Enjoy 1 month of free hosting for WordPress
Domain Names Web Hosting Managed WordPress Knowledgebase Support
Sign In Get Started Free

Privacy Policy

We take your privacy seriously. This policy explains how Qaval Host collects, uses, and protects your personal information.

Effective Date: June 11, 2026

1. Introduction

Qaval Host ("we," "our," or "us") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website qavalhost.com or use our hosting and related services (collectively, the "Services").

We comply with applicable data protection laws, including the Nigeria Data Protection Act (NDPA) and the European Union's General Data Protection Regulation (GDPR) where applicable to our processing activities.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you use our Services, including:

  • Account Information: Full name, email address, physical address, phone number, and company name when you register for an account.
  • Billing Information: Payment card details, billing address, and transaction history. Payment card data is processed by our PCI-compliant payment processors and is not stored on our servers.
  • Domain Registration Data: Registrant name, organization, address, email, and phone number as required by ICANN for domain WHOIS records.
  • Support Communications: Information you provide when contacting our support team, including chat logs, ticket submissions, and email correspondence.
  • Website Content: Files, databases, emails, and other content you upload to or host on our servers.

2.2 Information Collected Automatically

When you access our website or use our Services, we automatically collect:

  • Log Data: IP address, browser type, operating system, referring/exit pages, date/time stamps, and clickstream data.
  • Usage Data: Pages visited, features used, time spent, and interaction patterns within our platform.
  • Device Information: Device type, unique device identifiers, and network information.
  • Server Metrics: Resource usage (CPU, memory, disk, bandwidth) associated with hosting accounts.

2.3 Information from Third Parties

We may receive information about you from:

  • Payment processors (transaction confirmations, fraud risk scores).
  • Domain registries and registrars (WHOIS verification, transfer approvals).
  • Fraud prevention services and public databases.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To create and manage your account, provision hosting services, register domains, issue SSL certificates, and provide technical support.
  • Billing & Payments: To process payments, send invoices, manage subscriptions, and handle refunds.
  • Communication: To send service-related notices (account updates, maintenance alerts, security advisories), respond to support inquiries, and send newsletters or promotional offers (with your consent).
  • Improvement & Analytics: To analyze usage patterns, monitor performance, troubleshoot issues, and improve our Services.
  • Security & Compliance: To detect and prevent fraud, abuse, and security threats; to comply with legal obligations and enforce our Terms of Service.
  • Legal Obligations: To respond to lawful requests from public authorities, including national security or law enforcement requirements.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal basis for processing your personal data includes:

  • Contractual Necessity: Processing necessary to perform our contract with you (e.g., providing hosting services, processing payments).
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our Services, preventing fraud, and marketing our products (where such interests are not overridden by your data protection rights).
  • Consent: Processing based on your explicit consent (e.g., for sending marketing emails or placing non-essential cookies). You may withdraw consent at any time.
  • Legal Obligation: Processing required to comply with applicable laws, regulations, or legal processes.

5. Cookies & Tracking Technologies

5.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to website operators.

5.2 Types of Cookies We Use

  • Essential Cookies: Required for the operation of our website and client area. These include session cookies for authentication, security cookies to prevent fraud, and load-balancing cookies. They cannot be disabled.
  • Functional Cookies: Remember your preferences, such as language selection, theme preference (dark/light mode), and previously viewed products.
  • Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage statistics (e.g., Google Analytics).
  • Marketing Cookies: Used to deliver relevant advertisements and measure the effectiveness of marketing campaigns.

5.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can block or delete cookies, but this may affect the functionality of our Services. For more information, visit aboutcookies.org.

6. Third-Party Services & Data Sharing

6.1 Service Providers

We share your information with trusted third-party service providers who assist us in operating our business, including:

  • Payment Processors: For processing transactions securely.
  • Domain Registries: For domain registration, WHOIS records, and TLD compliance requirements.
  • Data Center Operators: For hosting our server infrastructure.
  • Email Service Providers: For sending transactional and marketing emails.
  • Analytics Providers: For understanding website usage and performance.
  • Fraud Prevention Services: For screening orders and protecting against fraud.

All service providers are contractually bound to process personal data only on our instructions and in compliance with applicable data protection laws.

6.2 Legal Disclosures

We may disclose your information if required by law, court order, or governmental regulation, or if we believe in good faith that disclosure is necessary to:

  • Comply with a legal obligation.
  • Protect and defend the rights or property of Qaval Host.
  • Prevent or investigate possible wrongdoing in connection with the Services.
  • Protect the personal safety of users or the public.

6.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. You will be notified via email or prominent notice on our website of any change in ownership.

6.4 We Do Not Sell Your Data

Qaval Host does not sell, rent, or trade your personal information to third parties for their marketing purposes.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying legal, accounting, or reporting requirements:

  • Account Data: Retained for the duration of your account plus 2 years after account closure for legal and tax purposes.
  • Billing Records: Retained for 7 years to comply with tax and accounting regulations.
  • Support Tickets & Communications: Retained for 3 years after resolution.
  • Server Logs: Retained for 90 days for security and troubleshooting purposes.
  • Website Content & Hosted Data: Deleted within 30 days after account termination unless you request earlier deletion.
  • Marketing Data: Retained until you withdraw consent or unsubscribe.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • 256-bit SSL/TLS encryption for data in transit.
  • Encryption at rest for sensitive data.
  • Firewalls, intrusion detection, and DDoS protection systems.
  • Regular security audits and vulnerability scanning.
  • Access controls and authentication mechanisms.
  • Staff training on data protection and confidentiality.

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Your data may be stored and processed in the United States, Nigeria, the European Union, or other countries where our data centers are located. When we transfer personal data from the EEA/UK to countries not deemed to provide an adequate level of protection, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Your Data Protection Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal retention obligations.
  • Right to Restrict Processing: Request limitation of how we process your data under certain circumstances.
  • Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw previously given consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Right to Complain: Lodge a complaint with a supervisory authority, such as the Nigeria Data Protection Commission (NDPC) or your local data protection authority in the EU.

To exercise any of these rights, contact us at privacy@qavalhost.com. We will respond within 30 days and may require identity verification before processing your request.

11. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal data from a child without parental consent, we will delete it promptly.

12. Third-Party Links

Our website may contain links to third-party websites, plugins, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party services you interact with.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. Material changes will be communicated via email or a prominent notice on our website at least 30 days before they take effect. The "Effective Date" at the top of this policy indicates when it was last revised.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

  • Email: privacy@qavalhost.com
  • General Support: support@qavalhost.com
  • Address: Qaval Host, Texas, United States
  • Website: qavalhost.com

Supervisory Authority: If you are based in Nigeria, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng. If you are in the EU/EEA, you may contact your local data protection authority.