Data protection and data security when using our website are very important to us.
If you would like an introduction to the topic of data protection and the General Data Protection Regulation, you can find further information on the website of the Federal Data Protection Commissioner, for example, at https://www.bfdi.bund.de/DE/Home/home_node.html.
Below we explain how we collect your personal data when you visit our website and for what purposes we use it. As changes to the law or changes to our internal company processes may make it necessary to adapt this privacy policy, we ask you to read this privacy policy regularly. The privacy policy applies to the SABAY HOST website, which can be accessed under the domain www.sabayhost.com.
2.1 The controller responsible for the processing of your personal data is Sabayhost Head, #31E Street 104, Khan Russey Keo, Phnom Penh, Cambodia. You can contact us for general questions either by (telephone or telegram) on +855 158 108 53 or by email at support@sabayhost.com. Further information can be found on our website at https://sabayhost.com.
2.2 If you have any questions regarding data protection or the exercise of your rights under data protection law (see section 10), you can contact our data protection officer, Mr. Rotha Run, LL.S., either at the address #31E Street 104, Khan Russey Keo, Phnom Penh, Cambodia. or by e-mail at support@sabayhost.com.
Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behaviour. Information that we cannot link to your person (or only with disproportionate effort), e.g. by anonymizing the information, is not personal data.
The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent. Processed personal data will be deleted as soon as the purpose of the processing has been achieved and there are no longer any statutory retention obligations to be complied with.
If we process your personal data for the provision of certain offers, we will inform you below about the specific processes, the scope and purpose of the data processing, the legal basis for the processing and the respective storage period.
The following is a list and detailed description of all processing operations in connection with your personal data that may become relevant when using our website and our services.
For the purpose of detecting and defending against attacks on our website and technical infrastructure (e.g. hacking, denial of service attacks), we process personal data including
For this purpose, we use the Content Delivery Network (CDN) of Cloudflare Inc, 101 Townsend St San Francisco, CA 94107, with whom we have concluded a Data Processing Agreement in accordance with Art. 28 GDPR to ensure the security of your personal data. Personal data may be processed in Cloudflare's server log files.
You can find more information on data protection at Cloudfare at: https://www.cloudflare.com/privacypolicy/
b. Legal basis
Art. 6 (1) lit. f GDPR serves as the legal basis for the aforementioned
data processing. The data processing is technically necessary to enable the use
of our website and to prevent and detect attacks on our website and thus serves
to safeguard a legitimate interest of our company.
c. Storage period
As soon as the aforementioned data is no longer required to display the
website, it will be deleted. The collection of data for the provision of
the website and the storage of data in log files is necessary for the
operation of the website. Consequently, the user has no option to object.
Further storage may take place in individual cases if this is required by law.
If applicable, company name and tax identification number or comparable company identification information for business customers
b. Legal basis
The processing of the personal data described serves the fulfilment
of a contract between you and Sabayhost GmbH or the implementation
of pre-contractual measures in accordance with Art. 6 (1) lit. b GDPR.
For persons who are not party to the contract but representatives
of their company, the legal basis for data processing is Art. 6 (1) lit. f GDPR.
c. Storage period
As soon as the processed data is no longer required for the
performance of the contract, it will be deleted. Thereafter,
the processing of the data will be restricted until the expiry
of any statutory retention periods and will no longer be used
for identification and access to website
functions that require registration.
d. Cancellation of the registration / deletion of the user account
As a registered user, you have the option of cancelling your registration at any time.
You can change the data stored about you at
any time via the settings of your user account.
However, if the processed data is required for the execution/termination of a
contract, premature deletion of the data is not possible.
Persons who represent their company and whose data is therefore processed on
the basis of Art. 6 (1) lit. f GDPR have the right to object to the processing
of their data in accordance with Art. 21 GDPR as described in section 10.
b. Legal basis
The processing of the personal data described serves the fulfilment of a
contract between you and Sabayhost GmbH or the implementation of
pre-contractual measures in accordance with Art. 6 (1) lit. b GDPR.
c. Storage period
As soon as the processed data is no longer required for the performance
of the contract, in particular if the customer has terminated
all their contracts, it will be deleted. Thereafter,
the processing of the data is restricted until the expiry of any
statutory retention periods and is no longer used for other purposes.
