Privacy Policy

Introduction

This Privacy Policy (“Policy”) describes how Exact Technologies Limited, operating under the brand name eXact Digital (“eXact Digital,” “we,” “us,” or “our”), collects, uses, discloses, and protects your personal data when you access our website https://exact.gg, use our hosting services, register for an account, or otherwise interact with our products, services, or communications. This Policy also explains your privacy rights and how we comply with the UK Data Protection Act 2018, the EU General Data Protection Regulation (GDPR), and, where applicable, the California Consumer Privacy Act (CCPA) and other global privacy frameworks.

1. Introduction & Entity Details

eXact Digital is a global hosting company headquartered in the United Kingdom and operated by:

Exact Technologies Limited
Business website: https://exact.gg
Contact: [email protected]

We act as the data controller for all personal data we collect from you as a customer, visitor, or user of our services, unless otherwise stated (for example, when acting as a domain registrar’s data processor for WHOIS data).

2. Purpose of This Policy

This Policy applies to customers using our hosting, domain, VPS, email, and website services; visitors to our website and subdomains; users on free or promotional plans and reseller-affiliated users; and individuals communicating with us via support tickets, email, or chat. It does not cover third‑party websites or services you may access through our platform, which are governed by their own privacy terms.

3. Scope of Applicability

This Policy applies globally, but certain rights and disclosures may vary depending on your location (e.g., UK/EU GDPR and California CCPA). Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from children.

4. Our Commitment to Data Protection

We process personal data lawfully, fairly, and transparently; collect only what we need; keep data accurate and secure for the necessary retention period; allow users to exercise their rights; and ensure data is not shared, sold, or transferred without legal justification. We use appropriate technical and organizational measures such as encryption, secure authentication, role-based access controls, and data minimization.

5. Legal Bases for Processing

• Contractual necessity: Provisioning services, account creation, billing, and support.
• Legitimate interests: Fraud detection, analytics, optimization, and security without overriding your rights.
• Consent: Non‑essential cookies, marketing communications, or optional data collection (withdrawable at any time by emailing [email protected]).
• Legal obligation: Compliance with tax, anti‑money‑laundering rules, and ICANN/WHOIS requirements.

6. Account and Identity Information We Collect

When you create an account or purchase a service, we collect: name, email address, password; phone number, billing address, country, city/postcode; language preferences and business type (where applicable); and promo code/referral information. We do not collect national ID numbers or sensitive personal data unless required for compliance.

7. Service Use & Technical Data

We automatically collect IP and browser details, device/OS, session logs, login timestamps, pages viewed and features used, bandwidth/CPU/disk usage (for VPS/hosting), error logs, and control panel actions to deliver services, secure systems, prevent abuse, and improve performance. Standard web hosting accounts are backed up regularly as a complimentary service, but users should maintain independent backups.

8. Payment and Transaction Data

We collect payment status, invoices, transaction identifiers, currency, subscription type, and partial card metadata (e.g., last four digits). Full card data is never stored by us and is handled by secure processors (e.g., Stripe, PayPal, crypto gateways). Limited metadata is retained for invoicing, compliance, and dispute handling. Crypto payments are non‑refundable.

9. Communications and Support Logs

We collect your contact email/IP, timestamps, conversation content, and support metadata to track and resolve issues, maintain records, respond to future queries, and enforce our Terms. Data is stored securely with restricted access. You may request deletion of non‑critical communications via [email protected].

10. Cookies and Tracking Technologies

a) Essential Cookies

Required for login, session persistence, fraud prevention, and account access.

b) Performance & Analytics

We use Cloudflare analytics and diagnostic scripts that may store non‑personal insights locally in your browser. Advanced cookies are not transmitted to third parties unless essential for functionality. You can control non‑essential cookie behavior via your browser or our cookie banner.

c) Fraud & Abuse Detection

A third‑party anti‑fraud provider may analyze behavioral patterns, device fingerprints, and geolocation to flag suspicious activity. Refusing essential cookies may impact functionality.

11. Anti‑Fraud and Risk Screening

We use a dedicated anti‑fraud system (e.g., Sensfrx or similar) that may process device/browser fingerprint data, IP reputation and VPN/proxy use, behavioral patterns, and limited network data to flag high‑risk signups or transactions. The provider acts as an independent processor and does not use data for unrelated profiling.

12. Domain WHOIS Data

For domain registrations we must collect and share WHOIS details (registrant, contact info, address, technical/admin contacts) as required by ICANN and registries. Some ccTLDs limit public exposure by law. Processing is based on legal obligation and contractual necessity.

13. Free Plans, Promotions, and Usage Tracking

If you use eXact Lite or promo codes (e.g., FREEMONTH), we may collect referral/partner attribution, signup timestamps and IPs, promo usage frequency, and free‑tier usage metrics (bandwidth, storage, login frequency) to prevent abuse, enforce fair use, and improve plan design. We do not sell or profile free‑plan users.

