Summer Promo 2026: use code summer2026 for 20% off KVM servers.Learn More
Hotline+44 (0) 745 816 44-49

Privacy Policy

This Privacy Policy explains how ISPLABS LIMITED, as the primary service provider and controller of customer personal data, collects, uses, shares, and protects your personal data when you use our services.

Effective and last updated: 12 June 2026
Information We Collect
  • Full Name
  • Email address
  • Country of residence
  • Password (securely encrypted)
  • IP address, device, browser, and service usage information

We do not store full payment card details or online banking credentials on our servers. Depending on the selected method and region, payments and related data are processed by third-party payment providers, banks, and payment collection partners:

  • Bank transfers - Tide (ClearBank Limited) for SEPA EUR and UK local transfers; Wise (formerly TransferWise); UK bank transfers; US checking-account transfers; local transfers in Türkiye, Singapore, and Hong Kong; and other SEPA transfers. Tide · ClearBank · Wise
  • T-Bank (Russia) - payments accepted through Individual Entrepreneur Serikov Artur Aleksandrovich for Russian-market payment acceptance and settlement.
  • Stripe - for international bank card payments; cards issued in Russia are not supported. Learn more about their security practices here.
  • Cryptomus - for cryptocurrency transactions. Read their privacy policy here.
How We Use Your Data
  • To provide and improve our services
  • For billing purposes
  • To ensure security and prevent fraud
  • To send important service-related notifications

Where enabled, we may use limited technical and marketing data, such as IP address, approximate location, referral information, and campaign attribution data, to measure and optimize advertising campaigns on platforms such as Google Ads and similar providers.

What we share: Depending on the tool and configuration used, we may share aggregated data, pseudonymous identifiers, technical event data, and campaign attribution information with analytics, advertising, payment, hosting, support, fraud-prevention, and infrastructure providers.

What we do not share: We do not sell your personal data, and we do not share more data than is reasonably necessary for the relevant purpose.

Legal Bases for Processing
  • We process personal data as necessary to perform a contract with you, including account creation, service delivery, billing, fraud prevention, and customer support.
  • We may process personal data to comply with legal obligations, including accounting, tax, anti-fraud, and law-enforcement response obligations.
  • We may process certain data based on our legitimate interests, such as maintaining platform security, preventing abuse, enforcing our terms, improving service reliability, and measuring the effectiveness of our marketing.
  • Where required by applicable law, we rely on your consent for non-essential cookies, similar technologies, or comparable marketing-related processing, and you may withdraw that consent at any time.
Your Rights
  • The right to access your data
  • The right to correct inaccurate data
  • The right to request erasure of your data, subject to legal and contractual limitations
  • The right to request restriction of processing in certain circumstances
  • The right to object to certain processing, including certain direct marketing or legitimate-interest processing
  • The right to data portability where applicable
  • The right to withdraw consent at any time where processing is based on consent
  • The right to lodge a complaint with your local supervisory authority or the competent UK data protection authority, where applicable
Controller Information

ISPLABS LIMITED is the primary service provider and controller responsible for personal data processed in connection with our services.

Registered office: 128 City Road, London, United Kingdom, EC1V 2NX. Contact: ilja@phylex.net.

Categories of Recipients

We may share personal data with payment providers, hosting and infrastructure providers, security and anti-fraud providers, analytics providers, customer support tools, professional advisers, and public authorities where required by law.

For certain payments intended for the Russian market, payment acceptance details may be processed through Individual Entrepreneur Serikov Artur Aleksandrovich solely for payment acceptance, settlement, accounting, and related compliance purposes. ISPLABS LIMITED remains the primary service provider unless expressly stated otherwise.

Data Sharing & Disclosure

We may disclose personal data to service providers acting on our behalf, affiliated payment collection partners where applicable, professional advisers, payment processors, banks, fraud-prevention providers, and competent authorities where necessary to provide services, process payments, enforce our terms, protect our rights, investigate abuse, or comply with applicable law.

Data Retention

Account and service data is generally retained while the account or service relationship remains active and for a limited period afterwards where needed for account closure, support, security, fraud prevention, disputes, or legal claims. Service data scheduled for deletion may remain temporarily in restricted backups until the relevant backup cycle expires.

Invoices, transaction records, payment references, and accounting or tax records may normally be retained for up to six years after the relevant financial period or transaction, and longer where required by law, an audit, a payment dispute, sanctions or fraud controls, or legal proceedings. Support and security records are retained according to their sensitivity, operational relevance, and the applicable limitation or compliance period, with access restricted to authorized personnel.

Payment Data Retention

We do not process or store customers' full payment card details or online banking credentials on our servers. Card payments are processed by Stripe, cryptocurrency payments by Cryptomus, and bank transfers by the relevant banks or payment providers, including Tide (ClearBank Limited), Wise, and regional banking partners.

Payment credentials are submitted directly to the applicable payment provider or financial institution over its payment interface or banking network. We do not have access to full card details, cryptocurrency wallet private keys, or customers' online banking credentials.

We and, for applicable Russian-market payments, Individual Entrepreneur Serikov Artur Aleksandrovich may receive and retain limited payment-related information such as payer name, account or wallet identifiers, partial card or bank metadata, billing country, payment status, anti-fraud signals, transaction references, and transfer remittance details as needed for reconciliation, accounting, support, fraud prevention, compliance, refunds, and dispute handling. Retention is limited according to the relevant purpose and applicable legal obligations.

International Data Transfers

Because our providers, infrastructure, support tools, and payment partners may operate in multiple countries, your personal data may be processed outside your country and, where applicable, outside the UK or EEA. Where required, we take reasonable steps to use appropriate safeguards for such transfers under applicable data protection law.

Establishing Contact

When you contact us, for example via a contact form or email, personal data is processed solely for the purpose of processing and responding to your enquiry and only to the extent necessary for this purpose.

Cookies and how we use them

We use cookies and similar browser storage where necessary to provide requested website functions, maintain security and sessions, and remember choices such as language, currency, country, and VAT display. These technologies are not used by us to sell personal data.

The current public website does not intentionally place advertising or behavioural-tracking cookies. If non-essential analytics, advertising, or comparable technologies are introduced, they will be disabled until valid consent is obtained where required, and an appropriate preference control will be provided.

You can remove cookies, local storage, and session storage through your browser controls. Removing functional preferences may reset language, currency, country, VAT, interface, or cached-display settings, but should not prevent access to the public legal pages.

Cookies and Browser Storage Used

locale cookie - remembers the selected interface language for up to one year.

locale local storage - remembers the selected interface language until it is changed or browser storage is cleared.

selectedCountry, selectedCurrency, and includeVat local storage - remember regional price-display and VAT preferences until changed or browser storage is cleared.

Session storage entries used for review and rating display cache are retained for the current browser session and reduce repeated requests to our server-side review integration.

Interface-state cookies or local storage may be used where a requested account or navigation feature needs to remember its state. Session and authentication technologies used in the customer area are retained for the session or the security period configured for that feature.

If you have any questions about this Privacy Policy, you can contact us at: ilja@phylex.net