Skip to content
Top Notch Servers
Get Premium Access
Home About Client Area
Sign In Get Premium Access

Privacy Policy

Last updated: February 2026

1. Introduction

Top Notch Servers ("we", "us", "our") respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, store, and protect your information when you use our premium hosting services and visit our website at topnotchservers.net.

This policy applies to all individuals who interact with our services, including account holders, authorized users, and website visitors. We act as a data controller for personal data collected directly from you, and as a data processor for any personal data stored on our infrastructure as part of your hosted services.

Where we act as a data processor, the terms of our Data Processing Agreement govern how we handle that data on your behalf.

2. Information We Collect

We collect the following categories of information to operate and improve our services:

Account Data

Name, email address, billing address, company name (if applicable), phone number (if provided), and payment information necessary for service delivery and invoicing. Collected directly from you during registration and account management.

Technical Data

IP addresses, browser type and version, operating system, device identifiers, referring URLs, and connection metadata collected automatically when you access our services. This includes server access logs and API request metadata used for diagnostics and security monitoring.

Usage Data

Service usage patterns, resource consumption metrics (CPU, memory, bandwidth, storage), support interactions, login timestamps, session durations, and feature utilization data used to maintain, monitor, and improve our platform.

Communication Data

Records of support tickets, emails, and feedback exchanged with our team to deliver effective support, track issue resolution, and maintain service quality.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Delivering, maintaining, and improving our premium hosting services
  • Processing billing, payments, and generating invoices
  • Providing white-glove technical support and responding to inquiries
  • Monitoring infrastructure security and detecting threats
  • Ensuring compliance with our Terms of Service and Acceptable Use Policy
  • Communicating service updates, maintenance schedules, and important notices
  • Improving our platform based on aggregated usage patterns
  • Capacity planning and performance optimization
  • Preventing fraud, abuse, and unauthorized access to our systems
  • Meeting legal and regulatory obligations

We do not use your personal data for automated decision-making, profiling, or advertising purposes. Your data is never sold to marketers or third-party advertisers.

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:

  • Contract Performance (Art. 6(1)(b)): Processing necessary to deliver the hosting services you have purchased, including account provisioning, server deployment, billing, and technical support.
  • Legitimate Interests (Art. 6(1)(f)): Processing necessary for security monitoring, fraud prevention, service improvement, and capacity planning, provided these interests do not override your fundamental rights and freedoms.
  • Legal Obligation (Art. 6(1)(c)): Processing required for tax record-keeping, financial reporting, and responding to lawful requests from public authorities.
  • Consent (Art. 6(1)(a)): Where we rely on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

5. Data Storage & Security

All personal data and customer data is stored exclusively in European data centers that meet or exceed Tier IV standards. Our facilities are equipped with redundant power, environmental controls, and comprehensive physical access restrictions.

We implement robust security measures including:

  • AES-256 encryption for data at rest across all storage systems
  • TLS 1.3 encryption for all data in transit
  • Role-based access controls with mandatory multi-factor authentication
  • Network segmentation and multi-layer firewall protection
  • DDoS mitigation with multi-Tbps capacity
  • Regular third-party security audits and penetration testing
  • Automated vulnerability scanning and patch management
  • 24/7 infrastructure monitoring and intrusion detection
  • Physical security controls including biometric access and CCTV surveillance

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware, in accordance with GDPR Article 33. Our incident response team follows documented procedures to contain, investigate, and remediate security events.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law:

  • Account data: Retained for the duration of your active account plus 12 months following account closure to handle outstanding matters and disputes.
  • Billing records: Retained for 7 years as required by applicable tax and financial regulations within the EU.
  • Server and access logs: Retained for 90 days for security monitoring, troubleshooting, and abuse prevention.
  • Support correspondence: Retained for the duration of your active account plus 6 months for quality assurance.
  • Marketing consent records: Retained for as long as consent remains valid, plus 3 years thereafter as evidence.

Upon expiration of the retention period, data is securely deleted using cryptographic erasure for encrypted data and multi-pass overwriting for unencrypted data. You may request earlier deletion at any time, subject to our legal retention obligations.

7. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of Access (Art. 15): Request a copy of the personal data we hold about you and information about how it is processed.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data without undue delay.
  • Right to Erasure (Art. 17): Request deletion of your personal data when it is no longer necessary, subject to legal retention requirements.
  • Right to Data Portability (Art. 20): Receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller.
  • Right to Restriction (Art. 18): Request restriction of processing under certain circumstances, such as when you contest data accuracy.
  • Right to Object (Art. 21): Object to processing of your data for specific purposes, including direct marketing.
  • Right to Withdraw Consent (Art. 7): Withdraw consent at any time where processing is based on consent, without affecting prior processing.
  • Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority if your rights have been violated.

To exercise any of these rights, please contact us at privacy{{ $theme['domain'] ?? 'topnotchservers.com' }}. We will respond to all valid requests within 30 days. If additional time is required, we will notify you within the initial period.

8. Cookies & Tracking

We use only essential cookies that are strictly necessary for the operation of our website and services:

  • Authentication cookies: To maintain your login session securely and prevent unauthorized account access.
  • Session management cookies: For security, load balancing, and platform functionality.
  • CSRF protection tokens: To prevent cross-site request forgery attacks and ensure form submission integrity.
  • Preference cookies: To remember your language and timezone settings for a consistent experience.

We do not use tracking cookies, advertising cookies, or any third-party analytics cookies. No pixel trackers, web beacons, or fingerprinting technologies are used. Essential cookies are set under the legal basis of legitimate interest.

9. Third-Party Services

We engage a limited number of trusted third-party service providers to support our operations:

  • Payment processors: To securely process billing transactions. Payment card data is handled exclusively by PCI DSS-compliant processors and is never stored on our servers. We only receive transaction confirmations.
  • Email service providers: For transactional communications such as invoices, service notifications, and password resets. No marketing through third-party platforms.

All third-party providers are bound by GDPR-compliant data processing agreements. We conduct regular reviews of their compliance and security practices. We do not sell, rent, or trade your personal data to any third parties. Data shared is limited to the minimum necessary for contracted functions.

10. International Data Transfers

Your personal data is stored and processed exclusively within the European Economic Area (EEA). We do not transfer your data outside the EEA as part of our standard operations.

In the limited circumstances where a third-party service provider may process data outside the EEA, we ensure appropriate safeguards are in place, including European Commission adequacy decisions, Standard Contractual Clauses (SCCs), or Binding Corporate Rules. You may request details about these safeguards at any time.

11. Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at privacy{{ $theme['domain'] ?? 'topnotchservers.com' }} and we will take steps to delete that information promptly.

If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will delete that data from our systems within a reasonable timeframe.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. For material changes, we will provide notice via email at least 14 days before the changes take effect.

The "Last updated" date at the top of this page indicates when the policy was most recently revised. Continued use of our services after changes take effect constitutes your acknowledgment of the revised policy. Previous versions are available upon request.

13. Contact & Data Protection

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how your data is processed, please contact us at:

privacy{{ $theme['domain'] ?? 'topnotchservers.com' }}

We aim to resolve all privacy-related inquiries promptly. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority within the European Economic Area.