How FranceVPS handles personal data — GDPR-compliant, French law applicable. Last updated: January 2026.
Last updated: January 15, 2026
FranceVPS SAS, registered at 15 rue de la Banque, 75002 Paris, France. SIRET 123 456 789 00012. We are the data controller for personal data collected through fra-vps.com and the customer dashboard.
We collect only what's necessary to provide the service and meet legal obligations:
Account data and payment data: contractual necessity (Article 6(1)(b) GDPR). Usage logs: legitimate interest (security, fraud prevention). Marketing: explicit opt-in only, withdrawable at any time.
All personal data is stored on servers physically located in France. We do not transfer personal data outside the EU. Subprocessors (Stripe for payments, Postmark for transactional email) are contractually bound to EU-only processing.
Under GDPR, you have rights to access, rectify, erase, restrict processing, data portability, and object to processing. Exercise any of these by emailing privacy@fra-vps.com. We respond within 30 days.
Account data: kept for the duration of the account, plus 5 years after closure (French commercial code requirement). Usage logs: 90 days. Support tickets: 3 years. Backups: 30 days rolling.
Data encrypted in transit (TLS 1.3) and at rest (AES-256). Access controlled via SSO with hardware 2FA for FranceVPS staff. ISO 27001 certified.
See our Cookie Policy.
If you believe we've mishandled your data, you have the right to file a complaint with the CNIL (French data protection authority): cnil.fr.
Data Protection Officer: dpo@fra-vps.com.