IsnHosting Privacy Policy

Foreign invoice issued by a Canadian provider (IsnHosting). IsnHosting - Your project on the web

Privacy Policy

Last updated: January 17, 2026

Compliance Standards: PIPEDA (Canada), GDPR (EU), LFPDPPP (Mexico)

1. Introduction

isnhosting.net ("we", "us" or "our") is a global web hosting and server provider based in Canada. We operate under a "Privacy by Design" framework to protect personal information in compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the European General Data Protection Regulation  (GDPR), and Mexico's Federal Personal Data Protection Law (LFPDPPP).

2. Responsibility and contact information

We have appointed a Privacy Officer to oversee our global data protection practices.

  1. Corporate Headquarters: 41 Church St, Forest, Ontario, N0N 1J0, Canada
  2. Email: privacy@isnhosting.net
  3. Regional Support: Mexico Office (Technical and AI Support)

3. Data Residency and the "Munich Shield"

We prioritize data sovereignty.

  1. Main storage: All data hosted on the client (web files, SaaS databases, Linux containers, and Survey data) is stored exclusively on secure servers located in Munich, Germany.
  2. Legal framework: When hosting in Munich, your data is protected by the strict German Federal Data Protection Act (BDSG) and the GDPR. We do not store content hosted in our offices in Canada or Mexico.

4. AI Threading (OpenAI and Gemini)

When providing AI agent development and chatbots, we use OpenAI and Google Gemini as authorized subprocessors.

  1. Privacy Guarantee: We use Business/Professional API levels. Under these agreements, your data is not used to train these providers' public models.
  2. Data transit: Only the data required for a specific AI prompt is transmitted through encrypted tunnels for real-time processing.

5. International Data Transfers

Although the hosted data remains in Germany, our global team accesses the administrative metadata:

  1. Canada: Manages billing, legal compliance, and high-level administration.
  2. Mexico: Provides technical support and troubleshooting.
  3. Security: All cross-border access is done using encrypted VPN tunnels and is protected by Multi-Factor Authentication (MFA).

6. Information We Collect

  1. Account details: Name, business name and contact information.
  2. Financial data: Billing address and payment metadata (processed in CAD, USD, or MXN through PCI-compliant third parties).
  3. Technical data: IP addresses and server access logs for DDoS security and monitoring.

7. Data Retention

  1. Hosted data: Purged from the Munich servers within 30 days of account termination.
  2. Account Records: Retained for 7 years to meet Canada Revenue Agency (CRA) requirements.

8. Your Rights and Human Supervision

Under global privacy laws, you have the right to Access, Rectification, and Erasure. In addition, for AI-powered services, you have the right to request Human Oversight—a review by a staff member in Canada or Mexico of any automated decisions that significantly affect your account.

Top