Privacy Policy

From 1st July, 2018 all BHost services will be provided by Mythic Beasts Ltd.
Learn more

At BHost, we are committed to protecting your data. We’ll never sell it. And we’ve never had a security breach. To learn more about how we use your data — and how we keep it safe — please take a moment to review our privacy policy.

Website Privacy Policy

BHost collects information during the registration process. You may update any of your details at any time by contacting us, or using the online control panel. BHost will not sell, lease or rent its client information to any third parties.

BHost will not send you any unsolicited information, including e-mail, except as mentioned below. BHost may send periodic member letters to announce important service changes, new features, technical issue updates and news about other products and services. BHost may also contact you to conduct research about your opinion of current and prospective services via e-mail surveys. We may contact you with special offers, discount coupons or to remind you about an incomplete order. BHost will not share your e-mail address or any of your personal data with any third parties.

BHost keeps your personally identifiable information private and does not share it with any third parties. BHost will not disclose your Personal Information unless acting under a good faith belief that such action is necessary to: (1) conform to legal requirements or comply with legal process; (2) protect and defend the rights or property of BHost; (3) enforce the BHost Terms and Conditions; or (4) act to protect the interests of its clients or others.

We use IP addresses, URLs of requested resources, timestamps and HTTP user-agents to analyse trends, administer the system and gather broad demographic information for aggregate use. In addition to this we use Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses cookies, to help analyse how visitors use our site. The information generated by the cookie about the use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your Web browser, however please note that if you do this you may not be able to make full use of our website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can learn more about Google Analytics privacy by visiting the Google website.

We use cookies to track visits to our website which come via an affiliate link. This allows us to attribute a sale to an affiliate in order to pay commission. The cookie lasts three years and simply stores a unique affiliate ID number. No personally identifiable information is stored in the cookie.

Privacy Shield

As a U.S. entity, we are an active participant in and comply with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce and the European Commission. The framework provides BHost a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States.

General Data Protection Regulation (GDPR)

BHost fully complies with the GDPR requirements. We employ robust compliance, security, and data privacy practices to ensure the protection of all customer data. We will continue to invest in the security of our products and services to ensure they remain compliant with applicable legislation.

Purpose of collecting data

We collect personal data of our customers for account management, billing, internal marketing, fraud prevention purposes and provision of our internet hosting services. Information we collect includes customer name, address, email address, IP address, billing information, and phone number. We may share such data with third parties who provide us with billing, marketing, anti-fraud and account management tools. To enhance the security of our overall platform we log traffic flows to and from our network which can involve IP address information of non-customers. This data is purely for statistical purposes and does not contain any personally identifiable information. We never request or intentionally process sensitive personal data, and deliberately limit our exposure to personal data.

In order to provide our services we need to store and process your data as described. If you wish to withdraw consent, you must terminate all services with us and contact our support team to request deletion of your account.

Physical Security

We operate our internal services from our Amsterdam and London data center locations. More details about the physical security of these facilities can be found on our infrastructure page. Access to our physical infrastructure is strictly controlled and audited.

System Security

All communications to our website and customer portal (my.BHost) uses TLS (HTTPS) encryption. All internal data movement (e.g. API calls) also uses TLS (HTTPS) encryption.

Systems are protected through key-based authentication and access is limited by Role-Based Access Control (RBAC). Only authorized engineering personnel have access to server systems or databases, and all access to these systems by our personnel is logged and audited on a regular basis. Personnel have access to customer services purely for the purposes of diagnosing issues and providing technical support, as well as preventing abuse. Any such access is logged and audited on a regular basis.

Our applications are protected by an industry-leading web application firewall (WAF) and all software releases are subject to internal peer-review and security-compliance checks.

Customer Virtual Machines

Customers can rely on our compliance with GDPR for the purposes of their own data protection compliance bearing in mind your obligations to implement effective security practices. We recommend customers implement best security practices such as using key-based authentication, whitelisting authorized access IPs, etc.

Responsible Vulnerability Disclosure

Our goal is to keep BHost safe and secure for everyone. If you have discovered a security vulnerability we would greatly appreciate your help in disclosing it to us in a responsible manner.

If you have discovered a potential vulnerability we would greatly appreciate you informing our SIRT team at management@BHost.net.