Scope
This statement applies to visitors, customers, account users, support contacts, abuse reporters, security researchers, and anyone who interacts with https://buyvps.us, our checkout, client dashboard, invoices, VPS services, APIs, support tickets, or related communications.
Customers are responsible for the content, files, applications, logs, and data they place on VPS, RDP, dedicated server, or related hosting services.
Data We Collect
Account data: name, email address, password hash, company name, billing address, tax details where applicable, phone number if provided, and profile settings.
Billing data: invoices, payment gateway selections, transaction IDs, payment status, account balance activity, renewal dates, due dates, taxes, credits, refunds, fraud review data, and chargeback history.
Service data: plan, hostname, assigned IP addresses, region, operating system image, Proxmox node, VMID, cloud-init settings, SSH public keys, generated credentials, provisioning logs, usage state, suspension status, and support history.
Security data: login IPs, registration IPs, checkout IPs, user agent, referral URL, pages viewed, cart events, order attempts, rate-limit events, abuse reports, and admin audit logs.
How We Use Data
We use data to create accounts, secure sessions, process orders, provision VPS services, generate invoices, receive payments, provide support, investigate abuse, prevent fraud, comply with law, enforce terms, and improve the platform.
We send operational emails such as login alerts, invoice notices, order confirmations, payment confirmations, suspension warnings, support replies, and security updates.
GDPR and Privacy Rights
Where GDPR or similar laws apply, processing may be based on contract necessity, legitimate interests, legal obligations, consent where required, and protection of the platform or others.
Privacy rights may include access, correction, deletion, restriction, portability, objection, and withdrawal of consent. Some requests may be limited by tax, billing, fraud, chargeback, security, abuse, backup, or legal-retention requirements.
To exercise privacy rights, contact hi@buyvps.us. We may verify your identity and account ownership before responding.
Sharing and Retention
We may share data with payment processors, fraud-prevention vendors, email providers, datacenter operators, infrastructure vendors, support tools, analytics providers where enabled, professional advisers, and legal authorities when required.
We do not sell customer account data. Records may be retained as long as needed for service operation, tax compliance, dispute resolution, security investigations, abuse handling, and legitimate business records.
Security
We use access controls, password hashing, CSRF protection, audit logs, role permissions, encrypted transport where configured, secure payment redirects, and operational logging.
Customers must secure their own VPS operating systems, passwords, SSH keys, firewalls, applications, backups, and user access.