Last Updated: 28 August 2025

1. INTRODUCTION

At Aveshost (“we,” “our,” “us”), we respect and protect the privacy of our customers, website visitors, and users of our services (“you,” “your”). This Privacy Policy explains how we collect, use, process, store, and disclose your information when you use our websites, hosting services, domain registration, cloud solutions, and related offerings (collectively, the “Services”).

By using the Services, you consent to the practices described in this Privacy Policy.

For any questions about this policy or to make a request about how we handle your personal data, please contact us at gdpr@aveshost.com.

2. GENERAL PRINCIPLES & CONFIDENTIALITY

At Aveshost, we are committed to handling all customer information responsibly and ethically. Our guiding principles include:

  1. Lawfulness, Fairness & Transparency
    • We collect and process personal data only for legitimate purposes, in a fair and transparent manner.
    • We clearly communicate why and how your information is used.
  2. Data Minimization
    • We only collect the information necessary to provide our Services and meet legal obligations.
  3. Accuracy
    • We take reasonable steps to ensure that all personal data is accurate and kept up to date.
  4. Storage Limitation
    • We do not keep personal data longer than necessary for the purposes outlined in this Privacy Policy.
  5. Integrity & Confidentiality
    • We treat all personal and business information entrusted to us as strictly confidential.
    • We never sell, rent, or disclose customer information to third parties for commercial gain.
  6. Accountability
    • We maintain detailed internal policies to demonstrate compliance with privacy and data protection laws.

3. INFORMATION WE COLLECT

We collect the following information when you use our Services, create an account, or interact with Aveshost support:

3.1. Information You Provide Directly

  • Account Information: Your name, email address, phone number, billing address, and company name. This information is required to create and manage your account, provide customer support, and issue invoices.
  • Payment Information: Credit/debit card details, mobile money, PayPal, and bank transfer information. Aveshost does not store full payment card details; all payments are processed securely through trusted third-party payment processors in compliance with PCI-DSS standards.
  • Identity Verification: Certain domain extensions and services (e.g., .bet, .gh) may require verification. In such cases, we may request government-issued IDs, business registration documents, or other proof of eligibility to comply with registry and legal requirements.
  • Support Interactions: Information you provide when contacting us through email, live chat, or support tickets, including attachments or screenshots you choose to share. These records are used to resolve your inquiries, improve our support quality, and maintain security.

3.2. Information Collected Automatically

When you access or use Aveshost Services, we automatically collect certain technical and usage information to ensure service delivery, maintain security, and improve user experience. This includes:

  • Log Data: Our servers automatically record information such as your IP address, browser type and version, internet service provider (ISP), operating system, referring/exit pages, access dates and times, and the specific pages or files you view. This information is used to monitor performance, troubleshoot technical issues, detect unauthorized access, and maintain security.
  • Cookies & Tracking Technologies:
    • Session Cookies: Essential for logging you into your account, maintaining authentication, and enabling core site functionality.
    • Persistent Cookies: Used to remember your preferences, such as language or login settings, to enhance convenience during repeat visits.
    • Analytics Tools: We use a third-party tool called Google Analytics to track aggregated usage trends, such as how users navigate the website and which pages they view. This information is anonymized and helps us improve our Services. For more information please visit Google.

In the course of providing our Services, Aveshost may receive limited information about you from trusted third-party partners and combine that with information we collect through our Services. This helps us to provide, improve, and secure our Services, and to comply with legal obligations.

4. HOW WE USE YOUR INFORMATION

Aveshost uses the information we collect strictly in line with applicable laws, legitimate business purposes, and, where required, your consent. The purposes include, but are not limited to:

