Version: 1.0
Effective from: January 1, 2026
This document outlines the data management and transparency policy of the xHOSTING closed community system. Anyone who joins the system (by invitation) automatically accepts this policy.
The Technical Operator is the natural person or business entity responsible for ensuring the technical operation of the xHOSTING community system, maintaining the community infrastructure, issuing official invoices for contributions, and enforcing compliance with the rules and policies.
The current Technical Operator is:
Name: László Madarász, sole proprietor
Registered office: H-2040 Budaörs, Hajnal utca 4., Hungary
Tax number: 65489426-1-51
EU VAT number: HU65489426
Business registration number: 15934478
Phone: +36-70-720-4884
Email: info@xhosting.hu
The administrators and moderators of the xHOSTING community system who, on behalf of the Technical Operator, supervise the operation, security, and community order of the system.
This document, which defines the fundamental principles of operation of the closed, invitation-only xHOSTING community system, the conditions of use, and the rules governing invitations and contributions.
The state in which a user no longer has an active account or permissions within the xHOSTING system, in particular due to a violation of the rules, exclusion, or voluntary departure.
A data processing operation applied after the termination of a user account, during which personal data associated with the account are irreversibly deleted or anonymized, except where retention is required by law.
A warning representing the documented recording of a rule violation. The purpose of a WARN is to maintain community order and prevent further violations.
A Member who, upon fulfilling the conditions defined in this Policy, is entitled to provide another person with the opportunity to register in the xHOSTING system via invitation.
A person who accepts an invitation sent by an Inviter and registers in the xHOSTING system by providing the required information.
A user registered in the xHOSTING system with a valid invitation and holding an active account.
The totality of Members registered in the xHOSTING system, including the Operators.
The totality of hardware and software capacities of the servers and infrastructure providing xHOSTING services, including in particular processor, memory, storage, and bandwidth capacity.
A service level agreement representing a guaranteed level of operation provided by commercial service providers. The xHOSTING community system does not provide an SLA.
The order of allocation of resources and operator attention, which in the case of xHOSTING is determined exclusively by technical and community considerations and administrative decisions.
The availability of the system or a specific service within a defined period. In the case of xHOSTING, uptime is not guaranteed.
A voluntary contribution provided by a Member in an amount determined by the Member, intended to support the operation and development of the xHOSTING community system. A contribution does not constitute a service fee or consideration.
A Paid Service is any service used by a Member through xHOSTING under a separate legal relationship, in return for consideration.
The initiation of a Paid Service (such as placing a new order or initiating a new domain registration) is conditional upon registration in the xHOSTING system, i.e. Membership.
The continued use of existing Paid Services (such as maintaining an existing domain, access, and administration) remains available for the duration of the service even after Membership has terminated, subject to settlement of the applicable fees, potentially via a limited access channel (e.g. support ticket or email).
At present, Paid Services include in particular domain registration and domain-related administration.
A Free Service is any service provided by xHOSTING to Members on a community basis, without consideration, and whose use is conditional upon active community Membership.
At present, Free Services include in particular web hosting services and the associated technical resources.
The xHOSTING User Interface is the closed online system through which Members manage xHOSTING services, in particular registration, the use of Paid and Free Services, viewing service status, and accessing information related to community status.
xHOSTING is a closed, invitation-based community system that provides technical resources and related services to its Members on a non-commercial basis. The operation of xHOSTING is based on community contributions and is separate from Paid Services provided under a separate legal relationship for consideration.
• Full name (provided voluntarily)
• Telegram ID / username
• Email address
• IP address (for logging purposes)
• Device identifiers and browsing information (via cookies)
• Timestamps of consents (e.g. acceptance of an invitation)
• Operating the closed xHOSTING community system
• Recording invitations and permissions
• Providing access to technical resources
• System security and investigation of abuse
• Mandatory accounting records related to contributions
• GDPR Article 6(1)(a) – the data subject’s voluntary consent
• GDPR Article 6(1)(f) – legitimate interest (e.g. system security, abuse prevention)
• Where invoicing applies: GDPR Article 6(1)(c) – compliance with a legal obligation
2.6.1 xHOSTING does not transfer data to third parties under any circumstances, except:
• where required by law in response to a request by a competent authority;
• the minimum data necessary for bookkeeping or invoicing to the Technical Operator.
• In case of deletion / anonymization of a user account, the data are permanently deleted.
