Home Privacy Policy

Privacy Policy

INTRODUCTION AND SCOPE

  1. This Privacy Policy explains how VELOXNODES (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards personal data in connection with the website veloxnodes.com (the “Website”) and the dedicated-server hosting services we provide (the “Services”).
  2. The Policy applies to all individuals who visit our Website, purchase Services, or otherwise interact with us (“you,” “your,” or “User”), regardless of nationality or place of residence.
  3. We recognize the privacy expectations of users in multiple jurisdictions and have aligned this Policy with internationally accepted principles, including the EU General Data Protection Regulation (EU 2016/679) (“GDPR”), the UK GDPR, and major non-EU frameworks such as the California Consumer Privacy Act (CCPA/CPRA). Where these laws apply extraterritorially, we observe their core obligations; elsewhere we apply the same standards contractually.
  4. Use of our Services constitutes acknowledgment that you have read and understood this Policy. If you do not agree with its terms, you must refrain from using the Services.

LEGAL IDENTITY AND CONTACT INFORMATION

  1. Data Controller. VELOXNODES acts as the Data Controller for personal data processed through the Website and Services.
  2. Data Protection Contact. Questions or requests concerning this Policy may be addressed to [email protected].
  3. EU/UK Representative (Conditional). If, in future, the Company establishes a significant user base within the European Economic Area or United Kingdom, it will designate an authorised representative in accordance with Article 27 GDPR and update this Policy accordingly.

KEY DEFINITIONS

  1. “Personal Data” means any information relating to an identified or identifiable natural person, such as a name, email address, IP address, or other online identifier.
  2. “Processing” means any operation performed on Personal Data, whether by automated means or otherwise, including collection, recording, organisation, storage, adaptation, retrieval, consultation, use, disclosure, transmission, or deletion.
  3. “Controller” means the entity that determines the purposes and means of Processing Personal Data.
  4. “Processor” means any natural or legal person that Processes Personal Data on behalf of the Controller.
  5. “Third-Party Provider” includes datacenter operators, payment gateways, email services, and analytics tools engaged by the Company to deliver the Services.
  6. “Applicable Data Protection Law” means all privacy or data-protection legislation relevant to the user or the Company, including GDPR, UK GDPR, CCPA/CPRA, and any local law governing data processing or localisation.

CATEGORIES OF PERSONAL DATA COLLECTED

  1. Account and Contact Data. When you create an account or purchase a Service, we collect your email address and, if applicable, billing details such as name, organisation, and payment reference identifiers.
  2. Technical and Log Data. Our systems automatically record information including IP addresses, browser type, access timestamps, operating system, and server-interaction logs. These are used for network integrity, troubleshooting, and abuse prevention.
  3. Payment Data. Payments are processed exclusively through third-party processors. We receive transaction confirmation data (time, amount, payment method) but never store full card or wallet credentials.
  4. Support and Correspondence Data. If you contact us for assistance, we may process your message content and related metadata to resolve the inquiry.
  5. Cookies and Usage Metrics. We may use essential cookies for session management and optional analytics cookies subject to your browser settings.
  6. We intentionally collect minimal data necessary to provision dedicated servers. No identity documents or extensive KYC information are required beyond a functional email address.

HOW DATA IS COLLECTED

  1. Direct Collection. Personal Data is provided directly by you when registering, ordering, or communicating with our support team.
  2. Automated Collection. Technical and log data are generated automatically by our servers and network monitoring tools during Service use.
  3. Third-Party Sources. Limited Personal Data may be obtained from payment processors or datacenter partners where required for transaction verification, abuse prevention, or law-enforcement cooperation.
  4. Cookies and Tracking. Cookies store session identifiers and preferences; optional analytics may collect pseudonymous usage statistics. You can disable non-essential cookies through your browser without affecting core functionality.
  5. No Offline Collection. We do not obtain data from public registries, marketing lists, or offline sources.

PURPOSES AND LEGAL BASES FOR PROCESSING

  1. We Process Personal Data for the following purposes and corresponding lawful bases:
    (a) Service Provision (Contract Performance). To register your account, supply server access credentials, manage billing, and provide technical support.
    (b) Security and Abuse Prevention (Legitimate Interest). To detect spam, DDoS, or network misuse and ensure integrity of our infrastructure.
    (c) Compliance (Legal Obligation). To comply with export controls, sanctions screening, taxation, and record-keeping obligations under applicable law.
    (d) Improvement and Analytics (Legitimate Interest or Consent). To analyse service reliability and user experience, subject to your cookie preferences.
    (e) Communication and Notices (Legitimate Interest). To send administrative emails regarding provisioning, billing, or policy updates.
    (f) Marketing (Consent). We do not engage in unsolicited marketing; any promotional email requires prior opt-in consent, which you may withdraw at any time.
  2. Where processing relies on legitimate interest, we balance our operational need against potential impact on your rights and maintain internal assessments documenting that balance.