  • To Provide and Maintain Services
    • Creating and managing your account, verifying your identity, and enabling you to log in securely.
    • Processing your payments and subscriptions through trusted payment processors (e.g., PayPal, Paystack, Flutterwave).
    • Registering, transferring, and managing your domain names in compliance with ICANN or local registry rules.
    • Delivering hosting services, email accounts, SSL certificates, and other products you purchase.
    • Providing ongoing technical support and responding to service requests.
  • To Secure Our Services
    • Monitoring system performance, resource usage, and to ensure stability and uptime.
    • Detecting and preventing unauthorized access, fraud, abuse, spam, and malicious activities (e.g., DDoS mitigation, brute-force detection).
    • Using threat intelligence from security partners to protect your account and our infrastructure.
    • Enforcing our Acceptable Use Policy (AUP) and preventing violations that could affect other clients.
  • To Communicate With You
    • Sending important service-related notices, such as account updates, billing alerts, password resets, downtime notifications, and scheduled maintenance.
    • Responding to inquiries, support tickets, live chat interactions, and customer feedback.
    • Providing confirmations and receipts for purchases and renewals.
    • Contacting you regarding account security (e.g., suspicious login attempts, required verification).
  • For Service Updates and Optional Offers (With Your Consent/Preferences)
    • Sending promotional emails, newsletters, or special offers about new products and features.
    • You may withdraw your marketing consent or adjust preferences at any time through your account settings or by clicking “unsubscribe” in our communications.
  • For Legal, Regulatory, and Compliance Obligations
    • Complying with applicable laws, regulations, legal proceedings, or enforceable governmental or law enforcement requests.
    • Meeting requirements of domain name registries and ICANN (including WHOIS obligations where applicable).
    • Detecting, investigating, and preventing fraud, intellectual property infringement, or other illegal activities.
    • Retaining certain records for tax, accounting, and legal compliance purposes.

5. LEGAL BASIS FOR PROCESSING (GDPR, CCPA/CPRA, AND OTHER APPLICABLE LAWS)

Depending on your location and the applicable privacy regulations (such as the General Data Protection Regulation (GDPR) in the EEA/UK, or the California Consumer Privacy Act (CCPA/CPRA) in the United States), Aveshost processes personal information under the following legal bases:

a. Contract Performance:
We process your personal information where it is necessary to enter into and perform a contract with you, including:

  • Setting up and managing your account.
  • Processing payments and billing.
  • Registering and managing domains in compliance with ICANN or registry requirements.
  • Providing customer support and fulfilling requests.

Without this information, we cannot deliver the Services you request.

b. Legitimate Interests:
We process your personal information where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. These purposes include:

  • Securing our systems, infrastructure, and networks.
  • Monitoring and preventing fraud, spam, and abuse.
  • Improving the functionality, performance, and user experience of our Services.
  • Analyzing aggregated usage trends to make informed business decisions.
  • Protecting and enforcing our legal rights.

c. Legal Obligations:
We process your personal information to comply with legal and regulatory obligations, including:

  • Taxation and accounting requirements.
  • Compliance with ICANN, registry, or law enforcement requests related to domain registration and ownership.
  • Responding to valid subpoenas, court orders, or other lawful government demands.

d. Consent:
In certain cases, we will only process your personal information with your explicit consent. This includes:

  • Sending newsletters, promotional offers, and other optional communications.
  • Using non-essential cookies or similar technologies for analytics.

You may withdraw your consent at any time by adjusting your preferences in your account settings or contacting us. Withdrawal will not affect the lawfulness of processing before consent was withdrawn.

e. Your Rights Under CCPA/CPRA (California Residents):
For residents of California, in addition to the above legal bases, we honor the rights granted under the CCPA/CPRA, including the right to:

  • Know what categories of data we collect and why.
  • Access or request a copy of your personal information.
  • Request deletion of your personal information (subject to exceptions).
  • Opt out of the sharing of your personal information (note: Aveshost does not sell personal data).
  • Limit the use and disclosure of sensitive personal information.

We process California residents's data in compliance with these rights and obligations.

6. SHARING OF INFORMATION

We do not sell your personal information. We only share it in the following limited circumstances:

  • For Domain Registration: When you register a domain, your personal information (as required by ICANN) is shared with the relevant domain registry and may be made publicly available through the WHOIS database. However, our free WHOIS privacy protection, included with every domain purchase at no additional cost, helps keep your information private.

  • Payment Processors: We use trusted third-party payment processors to handle all transactions securely. These providers process your payment information (such as credit/debit card details or mobile money accounts) solely for the purpose of completing your purchase. We do not store or have access to your full payment details, ensuring your financial information remains protected.

