Game Hosting
VPS
Company
Try Pyro

Privacy Policy

Effective Date: October 1, 2025
Last Updated: September 19, 2025

1. Introduction

Pyro Inc. ("Pyro," "we," "us," or "our") is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our cloud hosting services at pyro.host and related platforms.

Data Controller Information:

Pyro Inc. 1604 Philadelphia Pike, Apt. 63 Wilmington, DE 19809 United States

Email: legal@pyro.host

2. Scope and Application

This Privacy Policy applies to all Pyro services, including multiplayer server hosting, Virtual Private Servers (VPS), web hosting, database hosting, and related management interfaces. It covers both our website and service platforms. By using our services, you consent to the data practices described in this policy.

3. Information We Collect

3.1 Information You Provide Directly

Account Information:

  • Email address, username, and chosen password
  • Contact information including name, billing address, and phone number
  • Payment information processed by Stripe and PayPal (we do not store complete payment card details)
  • Communication preferences and account settings

Identity Verification:

  • For users under 18: parental consent documentation including guardian signatures and contact information
  • For business accounts: tax identification numbers and business verification documents
  • Government-issued identification when required for compliance purposes

Service Configuration Data:

  • Server configurations, custom settings, and user preferences
  • Support tickets, chat logs, and communications with our team
  • User-generated content uploaded to your hosted services

3.2 Information Collected Automatically

Service Usage Data:

  • Server performance metrics, resource utilization patterns, and access logs
  • Application usage statistics, connection data, and performance metrics
  • API usage patterns, system interactions, and service optimization data
  • Service uptime monitoring and availability metrics

Device and Connection Information:

  • IP addresses, browser type and version, operating system, and device identifiers
  • Connection timestamps, session duration, and approximate geographic location
  • Referral sources, page navigation patterns, and feature usage analytics
  • Network diagnostic information and connectivity quality metrics

Cookies and Tracking Technologies:

  • Essential cookies for authentication, session management, and security
  • Analytics cookies via Google Analytics and PostHog for usage insights
  • Advertising cookies through Google Ads for marketing optimization
  • Preference cookies for interface customization and user settings

3.3 Information from Third Parties

  • Payment processing data from Stripe and PayPal for transaction handling
  • Security monitoring data from our infrastructure partners and DDoS protection services
  • Datacenter access logs and facility security information from hosting providers
  • Identity verification information from compliance and fraud prevention services

4. Legal Basis for Processing (GDPR Article 6)

For users in the European Economic Area, United Kingdom, and Switzerland, we process personal data based on the following legal grounds:

Contract Performance (Article 6(1)(b)):

  • Providing hosting services, account management, and customer support
  • Processing payments, billing operations, and subscription management
  • Service delivery, maintenance, and technical support

Legitimate Interests (Article 6(1)(f)):

  • Security monitoring, fraud prevention, and abuse detection
  • Service improvement, analytics, and performance optimization
  • Direct marketing communications (with opt-out rights available)
  • Business operations, financial management, and legal compliance

Legal Obligations (Article 6(1)(c)):

  • Tax compliance, accounting requirements, and financial reporting
  • Data protection law compliance and regulatory obligations
  • Responding to legal process, government requests, and law enforcement

Consent (Article 6(1)(a)):

  • Non-essential cookies, marketing analytics, and targeted advertising
  • Marketing communications where required by applicable law
  • Processing of special categories of data with explicit consent

5. How We Use Your Information

5.1 Service Provision and Management

  • Creating, managing, and securing your account and services
  • Providing, maintaining, and improving our hosting infrastructure
  • Processing payments, managing billing, and handling subscription changes
  • Delivering customer support, technical assistance, and account communications

5.2 Security and Compliance

  • Monitoring for security threats, unauthorized access, and fraudulent activity
  • Implementing access controls, authentication measures, and data protection
  • Complying with legal obligations, regulatory requirements, and industry standards
  • Enforcing our Terms of Service, Acceptable Use Policy, and community guidelines