14. How We Use Your Personal Information

• Deliver services (hosting, domains, SSL, technical access) and manage accounts.
• Process transactions and billing, renewals, and payment status.
• Protect our platform (abuse prevention, fraud mitigation, access control).
• Improve products via diagnostics and usage analysis.
• Communicate service alerts, updates, maintenance, and security notices.
• Fulfill legal and regulatory obligations (tax, ICANN compliance, fraud reporting).
• Enforce our Terms of Service and conduct usage audits.
• Conduct internal analytics and support reseller rebranding tools without impersonation of eXact Digital.

15. Marketing Communications and Your Choices

With your consent or where permitted by law, we may send marketing via email newsletters, in‑app messages, SMS/WhatsApp (if opted‑in), and Discord. Opt out at any time via the unsubscribe link, account preferences, or by emailing [email protected] with subject “OPT OUT”. Essential service notices will still be sent.

16. Third‑Party Services and Data Sharing

We share data only as necessary to deliver Services, comply with law, and maintain infrastructure. Typical providers include Cloudflare (DNS/CDN/analytics), payment processors (Stripe, PayPal, crypto), anti‑fraud vendors, transactional email/CRM tools, and domain registries/WHOIS. Providers are contractually bound to process data on our instructions, secure it appropriately, and not use it for their own marketing.

17. International Data Transfers

Your data may be transferred outside the UK/EEA. We rely on adequacy decisions, Standard Contractual Clauses, binding corporate rules, or explicit consent, as appropriate. Some providers may operate in the US or Asia and are contractually committed to GDPR‑equivalent protections. You may request details of transfer mechanisms via [email protected].

18. Legal Disclosures and Law Enforcement Requests

We may disclose data if required by law, to enforce our Terms, respond to abuse/copyright notices, detect/prevent fraud or security issues, or protect rights, property, or safety. Requests must be legally valid under UK law, narrowly scoped, and (where permitted) we will notify the affected user. We do not provide bulk or proactive surveillance access.

19. Your Rights Under Data Protection Law

• Access, rectification, erasure, restriction, and portability rights.
• Right to object to processing based on legitimate interests or for direct marketing.
• Right not to be subject to automated decisions, where applicable.

To exercise your rights, email [email protected] with subject “DATA RIGHTS REQUEST”. We may request proof of identity.

20. Consent Management and Opt‑Outs

Manage consent for marketing, non‑essential cookies, optional features (promo tracking/affiliate attribution), and public WHOIS exposure. Withdraw consent via account settings, browser controls, or by emailing [email protected]. Some features may be unavailable without essential processing.

21. Account Deletion and Data Retention

Request permanent account deletion from your Account settings or by emailing [email protected] with subject “ACCOUNT DELETION”. Upon deletion, services terminate and data is anonymized, redacted, or deleted from active systems within 30 days (unless law requires longer). Backup deletion occurs within 90 days.

We may retain limited data for legal compliance (e.g., tax records, WHOIS logs), fraud prevention, contract enforcement, dispute resolution, and security logging.

22. Children’s Privacy

Our services are intended for users aged 18+. We do not knowingly collect personal data from anyone under 18. If we learn that a child has submitted data without verified parental consent, we will promptly delete it. Contact [email protected] if you believe a minor has provided data.

23. Security Measures

We protect personal data with HTTPS/TLS encryption, 2FA for admin accounts, role‑based access control, IDS/firewalls, and regular security scans and audits. While we strive for strong security, no method is 100% secure. Users must safeguard credentials and contact [email protected] if compromise is suspected.

24. Changes to This Policy

We may update this Policy to reflect changes in practices, law, technologies, or integrations. Material changes will be notified via email (where available), on‑site announcements, and by updating the “Last Updated” date. Continued use after updates constitutes acceptance; you may terminate your account if you disagree.

25. How to Contact Us

Data Protection Officer
Exact Technologies Limited
Email: [email protected]

For legal notices (privacy, abuse, legal): [email protected] — subject: “PRIVACY POLICY – LEGAL REQUEST”. We aim to respond to verified requests within 30 days.

26. Data Controller Information

Unless stated otherwise, the data controller is Exact Technologies Limited, a UK private limited company trading as eXact Digital. Jurisdiction: England and Wales. Website: https://exact.gg.

27. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of England and Wales. Disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales, unless applicable privacy law mandates otherwise.

28. Support Channels

• Ticket submissions via the client portal at https://exact.gg
• Email correspondence via [email protected]
• Live chat via our website (when available)
• Discord (available to all users)

We assist with general inquiries, technical issues, billing, abuse reports, and privacy-related requests. We aim to respond promptly, prioritizing urgent or service-impacting matters.