Privacy Policy

Last updated: February 16, 2026

BlueVPS OÜ ("we", "us", or "our") is committed to protecting your privacy. We operate the website blueservers.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our hosting services.

We act as the Data Controller for your personal data regarding account registration, billing, and marketing.

1. Information We Collect and Legal Basis

We process your data based on specific legal grounds as required by GDPR:

A. Information You Provide to Us (Performance of Contract)

To provide hosting services, we need to process certain data. Without this, we cannot fulfill our contract with you.

  • Account Data: Name, email address, phone number, company name, VAT ID.
  • Billing Data: Billing address, payment transaction logs (we do not store full credit card numbers; these are handled by our payment processors).
  • Communication: Records of your tickets, chats (via tawk.to), and emails with our support team.

B. Information Collected Automatically (Legitimate Interest & Consent)

  • Usage Data: IP address, browser type, device info, operating system, and timestamp of visits. We use this for security (fraud prevention) and service optimization.
  • Cookies & Tracking: We use pixels and cookies for analytics and marketing. This is processed based on your Consent (managed via our Cookie Banner).

2. How We Use Your Information

We use the collected data for the following purposes:

  • Service Provision: To create your VPS/Dedicated server, process payments, and provide technical support.
  • Billing & Legal Compliance: To generate invoices and comply with tax/accounting laws in Estonia and the EU.
  • Security: To detect spam, prevent fraud, and ensure network security (e.g., DDoS protection).
  • Marketing: To send you newsletters or promotional offers (only if you have opted-in). You can opt-out at any time.
  • Analytics: To understand how users interact with our website using tools like Google Analytics.

3. Sharing Your Information (Recipients)

We do not sell your personal data. However, we may share data with trusted third-party service providers ("Processors") to run our business:

  • Payment Processors: Stripe, PayPal, and others (to process your payments securely).
  • Software Vendors (Licensing): When you purchase proprietary software licenses (e.g., Microsoft Windows, cPanel, DirectAdmin, ISPmanager), we share necessary technical data (such as server IP address and hostname) with the respective software vendors for licensing validation and activation purposes.
  • Customer Support: tawk.to (chat widget provider).
  • Analytics & Ads: Google Analytics, Meta (Facebook), LinkedIn, X (Twitter) (for website analysis and ad performance).
  • Infrastructure: Data centers where your servers are physically located (only necessary technical data).
  • Legal Authorities: If required by law, court order, or to protect our rights.

4. International Data Transfers

As a global hosting provider, we may transfer data to partners outside the European Economic Area (EEA), for example, to data centers in Singapore or software providers in the USA.

When we transfer data to "third countries," we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or Adequacy Decisions.

5. Data Retention

  • Account & Billing Data: Kept for 7 years after contract termination (as required by Estonian accounting and tax laws).
  • Marketing Data: Kept until you unsubscribe (Opt-out).
  • Logs & Technical Data: Retained for a limited period for security auditing, then deleted or anonymized.

6. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can correct inaccurate or incomplete data in your Client Area.
  • Right to Erasure ("Right to be Forgotten"): You can ask us to delete your data if it’s no longer needed for the contract or legal obligations.
  • Right to Restrict Processing: You can ask us to pause processing your data in certain cases.
  • Right to Data Portability: You can request your data in a structured, machine-readable format to transfer to another provider.
  • Right to Object: You have the absolute right to object to direct marketing at any time.
  • Right to Withdraw Consent: If we process data based on consent (e.g., cookies), you can withdraw it anytime.

To exercise these rights, please contact us at privacy@blueservers.com. We will respond within one month.

7. Cookies

We use cookies to improve your experience. For detailed information on the types of cookies we use (including Google Analytics and marketing pixels) and how to manage them, please refer to our separate Cookie Policy.

8. Security

We implement technical and organizational measures to protect your data (SSL encryption, access controls, firewalls) in accordance with Article 32 of the GDPR. However, no method of transmission over the Internet is 100% secure.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@blueservers.com
  • Company: BlueVPS OÜ
  • Address: Kesklinna linnaosa, Kaupmehe tn 7-120, Tallinn, Estonia.
  • VAT ID: EE102209482
  • Cisco logo
  • Dell_logo
  • HP logo
  • Intel logo
  • Juniper logo
  • Ripe_ncc logo
  • Supermicro Iogo