Get Started
Legal

Privacy Policy

Last updated May 19, 2026. This policy explains what we collect, why we collect it, and what control you have over it.

1. Overview

This Privacy Policy explains how Corenzy ("Corenzy", "we", "us") handles personal information when you visit corenzy.com, register an account, or use our virtual server, web hosting, dedicated server and related services (the "Services").

We try to collect only what we genuinely need to run the Services, keep your account secure, and meet our legal obligations. By using the Services you agree to the practices described here. If you do not agree, please do not use the Services.

2. Information we collect

We collect two broad kinds of information.

Information you give us. When you create an account or place an order we ask for your first and last name, email address, phone number, postal address, country, date of birth, and, if you register as a business, your company name and tax identifier where applicable. When you contact support we keep the messages, attachments and screenshots you send so we can help you and refer back to the conversation later.

Information collected automatically. When you visit the site or use the customer panel we receive your IP address, approximate location derived from that IP, the user agent and language reported by your browser, the pages you view, the actions you take in the panel, and timestamps. We also collect technical information about your servers when you ask us to (for example disk and bandwidth statistics surfaced inside the panel).

If you log in with a third party (for example Discord during sign-in), we receive only the basic profile information that service exposes to confirm the link, never your password with that service.

3. How we use information

We use the information we collect to:

  • create and operate your account, deliver the Services you ordered, and provide customer support;
  • process payments, send invoices and other transactional messages, and manage renewals;
  • keep the Services secure, detect and prevent fraud, abuse and unauthorised access;
  • comply with legal obligations (for example tax, accounting and lawful requests from authorities);
  • improve the Services, fix bugs and plan capacity, based on aggregated usage trends;
  • send service announcements and, only with your opt-in where required, occasional product news. You can opt out of optional emails from your panel settings or via the unsubscribe link.

4. Payment processing

Online card payments are processed by Stripe, our PCI-compliant payment provider. Your full card number, expiry and CVV are entered directly into Stripe's hosted forms and are never stored on Corenzy servers. We receive only a token, the last four digits, the card brand and an outcome (success or decline) so we can attach the payment to your invoice and show it in your billing history.

If you pay by bank transfer or a local gateway, we receive the bank reference and amount your payment provider sends us. We use it solely to match the payment to your invoice.

5. Fraud prevention

To keep customer accounts safe and stop abuse of our network, we run automated checks on sign-ups, logins and orders. These checks (collectively the "Akena" system) score the request based on signals such as the IP address, network/ASN reputation, geographic consistency, device characteristics, behavioural patterns inside the panel, and previous activity on the account.

A low score lets the request continue without friction. A higher score may trigger additional verification (for example an email or phone confirmation), a temporary hold while a human reviews the order, or, in clear-cut cases, a refusal to provide the Service. We log the score and the signals that produced it so we can review decisions and improve the model.

Fraud-prevention data is kept separately from your marketing profile and is used only for security and abuse prevention.

6. Sharing & processors

We do not sell or rent your personal information. We share data only with the service providers we need to deliver the Services, and only the minimum required for them to do their job.

Categories of processors we currently use include payment providers (Stripe and, where enabled, local gateways), our billing platform (WHMCS), our email-delivery provider, our IP-geolocation provider for fraud signals, our customer-support tooling, and our datacentre and infrastructure operators where your servers physically run. Each is bound by a written agreement to process data only on our instructions and to keep it secure.

We may also disclose information when we are legally required to (court order, lawful request from authorities, defending legal claims) or when necessary to protect the rights, safety and property of Corenzy, our customers or the public.

7. Cookies & similar technologies

We use cookies and similar local storage entries to keep you signed in, remember your language and preferences, and protect the panel from automated abuse. These are essential cookies set by Corenzy on its own domains.

We also use a small number of analytics cookies to understand how the marketing site is used in aggregate (for example which pages people read before signing up). You can clear or block cookies from your browser at any time; doing so may sign you out and reduce some panel features.

8. Data security

We take reasonable technical and organisational measures to protect the information we hold: transport encryption (HTTPS/TLS) for all panel traffic, encryption at rest where the underlying storage supports it, hashed passwords (we never see your password in clear), restricted production access for staff, audit logs, and routine patching of our infrastructure.

No system on the public internet is ever fully immune. If a security incident were to materially affect your data we will notify you, and the relevant authority where required by law, within the timeframes the law sets.

9. Data retention

We keep account data for as long as you have an account with us, and for a reasonable period after closure so we can finish billing, respond to disputes, and meet our tax and accounting obligations (typically a number of years, set by local law). Server contents that you store on the Services are kept while the Service is active; they are deleted after the cancellation grace period stated on the product page.

Operational logs (access logs, security logs, fraud signals) are kept on a rolling basis for the period needed to investigate incidents, then deleted or aggregated.

10. Your rights

Depending on where you live, you may have the right to: access the personal information we hold about you; correct inaccurate or outdated information; request deletion; object to or restrict certain processing; receive your data in a portable form; and lodge a complaint with the data-protection authority in your country.

You can exercise most of these rights directly from your account profile, or by emailing [email protected]. We may need to verify your identity before we act on a request, and some data may need to be retained to meet legal obligations (for example invoices for tax records).

11. International transfers

Our team, infrastructure and processors are spread across more than one country. When personal information moves across borders we rely on the safeguards required by applicable law (for example standard contractual clauses) to keep the protections in place wherever your data is processed.

12. Changes to this policy

We may update this Privacy Policy as our Services and the regulatory landscape evolve. The updated version will be posted here with a new "last updated" date, and we will announce material changes by email or in the customer panel a reasonable time before they take effect.

13. Contact

Privacy questions, security reports, and other privacy-related requests: [email protected]. You can also reach our team through the contact page.