If the customer does not pay the entire amount for the entire term of the contract in advance, the data will be transmitted to the respective payment service provider selected by the customer, e.g. PayPal (Europe) S.à.r.l & Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Dublin 2, Ireland or Skrill (Paysafe Payment Solutions Limited, 70 Sir John Rogerson's Quay, Dublin 2,D02 R296, Ireland).
In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
The following data is transmitted to the payment service provider and credit institutions involved as part of payment processing:
b. Legal basis
When processing your personal data that is required to fulfil a purchase contract
concluded with us, i.e. in particular for payment processing, Art. 6 (1) lit.
b GDPR serves as the legal basis. This also applies to processing operations
that are necessary to carry out pre-contractual measures.
In some cases, we may also be legally obliged to transfer the above-mentioned
data concerning you (implementation of strong customer authentication
in accordance with Directive EU 2015/2366 (PSD 2) or the Payment
Services Supervision Act (ZAG)). Insofar as we are legally obliged to
transfer data, Art. 6 (1) lit. c GDPR in conjunction with the corresponding
provisions of Directive EU 2015/2366 (PSD 2) or the Payment Services
Supervision Act (ZAG) is used as the legal basis.
c. Storage period
We store the account information for the duration of the active customer relationship
and for six months thereafter. Subsequent processing is limited to this purpose and
will be deleted after all statutory retention periods have expired.
We transmit IP addresses to Maxmind, Inc., based at 14 Spring Street, 3rd floor, Waltham, MA 02451 USA, whose MinFraud tool determines whether it is a proxy address. We have concluded an order processing contract with the provider in accordance with Art. 28 GDPR, which guarantees data protection at the provider.
Further information on how Maxmind handles data protection can be found at: https://www.maxmind.com/en/privacy-policy
b. Legal basis
The processing and transfer are necessary to safeguard our legitimate interest
in fraud prevention (Art. 6 (1) lit. f GDPR). It serves the legitimate interest
of minimizing the risk of payment defaults, misuse and fraud.
c. Storage period
We will store the data until you request the deletion of your account.
The processing of the data will then be restricted and no longer used for fraud prevention.
The data will be stored by the provider for 18 months and then deleted.
b. Legal basis
Processing is required by law and is therefore based on Art. 6 (1) lit. c GDPR.
c. Storage period
The personal data will be stored until the purpose for which it was collected is achieved
or ceases to apply and then deleted.
b. Legal basis
The processing is necessary to process the request or concern (Art. 6 (1) lit. b GDPR).
c. Storage period
Depending on the content of the request, processing is limited to the specific purpose of the request and is terminated immediately after the request has been processed. The data will be deleted after all mandatory retention periods have expired.
We have concluded an order processing contract with the provider in accordance with Art. 28 GDPR,
which guarantees data protection at the provider.
Further information on how Typeform handles data protection can be found at: https://www.typeform.com/help/a/what-happens-to-my-data-360029581691/
a. Type and scope of data processing We use cookies on our website. Cookies are small files that are sent by us to the browser of your end device and stored there when you visit our website. This website uses cookies to improve your experience and to provide you with personalized content and functions. Cookies do not cause any damage to your end device. They cannot execute programs or contain viruses. In this notice, we would like to inform you about the different types of cookies we use and how you can manage your cookie settings. More detailed information on the individual cookies can be found below and in our cookie banner.
(1) Required cookies:
These cookies are essential to ensure that the website functions properly.
For example, they enable you to navigate the website and fill in forms.
Without these cookies, certain services on our website cannot be provided.
(2) Performance and marketing cookies:
These cookies collect information about how you use our website.
They help us measure and improve the performance of our website
by providing statistics and analytics. We use this information
to optimize the user-friendliness and relevance of our content.
This enables us to make our website more user-friendly and effective for you.
However, you can change your cookie settings at any time by clicking on the cookie settings option on our website. You have control over your cookie preferences.