5.3 Analytics and Service Improvement

  • Analyzing usage patterns, performance metrics, and user behavior
  • Conducting research and development for new features and capabilities
  • Optimizing infrastructure performance, reliability, and user experience
  • Understanding customer needs, preferences, and satisfaction levels

5.4 Communication and Marketing

  • Sending service notifications, maintenance alerts, and account communications
  • Providing customer support, technical guidance, and educational resources
  • Sharing product updates, feature announcements, and promotional offers (with consent)
  • Conducting surveys, collecting feedback, and responding to inquiries

6. Information Sharing and Disclosure

6.1 Service Providers and Partners

We share information with trusted third parties who assist in service delivery:

Payment Processors: Stripe and PayPal for secure payment processing and fraud prevention
Analytics Providers: Google Analytics and PostHog for usage analytics and service optimization
Security Partners: TCPShield and other DDoS protection providers when advanced mitigation is needed
Infrastructure Partners: Datacenter operators for physical security, connectivity, and facility management
Communication Services: Email and messaging providers for customer communications and support

All third-party processors are contractually bound to protect your information and use it only for specified purposes under data processing agreements.

6.2 Legal Requirements and Protection

We may disclose information when required by law or to protect legitimate interests:

  • Compliance with legal process, court orders, subpoenas, and government requests
  • Protection of our rights, property, and safety, and that of our users and the public
  • Prevention and investigation of fraud, security threats, and illegal activities
  • Enforcement of our agreements, policies, and terms of service

6.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of any such transfer and ensure continued protection under this Privacy Policy or a successor policy with equivalent protections.

6.4 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for business purposes, research, or industry analysis.

6.5 No Sale of Personal Information

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We do not engage in data brokerage or similar commercial data sharing practices.

7. Data Storage and Security

7.1 Data Centers and Infrastructure

Your data is stored on Pyro-operated servers in our data centers located in:

  • Dallas, Texas, USA
  • Chicago, Illinois, USA
  • Seattle, Washington, USA
  • Amsterdam, Netherlands

You may select your preferred data center location during service setup to minimize latency and meet data localization requirements.

7.2 Security Measures

We implement comprehensive security controls including:

  • Encryption of data in transit using TLS 1.3 and at rest using AES-256 encryption
  • Multi-factor authentication and role-based access controls for administrative systems
  • Regular security assessments, penetration testing, and vulnerability management
  • DDoS protection, network monitoring, and intrusion detection systems
  • Physical security controls and environmental monitoring at datacenter facilities
  • Employee background checks, security training, and access management

7.3 Data Retention

Service Data: Deleted within six (6) months after service termination, unless earlier deletion is requested
Analytics Data: Retained for twelve (12) months, then anonymized for statistical analysis
Account Data: Core account information retained as required by tax, accounting, and regulatory obligations
Fraud Prevention: Certain data may be retained longer in anonymized form for fraud prevention and security
Legal Obligations: Data may be retained longer when required by applicable law, legal process, or regulatory requirements

You may request immediate data deletion by submitting a ticket at portal.pyro.host or emailing support@pyro.host, subject to legal and regulatory retention requirements.

8. Your Privacy Rights

8.1 Universal Rights

You have the right to:

  • Access and review your personal information through your account dashboard
  • Update, correct, and modify inaccurate or incomplete information
  • Export your data in machine-readable formats for portability
  • Manage cookie preferences through your browser settings
  • Opt out of marketing communications via unsubscribe links or account preferences

8.2 GDPR Rights (EU/UK/Swiss Residents)

Under the General Data Protection Regulation, you have additional rights:

Right of Access: Request copies of your personal data and information about our processing activities Right to Rectification: Correct inaccurate or incomplete personal information Right to Erasure: Request deletion of your personal data ("right to be forgotten") Right to Restrict Processing: Limit how we process your data under certain circumstances Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format Right to Object: Object to processing based on legitimate interests or for direct marketing purposes Right to Withdraw Consent: Withdraw consent for processing based on consent at any time

Unmanaged Service Limitations: As an unmanaged infrastructure provider, our access to customer data is limited to legitimate support, security, system administration, and maintenance purposes. We do not provide managed data services. Data portability and access requests may require customer cooperation to access data stored on customer-controlled systems.