PAYMENT PROCESSING AND FINANCIAL DATA

  1. Third-Party Gateways. All payments are handled by independent processors—such as card gateways, e-wallets, or cryptocurrency platforms—each operating under its own security and privacy controls.
  2. Data Received. We receive only transaction metadata: confirmation number, amount, currency, and timestamp. Full card numbers, wallet addresses, or banking credentials are never stored or accessible to us.
  3. Fraud Prevention. Payment processors may share limited risk-scoring or fraud indicators with us. We use these solely to protect the integrity of transactions and prevent abuse.
  4. Legal Basis. Processing of payment metadata is necessary for contract performance and legitimate interest in fraud detection.
  5. Retention. Billing records are retained for accounting and compliance purposes for up to seven (7) years, unless a shorter period is required by law.
  6. Disputes and Chargebacks. Where a payment dispute arises, relevant transaction details may be shared with the payment processor and, if needed, with banks or legal counsel for resolution.

DATA SHARING AND DISCLOSURE

  1. Service Providers and Partners. We share limited Personal Data with trusted third parties who assist in operating the Services, including:
    (a) datacenter operators located in Russia and Kyrgyzstan for server provisioning;
    (b) payment processors handling financial transactions;
    (c) email and ticketing providers for customer support; and
    (d) infrastructure vendors for monitoring and security.
  2. Legal Disclosures. We may disclose Personal Data to competent authorities, courts, or regulators when required by law, lawful subpoena, or court order, or to protect our legal rights or those of others.
  3. Corporate Transactions. If the Company undergoes a merger, acquisition, or asset transfer, Personal Data may be transferred to the successor entity under equivalent privacy safeguards.
  4. Prohibited Sale. We do not sell Personal Data, and we do not share data for cross-context behavioural advertising.
  5. Contractual Safeguards. All third-party recipients are bound by written agreements requiring confidentiality, restricted processing, and security consistent with this Policy.

INTERNATIONAL DATA TRANSFERS

  1. Cross-Border Nature. Because our servers and partners operate globally, Personal Data may be transferred to and processed in Russia, Kyrgyzstan, or other countries that may not provide the same level of protection as your home jurisdiction.
  2. Safeguards. Where required by law, we implement safeguards such as:
    (a) Standard Contractual Clauses approved by the European Commission;
    (b) contractual commitments ensuring equivalent data-protection obligations; and
    (c) internal access-control measures limiting who can view exported data.
  3. Consent and Necessity. By using the Services, you acknowledge and consent to these international transfers as necessary for contract performance.
  4. Transparency. Details of specific transfer mechanisms may be provided upon written request to [email protected].

DATA LOCALISATION

  1. Russian Data Localisation. Where required by the Federal Law No. 242-FZ (Russia), personal data of Russian nationals processed through servers located in Russia will be stored locally on Russian infrastructure operated by our datacenter partners.
  2. Kyrgyz Compliance. Data processed in Kyrgyzstan is subject to the Law on Personal Data (Kyrgyz Republic). Our datacenter providers there maintain necessary registration and technical safeguards.
  3. Cross-Mirror Storage. For resilience, limited technical backups may reside outside these jurisdictions but remain encrypted and accessible only to authorised personnel.
  4. Controller Responsibility. While we rely on datacenter operators to meet local localisation requirements, VELOXNODES remains the controller and contractual counterpart for all processing activities.

DATA RETENTION POLICY

  1. Retention Criteria. We retain Personal Data only as long as necessary for the purposes outlined in this Policy, including legal, accounting, and security requirements.
  2. Standard Durations.
    (a) Account and billing data — up to seven (7) years after termination.
    (b) Server and access logs — typically ninety (90) days unless extended for security investigations.
    (c) Abuse and compliance records — until the matter is resolved and limitation periods expire.
  3. Deletion. When retention periods expire, data are securely deleted or anonymised. Backups containing residual data are overwritten on a rolling cycle.
  4. User-Initiated Deletion. Upon verified request, we will erase Personal Data earlier where no legal ground requires continued retention.

COOKIES, TRACKING, AND ANALYTICS

  1. Essential Cookies. We use session cookies necessary for authentication and maintaining your login state. These expire automatically when you close your browser.
  2. Preference Cookies. Optional cookies may store language or region settings to enhance usability.
  3. Analytics. At present, veloxnodes.com employs minimal server-side analytics only, based on aggregated log data. We do not use Google Analytics or similar tracking that profiles individual behaviour.
  4. Consent Controls. Non-essential cookies activate only if your browser allows them. You can disable cookies through browser settings without affecting service performance.
  5. Third-Party Content. Embedded external content, if any, may set their own cookies; we have no control over those and recommend reviewing their respective policies.