• Within 12 months following the termination of the relationship, all stored data are automatically deleted.
• Invoicing/accounting data must be retained for 8 years in accordance with applicable law (Accounting Act).
Note: shorter retention periods set out in Chapter 15 apply to the retention and export of service (hosting) content.
• Access to personal data
• Request correction or deletion
• Restriction of processing
• Data portability
• Lodging a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
Contact: https://naih.hu
Name: Madarász László, sole proprietor
Registered office: 2040 Budaörs, Hajnal utca 4.
Tax number: 65489426-1-51
EU VAT number: HU65489426
Registration number: 15934478
Phone: +36-70-720-4884
Email: info@xhosting.hu
2.10.1 Data processing related to bookkeeping
Processor name: Empire Numbers Kft.
Address: 3580 Tiszaújváros, Árkád sor 3 1/3
Tax number: 32454570-1-05
Phone: +36-20-286-0497
Email: zsanrietta1231@gmail.com
Website: https://empirenumbers.hu
Bookkeeping data are processed exclusively in accordance with the Hungarian Accounting Act and only for the retention period prescribed therein.
2.10.2 Partners providing the technical background of services
Meta Platforms Ireland Limited (formerly Facebook Ireland Limited)
Registered office: Merrion Road, Dublin 4, D04 X2K5, Ireland
Tax number (VAT ID): IE9692928F
Website: facebook.com
Privacy policy: facebook.com/privacy/policy
TikTok Technology Limited
Registered office: 10 Earlsfort Terrace, Dublin 2, D02 T380, Ireland — company registration number 635755
Tax number (VAT ID): IE3729252KH; under GDPR they assume a joint controller role.
Website: tiktok.com
Privacy policy: tiktok.com/legal/privacy-policy
Rumble Inc.
Registered office: 444 Gulf of Mexico Drive, Longboat Key, Florida 34228, USA
Tax number (VAT): N/A (non-EU company)
Website: rumble.com
Privacy policy: rumble.com/privacy-policy
YouTube LLC (Google Ireland Limited)
Registered office: 901 Cherry Avenue, San Bruno, CA 94066, USA
Tax number (VAT): IE6388047V
Website: youtube.com
Privacy policy: policies.google.com/privacy
X Corp. (formerly Twitter)
Registered office: 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
Tax number (VAT): not published
Website: x.com
Privacy policy: x.com/privacy
Hetzner Online GmbH
Registered office: Industriestraße 25, 91710 Gunzenhausen, Germany
Tax number (VAT ID): DE812871812
Website: hetzner.com
Privacy policy: hetzner.com/legal/privacy-policy
PayPal (Europe) S.à r.l. et Cie, S.C.A.
Registered office: 22–24 Boulevard Royal, L-2449 Luxembourg
Tax number (VAT): LU22046007
Website: paypal.com
Privacy policy: paypal.com/hu/webapps/mpp/ua/privacy-full
Stripe Payments Europe, Limited
Registered office: The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland
Tax number (VAT): IE3206488LH
Website: stripe.com
Privacy policy: stripe.com/privacy
Erste Bank Hungary Zrt.
Registered office: 1138 Budapest, Népfürdő utca 24–26, Hungary
Tax number: 10197879-4-44 (group tax number: 17781042-5-44)
Company registration number: 01-10-041054
Website: erstebank.hu
Privacy notice: erstebank.hu/hu/adatkezelesi
2.10.3 Data processing related to domain registration
In the provision of domain registration services, xHOSTING is in a reseller relationship with the domain registrar Netim SAS.
Processor / controller name: NETIM SAS
Registered office: 264 Avenue Arthur Notebart, 59160 Lille, France
Legal form: Société par Actions Simplifiée (SAS)
Website: https://www.netim.com
Legal notices: https://www.netim.com/en/legal-notices
Data processing policy: https://www.netim.com/contracts/personal-data-processing-policy.pdf
During domain registration, the transfer of personal data (e.g. name, address, email address, phone number) to Netim SAS is based on a legal obligation, in particular pursuant to ICANN rules and the requirements of the relevant TLD registry.
Netim SAS processes the data under its own data processing policy as an independent data controller. In connection with domain registration, xHOSTING transfers data only to the extent necessary to perform the service.
2.10.4 External platforms (providers accessible via links)
xHOSTING interfaces may contain links to external platforms (e.g. social media or video sharing sites). These providers are independent data controllers separate from xHOSTING, and after opening a link they act in accordance with their own data protection and cookie rules.