To exercise these rights, contact legal@pyro.host. We will respond within one month and may request verification of your identity.

8.3 California Privacy Rights (CCPA/CPRA)

California residents have specific rights under the California Consumer Privacy Act:

Right to Know: Request information about the categories and specific pieces of personal information we collect, use, and share
Right to Delete: Request deletion of personal information, subject to certain legal and operational exceptions
Right to Correct: Request correction of inaccurate personal information in our records
Right to Opt-Out: We do not sell personal information, but you can opt out if our practices change
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Right to Limit Sensitive Personal Information: Request limitations on the use of sensitive personal information

8.4 Other State Privacy Rights

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights to access, delete, correct, and opt out of certain data processing activities.

8.5 Data Protection Officer

For GDPR-related inquiries and data protection matters, contact our Data Protection Officer at legal@pyro.host.

8.6 Supervisory Authority

EU residents may lodge complaints with their local data protection authority if privacy concerns are not adequately addressed through our internal processes.

9. International Data Transfers

9.1 Cross-Border Processing

Data may be transferred to and processed in countries other than your residence. We ensure appropriate safeguards for international transfers through:

  • European Commission adequacy decisions, including the EU-US Data Privacy Framework
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules and other legally approved transfer mechanisms
  • Technical and organizational measures to ensure data protection during transfers

9.2 Transfer Impact Assessments

For transfers to countries without adequacy decisions, we conduct Transfer Impact Assessments to evaluate and mitigate potential risks to data protection rights.

9.3 US Government Access

As a US company, we may be subject to US government data access requests under laws such as the USA PATRIOT Act and Foreign Intelligence Surveillance Act. We will resist overbroad requests and notify users when legally permitted.

10. Children's Privacy

10.1 Age Requirements

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent as required by the Children's Online Privacy Protection Act (COPPA).

10.2 Parental Consent (Ages 13-17)

For users between 13-17, we require written parental consent. Parents and guardians may:

  • Review their child's personal information and account activity
  • Request modification, correction, or deletion of information
  • Refuse further collection or use of their child's information
  • Withdraw consent at any time by contacting support

10.3 Parental Rights and Controls

Parents have the right to review information collected from their children, request deletion, and control future collection. We provide parents with direct access to their child's account information and the ability to manage privacy settings.

11. Cookies and Tracking Technologies

11.1 Types of Cookies and Tracking Technologies

Strictly Necessary: Authentication, session management, security features, and fraud prevention
Performance and Analytics: Google Analytics and PostHog for website and service usage analysis
Marketing and Advertising: Google Ads for advertising performance measurement and remarketing campaigns
Functional and Preferences: User interface customization, settings storage, and feature preferences
Security and Anti-Fraud: Bot detection, spam prevention, and security monitoring

11.2 Cookie Management and Control

You can control cookies and tracking through:

  • Browser settings to block, delete, or restrict cookies and tracking technologies
  • Our cookie preference center available on our website and in account settings
  • Third-party opt-out tools and privacy controls:
    • Google Analytics Opt-out Browser Add-on
    • Google Ads Settings and personalization controls
    • PostHog privacy settings and opt-out mechanisms

11.3 Impact of Cookie Settings

Disabling essential cookies may affect website functionality, account access, and your ability to use certain features of our services. Analytics and marketing cookies can be disabled without affecting core service functionality.

11.4 Do Not Track Signals

We do not currently respond to Do Not Track signals, but you can manage tracking preferences through the methods described above and in your browser settings.

12. Third-Party Services and Integrations

12.1 External Links and Services

Our services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to third parties. We encourage you to review their privacy policies before providing information or using their services.

