Privacy Policy — GrafixHost

Grafix Solutions Ltd, headquartered in Sofia, Bulgaria, EIK [placeholder], is the controller of your personal data. Contact: privacy@grafixhost.bg.

Identification data (name, email, phone), payment data (processed by payment processors), billing data (address, registration number, VAT number), technical data (IP address, browser fingerprint, log files), service usage data (cPanel logs, resource metrics).

We process personal data on the following grounds: (a) contract performance — to provide the Service; (b) legal obligation — for invoicing and accounting; (c) legitimate interest — for security, fraud prevention, and service quality; (d) consent — for marketing communication.

Data of active customers — for the duration of the contract + 30-day grace period. Invoice data — 10 years (accounting requirement). Log files — 90 days. Backup data of terminated accounts — 30 days.

You have the right to: (a) access your data; (b) correct inaccurate data; (c) erasure ("right to be forgotten"); (d) restriction of processing; (e) data portability; (f) object to processing; (g) lodge a complaint with the CPDP. Requests via privacy@grafixhost.bg, response within 30 days.

We use functional cookies (necessary for site operation) and analytical cookies (Plausible — privacy-first, no cross-site tracking). We do not use marketing or behavioral tracking cookies. Details in our Cookie Policy.

We share data with the following processors: Vercel (frontend hosting), Cloudflare (CDN), Stripe (payments), Resend (transactional email), Anthropic (AI chat — anonymized requests only). The list is maintained in /dpa.

Contact the DPO: dpo@grafixhost.bg. For complaints, you can also contact the Commission for Personal Data Protection (CPDP), Sofia, Bulgaria.

Changes are published at /privacy with the last-updated date. Material changes are announced via email with at least 30 days notice.