This data processing policy was created to present the data processing activities performed by the Data Controller in a transparent manner and to ensure that Data Subjects are aware of their rights.
Data subjects have the following rights in relation to the processing of their personal data:
2.12.1 Right of access: the data subject is entitled to request information as to whether the Data Controller processes their personal data and, if so, to access information relating to such processing (e.g. the purposes of processing, the categories of personal data concerned).
2.12.2 Right to rectification: the data subject is entitled to request that the Data Controller correct inaccurate personal data or complete incomplete personal data.
2.12.3 Right to erasure (“right to be forgotten”): the data subject may request the deletion of their personal data if processing is no longer necessary, the data subject withdraws consent, or processing was unlawful.
2.12.4 Right to restriction of processing: the data subject is entitled to request restriction of processing if they contest the accuracy of the personal data or raise objections regarding the lawfulness of processing.
2.12.5 Right to data portability: the data subject is entitled to request that the Data Controller provide the data processed by the Data Controller in a structured, commonly used, machine-readable format and/or transmit it to another controller.
2.12.6 Right to object: the data subject is entitled to object to processing where the legal basis is legitimate interest or public interest.
2.13.1 To exercise their rights, data subjects may contact the Data Controller via the following contact details:
• Mailing address: Madarász László, sole proprietor, 2040 Budaörs, Hajnal utca 4. Email: info@xhosting.hu Phone: +36-70-720-4884
• The Data Controller will respond to all requests as soon as possible, but no later than within 25 days.
The Data Controller protects personal data against unauthorized access, data loss, and data security incidents through technical and organizational measures. The Data Controller stores data exclusively on servers owned by Madarász László as a sole proprietor or with contracted service providers located within the European Union.
2.15.1 In the event of a data protection incident, the Data Controller:
• keeps a record of incidents.
• notifies the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) within 72 hours.
• informs data subjects if the incident involves high risk.
2.16.1 The Data Controller transfers data to third parties only in the following cases:
2.16.2 Where the data subject has given explicit consent.
2.16.3 For the purpose of fulfilling obligations prescribed by law (e.g. requests by authorities).
2.17.1 The Data Controller stores personal data for the following periods:
2.17.2 Data collected in the performance of a contract: 5 years from termination of the contract.
2.17.3 Invoicing-related data: at least 8 years as required by the Hungarian Accounting Act.
2.17.4 Data in a newsletter database: until the data subject withdraws their consent.
2.18.1 The Data Controller is obliged to keep records of all data protection incidents and, without undue delay, inform data subjects if the incident is likely to adversely affect their rights or freedoms.
2.18.2 Notification obligation
2.18.3 Informing data subjects:
• If the incident poses a high risk to the rights of data subjects, the Data Controller informs them directly.
• NAIH notification: the incident must be reported to NAIH no later than within 72 hours.
2.18.4 Rights of data subjects in the event of a data protection incident
Data subjects are entitled to:
• request information about the nature of the incident and the categories of data affected by the incident.
• lodge a complaint with NAIH or initiate court proceedings.
2.19.1 The data subject may file a complaint with the Data Controller or with NAIH. In the event of disputes related to data processing, court proceedings may also be initiated. More detailed information about submitting complaints is provided in Section 2.20.
Address: 1024 Budapest, Szilágyi Erzsébet fasor 22/C.
Phone: +36 (1) 391-1400
Email: ugyfelszolgalat@naih.hu
Website: https://naih.hu
The data subject may use the following legal remedies in relation to data processing:
2.20.1 Submitting a complaint to the Data Controller:
• The data subject may submit a complaint to the Data Controller via the following contact details:
Address: Madarász László, sole proprietor, as Technical Operator, 2040 Budaörs, Hajnal utca 4. Email: info@xhosting.hu
• Submitting a complaint to NAIH: the data subject may submit a complaint to NAIH if they consider the data processing practice to be inadequate. The Authority’s detailed contact details are provided in Section 2.19.1.
• Initiating court proceedings: the data subject is entitled to initiate court proceedings against the Data Controller if they believe that their rights have been violated in the course of data processing. In such cases, the competent court is, at the data subject’s choice, the court of the data subject’s place of residence or the court of the Data Controller’s registered office.
The operator and legal details of xHOSTING are published under the Legal Notice (Imprint) section.