Loadingβ¦
Last updated:
Lyrebird Hosting is committed to protecting your data rights under the EU General Data Protection Regulation (GDPR). This page explains your rights and how to exercise them.
Lyrebird Hosting operates under Estonian law and complies fully with the EU General Data Protection Regulation (GDPR). Your data rights are important to us.
The General Data Protection Regulation (GDPR) is an EU law on data protection and privacy. It applies to all organisations that process personal data of individuals in the EU, regardless of where the organisation is located.
As a data controller, Lyrebird Hosting determines how and why your personal data is processed. We are registered as an OΓ (private limited company) in Estonia, an EU member state, and are fully subject to GDPR requirements.
Under the GDPR, if you are located in the European Economic Area (EEA), you have the following rights:
Right of Access (Art. 15)
You can request a copy of all personal data we hold about you.
β Email us at privacy@lyrebirdhosting.com or use /api/account/export
Right to Rectification (Art. 16)
You can correct inaccurate or incomplete personal data.
β Update in dashboard settings or contact us
Right to Erasure (Art. 17)
You can request deletion of your account and all associated data.
β Use account deletion in dashboard settings or contact us
Right to Data Portability (Art. 20)
Receive your data in a structured, machine-readable format (JSON).
β Use /dashboard/settings β Export Data
Right to Object (Art. 21)
Object to certain types of processing of your personal data.
β Contact us at privacy@lyrebirdhosting.com
Right to Restriction (Art. 18)
Request restriction of processing under certain circumstances.
β Contact us at privacy@lyrebirdhosting.com
We process your personal data under the following legal bases:
Contract Performance (Art. 6(1)(b))
Processing your email, payment information, and server data to fulfil your subscription contract.
Legal Obligation (Art. 6(1)(c))
Retaining financial records and invoices to comply with EU financial regulations.
Legitimate Interests (Art. 6(1)(f))
Security monitoring, fraud prevention, and abuse detection to protect our platform and users.
Consent (Art. 6(1)(a))
Cookie consent. You can withdraw consent at any time via your browser settings.
We primarily store data within the EU. Some of our third-party providers (Stripe, Supabase) may process data outside the EEA. Where this occurs, we ensure appropriate safeguards are in place:
Deleted within 30 days of account deletion request
Permanently deleted from all backups
Required by EU financial regulations
For security and abuse prevention purposes
You can exercise your GDPR rights through the following methods:
We will respond to all legitimate requests within 30 days. We may need to verify your identity before processing your request.
If you are unsatisfied with how we handle your personal data, you have the right to lodge a complaint with your local data protection authority.
As Lyrebird Hosting is registered in Estonia, the lead supervisory authority is:
For any GDPR-related requests or questions, please contact us:
Also read our Privacy Policy Β· Cookie Policy