12.2 Third-Party Privacy Policies

Key third-party services and their privacy policies:

  • Stripe: Stripe Privacy Policy
  • PayPal: PayPal Privacy Statement
  • Google Analytics: Google Privacy Policy
  • PostHog: PostHog Privacy Policy
  • TCPShield: TCPShield Privacy Policy

12.3 Integration Responsibilities

When you integrate third-party services with our platform, you are responsible for reviewing and complying with their privacy policies and terms of service.

13. Business Communications

13.1 Transactional Communications

We send service-related communications including:

  • Account notifications, security alerts, and authentication messages
  • Billing statements, payment confirmations, and subscription changes
  • Service updates, maintenance notifications, and system status alerts
  • Policy changes, legal notices, and important account information

These communications are necessary for service provision and cannot be opted out while maintaining an active account.

13.2 Marketing Communications

With your consent or where permitted by law, we may send:

  • Product announcements, feature updates, and service enhancements
  • Educational content, best practices guides, and technical resources
  • Promotional offers, discounts, and special programs
  • Industry news, insights, and community updates

You can opt out of marketing communications at any time via unsubscribe links, account settings, or by contacting support.

14. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours where required by law
  • Inform affected users without undue delay when required by applicable regulations
  • Provide clear, transparent information about the nature, scope, and impact of the breach
  • Explain steps taken to address the breach, mitigate harm, and prevent recurrence
  • Offer guidance on protective measures you can take to reduce potential impact

15. Privacy by Design and Data Minimization

15.1 Privacy by Design Principles

We implement privacy by design throughout our services by:

  • Building privacy protections into our systems and processes from the ground up
  • Making privacy the default setting for all services and features
  • Embedding privacy considerations into our business practices and decision-making
  • Ensuring end-to-end security and data protection throughout the data lifecycle

15.2 Data Minimization Practices

We practice data minimization by:

  • Collecting only personal data that is necessary for specified, legitimate purposes
  • Limiting data retention to the minimum period necessary for our purposes
  • Regularly reviewing and purging unnecessary or outdated personal data
  • Implementing automated deletion procedures where appropriate

16. Privacy Policy Updates and Changes

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, business operations, or technology. Material changes will be communicated via:

  • Email notifications to your registered address with at least 30 days advance notice
  • Prominent notices on our website and service platforms
  • Updates to the "Last Updated" date and change logs in this policy
  • In-app notifications for significant changes affecting your rights

Continued use of our services after changes become effective constitutes acceptance of the updated policy.

17. Contact Information and Data Protection

For privacy-related inquiries, requests, or concerns:

General Privacy Questions: legal@pyro.host
Data Subject Rights Requests: legal@pyro.host
Data Protection Officer: legal@pyro.host
Security Incidents: Submit tickets at portal.pyro.host or email support@pyro.host Customer Support: Submit tickets at portal.pyro.host or email support@pyro.host

Mailing Address:
Pyro Inc.
Attention: Privacy Team
1604 Philadelphia Pike, Apt. 63
Wilmington, DE 19809
United States

Response Times: We respond to privacy inquiries within 5 business days and complete data subject rights requests within 30 days (or as required by applicable law). For complex requests, we may extend the response period by an additional 60 days with notification and explanation.

This Privacy Policy is effective as of the date listed above and governs our collection, use, and protection of information across all Pyro platforms and services.

Contents

Our Platform

  • Virtual Private Servers
  • Game Server Hosting

Support & Community

  • Submit a Support Ticket
  • Email Our Team
  • Join Our Community

Company

  • About Pyro
  • Brand Guidelines
  • Engineering Blog
  • Infrastructure Monitoring

Legal & Policies

  • Terms of Service
  • Privacy Policy
  • Acceptable Use Policy
  • Service Level Agreement

Get in Touch

1-888-909-PYRO
Toll-free support • 9am-5pm EST
Pyro Inc.
1604 Philadelphia Pike, Apt. 63
Wilmington, DE 19809
United States

© 2025 Pyro Inc. • AS401839

© 2025 Pyro Inc. • AS401839