DATA SECURITY MEASURES

  1. Technical Controls. We implement administrative, physical, and technical safeguards designed to protect Personal Data against unauthorised access, alteration, or destruction, including:
    • encrypted transmission (TLS) for all web sessions;
    • firewalled network architecture and intrusion detection;
    • strict credential management and least-privilege access;
    • regular vulnerability assessments by upstream providers.
  2. Organisational Controls. Access to Personal Data is restricted to authorised staff or contractors bound by confidentiality obligations.
  3. Incident Response. In the unlikely event of a data breach posing material risk to individuals, we will notify affected users and, where legally required, relevant supervisory authorities without undue delay.
  4. Residual Risk. Despite these measures, no system can guarantee absolute security. Users are responsible for maintaining the secrecy of their credentials and securing their local environment.

USER RIGHTS AND CHOICES

  1. Global Principles. We respect individual rights to control Personal Data. Regardless of residence, users may exercise the following rights to the extent applicable under law.
  2. Access and Portability. You may request a copy of the Personal Data we hold about you in a structured, commonly used format.
  3. Rectification. You may request correction of inaccurate or incomplete Personal Data.
  4. Erasure (“Right to Be Forgotten”). You may request deletion of Personal Data where it is no longer necessary for contractual or legal purposes.
  5. Restriction and Objection. You may object to or request limitation of processing based on legitimate interest.
  6. Withdrawal of Consent. Where processing is based on consent (e.g., cookies or marketing), you may withdraw consent at any time.
  7. Verification. For security, we may request reasonable information to verify your identity before fulfilling a rights request.
  8. Response Time. We aim to respond within one (1) month of receipt, extendable where complex or numerous requests require additional time.
  9. Complaints. If you believe your rights have been infringed, you may contact us directly or lodge a complaint with your local data-protection authority (for EEA/UK users, per Articles 77 GDPR and 55 UK GDPR).

CHILDREN’S PRIVACY

  1. Age Restriction. Our Services are intended exclusively for persons aged 18 years or older. We do not knowingly collect, use, or retain Personal Data from anyone under this age threshold.
  2. Parental Notification. If you believe that a minor has provided Personal Data to us, please contact [email protected]. Upon verification, such data will be promptly deleted.
  3. No Targeting of Minors. We do not market, advertise, or structure our Services in a way directed toward children or minors in any jurisdiction.

THIRD-PARTY LINKS AND INTEGRATIONS

  1. External Websites. The Website may contain links to third-party websites or services not operated or controlled by the Company. Clicking such links is at your discretion.
  2. Independent Policies. Those third parties maintain independent privacy practices. We are not responsible for, and disclaim all liability regarding, their content, policies, or data-handling.
  3. Hosted Software or APIs. Where the Customer installs or integrates third-party software on a dedicated server, that vendor’s privacy terms govern all resulting processing.

AUTOMATED DECISION-MAKING AND PROFILING

  1. No Automated Decisions. We do not employ algorithms or profiling that produce legal or similarly significant effects on individuals.
  2. Limited Automation. Automation occurs only in technical areas—such as fraud-screening, spam detection, or abuse blocking—and never involves human-rights-relevant decision-making.
  3. Transparency. Should automated decision-making be introduced in future, we will update this Policy to describe its logic, scope, and user rights to contest such processing.

CHANGES TO THIS POLICY

  1. Revision Mechanism. We may amend this Privacy Policy from time to time to reflect operational, legal, or regulatory developments.
  2. Notification. Material changes will be posted on the Website and, where appropriate, notified by email to registered users at least seven (7) days before they take effect.
  3. Effective Date Indicator. The “Effective Date” below reflects the most recent version. Continued use of the Services after publication constitutes acceptance of the revised Policy.

COMPLAINTS AND DISPUTE RESOLUTION

  1. Internal Resolution. Users are encouraged to contact [email protected] with any concern or complaint regarding data handling. We will investigate and respond in good faith.
  2. Supervisory Authorities (EEA/UK). Individuals located in the EEA or UK may lodge a complaint with their national data-protection authority pursuant to Article 77 GDPR / Section 165 UK Data Protection Act 2018.
  3. Other Jurisdictions. Users elsewhere may have the right to contact relevant consumer-protection or privacy regulators in their region.
  4. Arbitration and Courts. Where disputes cannot be resolved informally, they will be governed by the dispute-resolution clause set forth in the Terms of Service, including any optional arbitration procedure.
  5. Non-Retaliation. We will not deny service or discriminate against any individual for exercising a privacy right or submitting a complaint.

CONTACT AND EFFECTIVE DATE

  1. Controller and Contact Details.
    VELOXNODES
    Registered Jurisdiction: Moscow, Russia
    Email: [email protected]
    Website: https://veloxnodes.com
  2. Requests and Correspondence. All data-access, correction, deletion, or objection requests must be submitted by email from the account’s registered address or accompanied by reasonable verification information.
  3. Effective Date. This Privacy Policy is effective as of 29th October 2025 and supersedes any previous version. Updates will be archived for reference.