  • Service Providers: We may partner with trusted third-party service providers such as cloud storage platforms, content delivery networks (CDNs), analytics tools, and customer support systems. These providers help us securely store data, optimize website performance, analyze usage trends, and deliver efficient customer support services. They are only authorized to use your information as necessary to provide these services on our behalf.

  • For Legal Reasons: We will disclose information if we believe it is necessary to:

    • Comply with a law, regulation, legal process, or governmental request.
    • Protect the rights, property, and safety of Aveshost, our clients, or the public.
    • Enforce our Terms of Service and other agreements.
    • Detect, prevent, or otherwise address fraud, security, or technical issues.

  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of all or a portion of our assets, your information may be transferred to a successor entity.

7. DATA RETENTION

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., tax, accounting, fraud prevention, or legal obligations). Retention periods may vary depending on the type of information, the nature of the services you use, and applicable regulatory requirements.

7.1 Account Data:

  • We retain your account information (such as contact details, billing history, and service usage) for as long as your account is active.
  • After account closure, we may retain certain information for a period to:
    • Comply with tax, audit, and accounting obligations.
    • Resolve disputes or enforce agreements.
    • Meet regulatory or ICANN requirements related to domain registrations.

7.2 Client Content and Hosted Data:

  • Data you store on our servers (websites, databases, emails, files) is retained only while your services are active.
  • Upon service termination, your content will be scheduled for permanent deletion from our active systems after a grace period (e.g., 30 days), during which recovery may be possible.
  • Backup copies may persist for a limited time (up to 90 days) as part of our disaster recovery systems before they are securely overwritten.
  • Once deleted, data cannot be recovered.

7.3 Payment:

  • Sensitive payment information (e.g., credit card numbers, mobile money details) is not stored by Aveshost but securely processed and retained by our third-party payment processors (PayPal, Paystack or Flutterwave).

7.4 Legal and Regulatory Retention:

  • Certain personal information must be retained for extended periods under applicable laws, regulations, or industry standards. Examples include:
    • ICANN-mandated domain registration data.
    • Records related to law enforcement requests.

7.5 Deletion and Anonymization:

  • When retention periods expire, personal information is securely deleted, anonymized, or aggregated so that it can no longer be linked back to you.
  • We use industry-standard practices to ensure that deleted data cannot be reconstructed or accessed.

8. SECURITY

We take the protection of your personal information and hosted data seriously. Aveshost implements a combination of technical, organizational, and administrative safeguards designed to protect against unauthorized access, alteration, disclosure, or destruction of your data.:

8.1 Technical Safeguards:

  • Encryption: All communications between you and our servers are protected with SSL/TLS encryption. Sensitive data (such as passwords) is stored in encrypted or hashed form.
  • Network Security: Firewalls, intrusion detection and prevention systems (IDS/IPS), and DDoS mitigation technologies are deployed to secure our infrastructure.
  • Server Hardening: Systems are configured using security best practices (e.g., disabling unused services, enforcing least privilege, and regular patching).

8.2 Organizational Safeguards:

  • Employee Training: All employees undergo regular security and privacy training, including phishing awareness and data handling best practices.
  • Vendor & Third-Party Risk Management: We carefully vet third-party service providers (e.g., payment processors, data centers) to ensure they meet security and compliance requirements.

8.3 Operational Safeguards:

  • Data Backups: We perform regular, encrypted backups of client data to ensure business continuity and disaster recovery.
  • Disaster Recovery & Business Continuity: Plans are in place to maintain service availability in the event of hardware failure, natural disaster, or cyberattack.
  • Vulnerability Management: Regular security audits, penetration testing, and vulnerability assessments are conducted to identify and remediate risks.
  • Change Management: System changes and updates are reviewed, tested, and monitored to prevent security lapses.

9. YOUR PRIVACY RIGHTS

We respect your privacy and are committed to giving you control over your personal data. Depending on your location and applicable data protection laws (such as the General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA), Brazil's LGPD, or similar regulations), you may have the following rights:

9.1 Access and Information:

  • You have the right to request confirmation as to whether we process your personal data.
  • You may request a copy of the personal information we hold about you, along with details about how we use it.

