Privacy Policy

This Privacy Policy explains how HostingX Solutions LLC ("Company", "we", "our") collects, uses, and protects data.

• Account Data: name, email, authentication identifiers.
• Platform Metadata: logs, usage metrics, API timings (limited presently).
• Customer Data: data you intentionally send to future platform features (none persisted yet beyond form submissions).
• Support Data: messages you send us.
• Consent & Preference Data: cookie and marketing choices.

Contract performance (core features), legitimate interests (security, service integrity), consent (marketing and non-essential cookies), and legal obligation (records, fraud prevention).

Currently we use personal data only to:

• respond to inquiries,
• record consent and unsubscribe events,
• maintain minimal security logs, and
• send requested communications.

Where we act as a processor (future pipeline features), we will only process per your documented instructions. Presently, no customer production data is ingested beyond forms.

No analytics, advertising, or marketing-tracking vendors are active on getfinops.cloud. Core infrastructure subprocessors for the public landing page:

• Amazon Web Services, Inc. (United States): static hosting (S3 + CloudFront, us-east-1), Route 53 DNS, contact-form compute (API Gateway + Lambda, us-east-1), inbound mail delivery (Amazon SES v2, us-east-1), and security logs (CloudWatch, us-east-1).

Any additional subprocessors for product features beyond the landing page will be listed here with at least thirty (30) days' notice before activation.

Encryption in transit (HTTPS), least-privilege internal access, periodic review of access logs. As the platform expands, we will publish a detailed security whitepaper.

Contact and consent records retained while necessary for proof of compliance (generally up to 24 months) unless earlier deletion is requested (subject to legal holds). Unsubscribe records retained to enforce suppression.

If data is transferred cross-border, we will implement appropriate safeguards (e.g., SCCs). Currently hosting is planned within reputable cloud regions.

You have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data, and to withdraw consent at any time. To exercise any of these rights, email privacy@hostingx.co.il — we reply within thirty (30) days. California residents have equivalent rights under the CCPA; we do not sell or share personal data as those terms are defined under California Civil Code § 1798.140.

getfinops.cloud does not deploy analytics, advertising, or marketing cookies, and does not use server-side session cookies. The only client-side storage we write is a single localStorage key, saas-theme, which records your light/dark-mode preference so it persists between visits. This is strictly necessary functional storage under Article 5(3) of the ePrivacy Directive and does not require consent. You can clear it any time via your browser's site-data controls.

Marketing emails only sent with prior opt-in; you may unsubscribe anytime. Transactional or security notifications (if any) are still sent when required.

We do not sell personal data. Any future subprocessors will be contractually bound to equivalent protections and listed prior to activation.

Not directed to children under 16. Contact us for prompt removal if such data is discovered.

Material updates announced via site notice or email with effective date.