Privacy Policy for isnhosting.net

Effective Date: January 17, 2026

Compliance Standards: PIPEDA (Canada), GDPR (EU/Germany), LFPDPPP (Mexico)

1. Introduction

isnhosting.net (“we”, “us”, or “our”) is a global web hosting and server provider based in Ontario, Canada. We operate under a “Privacy by Design” framework to protect personal information in compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the European General Data Protection Regulation (GDPR), and Mexico’s Federal Personal Data Protection Law (LFPDPPP).

2. Responsibility and Contact Information

We have appointed a Privacy Officer to oversee our global data protection practices.

  • Corporate Headquarters: 41 Church St, Forest, Ontario, N0N 1J0, Canada
  • Email: privacy@isnhosting.net
  • Regional Support: Mexico Office (Technical and AI Support)

3. Data Residency and the “Munich Shield”

We prioritize data sovereignty to protect our clients from intrusive surveillance laws.

  • Primary Storage: All customer-hosted data (web files, SaaS databases, Linux containers, and Survey data) is stored exclusively on secure physical infrastructure located in Munich, Germany.
  • Legal Framework: By hosting in Munich, your data is protected by the strict German Federal Data Protection Act (BDSG) and the GDPR.
  • Disclosure: You acknowledge that data stored in a foreign jurisdiction may be subject to lawful access requests by the courts or law enforcement of that jurisdiction (Germany) according to local laws. We do not store client-hosted content in our Canadian or Mexican offices.

4. AI Data Processing (OpenAI & Google Gemini)

When providing AI agent development and chatbots, we use OpenAI and Google Gemini as authorized sub-processors.

  • No-Training Guarantee: We utilize Business/Professional API-tier access. Under these agreements, your Input Data is not used to train the public models of these providers.
  • Data Transit: Only the specific data required for an AI prompt is transmitted through encrypted tunnels. We do not retain copies of these prompts after the session concludes unless required for “long-term memory” features requested by the client.

5. International Data Transfers

While hosted data remains in Germany, our global team may access administrative metadata (e.g., account email, billing status) via encrypted VPN tunnels with Multi-Factor Authentication (MFA):

  • Canada: Billing, legal compliance, and corporate administration.
  • Mexico: Technical support and AI troubleshooting.

All cross-border transfers are governed by Standard Contractual Clauses (SCCs) to ensure a level of protection consistent with GDPR and PIPEDA.

6. Information We Collect

  • Account Details: Name, business name, and contact information.
  • Financial Data: Billing address and payment metadata. We do not store full credit card numbers; all transactions are handled by PCI-DSS compliant processors in CAD, USD, or MXN.
  • Technical Data: IP addresses and access logs used strictly for DDoS mitigation and server security.
  • Cookies: We use “strictly necessary” session cookies to maintain your secure login. We do not use third-party tracking or marketing cookies without your explicit opt-in.

7. Data Retention & Erasure

  • Hosted Data: Permanently purged from Munich servers within 30 days of account termination or non-payment.
  • Account Records: Retained for 7 years to comply with Canada Revenue Agency (CRA) requirements.
  • Minors: Our services are intended for business entities. We do not knowingly collect data from individuals under the age of 18 (Canada/Mexico) or 16 (EU).

8. Data Breach Notification

In the event of a security breach involving a “Real Risk of Significant Harm” (RROSH), we will notify affected individuals and the relevant regulatory authorities (such as the OPC in Canada) without undue delay and within 72 hours of discovery where feasible, as per GDPR requirements.

9. Your Rights and Human Oversight

You have the right to Access, Rectification, and Erasure of your data.

  • Withdrawal of Consent: You may withdraw consent at any time by emailing our Privacy Officer. Note that withdrawing consent for essential billing or technical data will result in service termination.
  • Human-in-the-Loop: For AI-powered services, you have the right to request a manual review by a staff member in Canada or Mexico of any automated decisions that significantly impact your account.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by