting prior processing

To exercise any of these rights, contact us at privacy@hexalabs.fr. We will respond within 30 days as required by GDPR.

Our website uses a minimal set of cookies, strictly necessary for operation (e.g., session management). We do not use advertising cookies or third-party tracking cookies. If we introduce analytics in the future, we will update this policy and request your consent where required.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All data is transmitted over encrypted connections (HTTPS/TLS). Access to personal data is strictly limited to authorised personnel.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by placing a prominent notice on our website. The date at the top of this page reflects the most recent update.