KLYRONODES - PRIVACY POLICY

PRIVACY POLICY

Last Updated: May 24, 2026

Your privacy is paramount to us. This Privacy Policy details how KlyroNodes collects, handles, and protects your personal information in strict compliance with the General Data Protection Regulation (GDPR) (EU 2016/679) and the Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD).

1. Data Controller

The data controller responsible for your personal information is:

  • Legal Name: Yara Marín Mijangos
  • Brand Name: KlyroNodes
  • Country of Residence: La Rioja, Spain
  • Contact Email: info@klyronodes.com

2. Information We Collect

We practice data minimization and collect only the data strictly necessary to process your billing, secure your account, and deliver technical support:

  • Account Registration Data: First name, last name, email address, password (securely hashed), and IP address logs.
  • Billing Information: Billing address, country of residence, and transaction IDs provided by our payment gateways. We do not store or process raw credit card numbers, CVC codes, or PayPal login credentials on our servers.
  • Technical Server Data: Server logs, active players count, console outputs, and game files uploaded to the Pterodactyl/Calagopus panel.

3. Lawful Basis & Purpose of Data Processing

We process your personal information based on the following legal grounds:

  • Performance of a Contract: To manage your invoices, process payments securely, deploy your dockerized Minecraft containers, and communicate essential server status updates.
  • Legal Obligation: To comply with strict Spanish and European tax/accounting laws, including the generation and storage of legal invoices for self-employed commerce (Autónomos).
  • Legitimate Interest: To defend our infrastructure against fraudulent transactions, identify chargeback abuse, and mitigate DDoS attacks.

4. Data Sharing & International Transfers

We do not sell, rent, or trade your personal data. To deliver our services efficiently, we share strictly necessary data with trusted, GDPR-compliant third-party processors. Where data is transferred outside the EEA, it is protected under the EU-US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs):

  • OVH Groupe SA (France/Global): For hosting our core billing backend, control panels, databases, and physical game server infrastructure.
  • Payment Gateways (Stripe & PayPal): We utilize Stripe and PayPal to process all financial transactions securely. Billing data and IP addresses are passed directly to these processors via tokenized, encrypted channels. These gateways may use automated fraud detection systems (e.g., Stripe Radar) to prevent illegal transactions.
  • Backblaze, Inc. (USA): For storing encrypted, off-site compressed copies of server backups to prevent data loss.

5. Data Retention Periods

  • Active Accounts: Your personal data is kept as long as your account remains active and in good standing in our system.
  • Financial Records: Tax invoices, billing addresses, and transaction records will be securely stored for up to five (5) years to fulfill mandatory Spanish fiscal and accounting requirements.
  • Purged Game Files: Files belonging to cancelled or suspended services are permanently and irreversibly deleted from our NVMe drives within five (5) days of non-payment.

6. Cookies and Tracking

We use strictly necessary functional cookies to keep you logged into the Paymenter billing system and the Calagopus control panel. We do not use invasive third-party tracking cookies or marketing pixels without your explicit consent.

7. Your Rights (GDPR & LOPDGDD)

As a resident of the European Economic Area (EEA) or a user interacting with a Spanish commercial entity, you hold the following rights regarding your data:

  • Right of Access: You may request a copy of all personal data we store about you.
  • Right to Rectification: You may request the correction of inaccurate personal details via your billing profile.
  • Right to Erasure ("Right to be Forgotten"): You may request the total deletion of your account, provided there are no pending legal, fiscal, or chargeback-related retention obligations.
  • Right to Data Portability: You may request an export of your personal profile data in a structured, machine-readable format.
  • Right to Object: You may object to any automated processing or marketing communications.

To exercise any of these rights, please open a formal support ticket via your billing portal or contact us at info@klyronodes.com. You also retain the right to lodge a complaint with a supervisory authority, specifically the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD) at www.aepd.es.

8. Security Measures

We implement comprehensive industry-standard security protocols to protect your data. This includes full end-to-end SSL/TLS encryption for all domains (klyronodes.com, panel.*, ca-node1.klyronodes.com), strict SSH key authentication across all host nodes, completely isolated Docker container environments for each user, and real-time network activity logging to detect and block malicious breaches immediately.