Effective Date: February 3, 2026

Company: Xponzy Tech LLC
State/Country: New York, United States
Website: https://xponzy.com
Privacy Contact: privacy@xponzy.com

1. Introduction

Xponzy Tech LLC ("Xponzy," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our services, including hosting, VPS, game servers, SaaS platforms, domain registration, and related services (collectively, "Services").

This Privacy Policy applies to information we collect through our website, customer portals, and Services. By using our Services, you consent to the data practices described in this policy.

2. Information We Collect

We collect several types of information from and about users of our Services:

2.1 Personal Information You Provide

  • Identity Data: Name, username, title, company name
  • Contact Data: Email address, billing address, phone number
  • Financial Data: Payment card details, PayPal information, billing address (processed through payment processors; we do not store complete card numbers)
  • Account Data: Username, password, security questions and answers
  • Transaction Data: Details about payments, purchases, and services you have obtained from us
  • Support Data: Information you provide when contacting customer support, including support tickets, live chat messages, and email correspondence

2.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, time zone setting, operating system and platform, device information
  • Usage Data: Information about how you use our website and Services, including server logs, access times, pages viewed, and navigation paths
  • Cookie Data: Information collected through cookies and similar tracking technologies (see Section 5)

2.3 Service-Specific Data

  • Hosting/Server Data: Files, databases, emails, and other content you store on our servers
  • Domain Data: Domain registration information, WHOIS data, DNS records
  • Game Server Data: Game world data, player data, server configurations, and logs
  • Application Data: Data generated by SaaS applications you use through our Services

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Maintain Services

  • Create and manage your account
  • Provision and deliver the Services you have purchased
  • Process payments and transactions
  • Provide customer support and respond to your inquiries
  • Monitor and maintain system performance, security, and availability

3.2 To Improve and Develop Services

  • Analyze usage patterns to improve user experience
  • Develop new features and Services
  • Conduct research and analysis
  • Test and troubleshoot new products and features

3.3 For Communication

  • Send service-related notifications and updates
  • Send billing statements and payment reminders
  • Notify you of changes to our Services or policies
  • Respond to your requests and questions
  • Send marketing communications (with your consent where required)

3.4 For Security and Fraud Prevention

  • Detect, prevent, and address fraud, security breaches, and abuse
  • Verify identity and prevent unauthorized access
  • Monitor for violations of our Terms of Service and Acceptable Use Policy
  • Protect our rights, property, and safety and that of our users

3.5 For Legal Compliance

  • Comply with legal obligations and regulatory requirements
  • Respond to lawful requests from public authorities
  • Enforce our Terms of Service and other agreements
  • Resolve disputes and pursue remedies

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Performance of a Contract: Processing is necessary to perform our contract with you (providing Services)
  • Legitimate Interests: Processing is in our legitimate interests (e.g., fraud prevention, network security, improving Services), provided such interests are not overridden by your rights
  • Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications)
  • Legal Obligation: Processing is necessary to comply with legal obligations

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your use of our website and Services.

5.1 Types of Cookies We Use

  • Essential Cookies: Required for the operation of our website and Services (e.g., authentication, security)
  • Analytics Cookies: Help us understand how visitors use our website (e.g., Google Analytics)
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Track your activity to deliver relevant advertising (with consent where required)

5.2 Managing Cookies

Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies. Note that disabling cookies may affect your ability to use certain features of our Services. You can manage your cookie preferences through your browser settings or by using opt-out tools provided by third-party analytics services.

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Payment Processors: Stripe and PayPal process payments (they have their own privacy policies)
  • Infrastructure Providers: Data center operators, cloud service providers, and network providers that help deliver our Services
  • Analytics Providers: Services like Google Analytics that help us understand usage patterns
  • Customer Support Tools: Ticketing systems and communication platforms
  • Fraud Prevention Services: Services that help detect and prevent fraudulent activity

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

6.2 Legal Requirements and Protection

We may disclose your information if required by law, court order, or other legal process, or if we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect and defend our rights or property
  • Prevent fraud or security breaches
  • Protect the safety of our users or the public

6.3 Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

6.4 With Your Consent

We may share information with third parties when you have given us explicit consent to do so.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your country.

When we transfer personal data from the EEA, UK, or Switzerland to other countries, we implement appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield certification (where applicable)
  • Other legally recognized transfer mechanisms

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account Data: Retained while your account is active and for a reasonable period thereafter (typically 30-90 days after account closure)
  • Transaction and Billing Data: Retained for accounting, tax, and legal compliance purposes (typically 7 years)
  • Support and Communication Data: Retained for reasonable periods to provide support and maintain service quality (typically 3-5 years)
  • Technical and Usage Data: Retained for operational purposes (typically 1-3 years)
  • Marketing Data: Retained until you unsubscribe or withdraw consent

After the retention period expires, we securely delete or anonymize your personal data. We may retain certain information for longer periods when required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution).

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest (where appropriate)
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security
  • Incident response and breach notification procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

10. Your Rights and Choices

10.1 Rights Under GDPR (EEA, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
  • Right to Restriction of Processing: Request that we limit how we use your personal data
  • Right to Data Portability: Request a copy of your data in a structured, machine-readable format
  • Right to Object: Object to our processing of your personal data based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

10.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights:

  • Right to Know: Request information about the categories and specific pieces of personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: Not receive discriminatory treatment for exercising your privacy rights
  • Right to Limit Use of Sensitive Personal Information: Request limits on use of sensitive personal information

10.3 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@xponzy.com. We will respond to your request within the timeframes required by applicable law (typically 30 days for GDPR requests, 45 days for CCPA requests).

We may need to verify your identity before processing your request. You may designate an authorized agent to make requests on your behalf, subject to verification.

10.4 Marketing Communications

You can opt out of receiving marketing communications from us at any time by:

  • Clicking the "unsubscribe" link in marketing emails
  • Updating your communication preferences in your account settings
  • Contacting us at privacy@xponzy.com

Note that even if you opt out of marketing communications, we will still send you service-related messages (e.g., billing notifications, account alerts).

11. Children's Privacy

Our Services are not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information. If you believe we have collected information from a child under 13, please contact us at privacy@xponzy.com.

12. Third-Party Links and Services

Our website and Services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website with a new "Effective Date"
  • Sending an email notification to the address associated with your account (for material changes)
  • Displaying a prominent notice on our website or Services

Your continued use of our Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated Privacy Policy, you must stop using our Services.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Xponzy Tech LLC
Privacy Officer
Email: privacy@xponzy.com
Website: https://xponzy.com

For GDPR-related inquiries from the EEA, UK, or Switzerland, you may also contact us at the email address above.

For CCPA-related inquiries from California, you may call our toll-free number at the contact information provided in your account portal, or email privacy@xponzy.com.

15. Data Protection Officer

If required by applicable law, we will appoint a Data Protection Officer. You can contact our Data Protection Officer at privacy@xponzy.com.