9.2 Correction (Rectification):

  • You can request correction of any inaccurate, outdated, or incomplete personal information we hold.
  • You may also update this information directly via your Aveshost account dashboard.

9.3 Deletion (Right to Be Forgotten):

  • You can request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where processing is based on consent that you have withdrawn.

9.4 Data Portability:

  • You have the right to request that your personal data be provided to you, or transferred directly to another provider, in a structured, commonly used, and machine-readable format, where technically feasible.

9.4 Withdraw Consent:

  • Where our processing is based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.

9.5 How to Exercise Your Rights:

  • To exercise any of these rights, you may contact us at gdpr@aveshost.com.
  • We aim to respond within the time limits required by applicable law.

10. COOKIES & TRACKING TECHNOLOGIES

Aveshost uses cookies and similar tracking technologies to provide a secure, reliable, and user-friendly experience. These technologies help us recognize your browser or device, remember your preferences, and improve our Services.

10.1 What Are Cookies?

Cookies are small text files that your web browser stores when you visit our website. They allow us to recognize returning users, maintain login sessions, and collect analytics about how our Services are used.

We may also use related technologies such as:

  • Web Beacons (Pixel Tags): Small images embedded in emails or web pages.
  • Local & Session Storage: Browser-based storage that helps maintain preferences and improve performance.
  • Third-Party Tracking Scripts: Used by service providers (e.g., analytics, payment processors)

10.2 Types of Cookies We Use

  1. Security & Authentication Cookies:
    • Help verify user identity, prevent fraudulent logins, and protect accounts.
  2. Performance & Analytics Cookies:
    • Collect information about website usage, such as pages visited and time spent.
    • We use Google Analytics for insights.
  3. Functionality Cookies:
    • Remember user preferences (e.g., language, currency, dashboard settings).

10.3 Third-Party Cookies

Some cookies are placed by third parties (e.g., Google Analytics, PayPal fraud detection,) to help us provide secure payments, protect against fraud, and deliver a better service.

10.4 Your Choices & Controls

  • Browser Settings: You can disable or delete cookies in your browser settings. However, some functions may not work correctly if disabled.
  • Opt-Out of Analytics: You can opt-out of Google Analytics

10.5 Retention of Cookie Data

Cookies are retained for varying periods:

  • Session Cookies: Expire once you close your browser.
  • Persistent Cookies: Remain until they expire or are manually deleted.

11. COMMUNICATION

We use email and electronic communication to keep you informed about your account, our Services, and—where permitted— relevant updates or promotions. We distinguish between mandatory service communications and optional promotion communications:

11.1 Service-Related Communications

These communications are essential for the performance of our contract with you and cannot be opted out of while your account is active. They include:

  • Billing and payment notices.
  • Service outage alerts and incident reports.
  • Security or policy-related notifications (e.g., password resets, account security updates).
  • Important updates to our Terms of Service, Acceptable Use Policy, or Privacy Policy.

11.2 Promotional Emails

With your consent (or where otherwise permitted by law), we may send occasional promotional messages about new features, special offers, or services we believe may be of interest to you. You are always in control of these communications:

  • You can unsubscribe at any time by clicking the “unsubscribe” link included in our marketing emails.
  • You may also update your communication preferences in your Aveshost Account Dashboard or by contacting our support team.
  • Unsubscribing from marketing emails will not affect your receipt of mandatory service-related communications.

12. CHILDREN'S PRIVACY

Our Services are not directed to individuals under the age of 18, and we do not knowingly collect, use, or store personal data from minors. By using our Services, you represent that you are at least 18 years old or that you have reached the age of majority in your jurisdiction.

13. POLICY UPDATES

We may revise or update this Privacy Policy periodically to reflect changes in our business practices, legal or regulatory requirements, or improvements to our Services. When we make changes, we will update the “Last Updated” date at the top of this Policy. We encourage you to review this page regularly to stay informed about how we protect your personal data.

14. CONTACT INFORMATION

If you have any questions, concerns, or complaints about this Privacy Policy or our data handling practices, please contact us using the details below:

We will make every effort to respond to your inquiries promptly and address your concerns in accordance with applicable data protection laws.