Privacy Policy
CIMHost ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit cimhost.com or use our Services. By using our Services, you consent to the practices described in this Policy.
1. Data We Collect
Information You Provide
- Account registration data: name, email address, billing address, phone number
- Payment information: processed securely by our payment partners — CIMHost does not store full card numbers
- Support communications: messages, tickets, and chat logs
- Domain registration data: registrant contact details as required by ICANN
Information Collected Automatically
- IP address, browser type, operating system, and referring URLs
- Pages visited, time spent, and clickstream data via server logs
- Cookies and similar tracking technologies (see Section 5)
Information from Third Parties
We may receive limited information from payment processors for fraud prevention and from domain registries for registration purposes.
2. How We Use Your Data
- To provision, manage, and support the Services you have purchased
- To process payments and send invoices and receipts
- To communicate service-related updates, maintenance notices, and security alerts
- To send marketing communications where you have provided explicit consent
- To comply with legal obligations under Singapore law and applicable regulations
- To detect, investigate, and prevent fraud, abuse, and security incidents
- To improve our website and Services through aggregated, anonymised analytics
3. Legal Basis for Processing
We process your personal data on the following bases under the Personal Data Protection Act 2012 (PDPA):
- Contractual necessity: to deliver the Services you have purchased
- Legitimate interests: fraud prevention, security, and service improvement
- Consent: for marketing communications and non-essential cookies
- Legal obligation: where required by Singapore law or a competent authority
4. Data Sharing and Disclosure
CIMHost does not sell, rent, or trade your personal data.
Service Delivery
We engage infrastructure and payment partners to deliver our Services. These partners process data only on our instructions and are bound by appropriate data protection obligations. Partner identities are kept confidential.
Legal Requirements
We may disclose your data to law enforcement, regulators, or courts where required by applicable law or to protect the rights, property, or safety of CIMHost, our customers, or the public.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to equivalent privacy protections.
5. Cookies
We use cookies and similar technologies to operate our website and improve your experience.
| Type | Purpose | Consent Required |
|---|---|---|
| Essential | Required for the website and client portal to function | No — cannot be disabled |
| Analytics | Help us understand how visitors use our website | Yes |
| Marketing | Used to deliver relevant communications | Yes |
You can manage cookie preferences through the consent banner on our website or your browser settings. Disabling non-essential cookies will not affect your ability to use our Services.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account plus 3 years after closure |
| Payment records | 7 years (Singapore financial regulations) |
| Support communications | 2 years |
| Server logs | 90 days |
7. International Data Transfers
CIMHost operates infrastructure in multiple regions globally. Your data may be processed on servers located outside Singapore. Where data is transferred internationally, we ensure appropriate safeguards are in place consistent with PDPA requirements.
Customers in the European Economic Area may request a GDPR Data Processing Addendum by contacting legal@cimhost.com.
8. Your Rights
Under the PDPA, you have the right to:
- Access personal data we hold about you
- Correct inaccurate or incomplete personal data
- Withdraw consent for marketing communications at any time
- Request deletion of your data, subject to legal retention requirements
To exercise any of these rights, contact us at legal@cimhost.com. We will respond within 30 days.
9. Security
We implement industry-standard technical and organisational measures to protect your personal data, including encrypted communications (HTTPS/TLS), access controls, and regular security reviews.
In the event of a data breach affecting your rights, we will notify you and the relevant authorities as required by applicable law.
10. Children
Our Services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, contact us at legal@cimhost.com.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting the updated Policy at cimhost.com/legal/privacy. Continued use of our Services after the effective date constitutes acceptance.
12. Contact
| Purpose | |
|---|---|
| Privacy enquiries & data subject requests | legal@cimhost.com |
| Abuse & DMCA notices | abuse@cimhost.com |