1. Scope of Application
This policy applies to the CALMVPS bare-metal server rental and related technical services we provide through the official website, customer console, ticketing system, API, email, and offline business communications. Unless otherwise stated in writing, this policy does not apply to products provided to you by third parties through our services or their independent privacy policies.
2. Information We Collect
To fulfill contracts, ensure account security, maintain service quality, and comply with applicable laws, we may collect the following types of information (subject to the features you actually use):
- Account & Identity Information:Name or organization name, email address, phone number, billing and tax information, login credentials, and security verification information.
- Transaction & Billing Information:Orders, subscription periods, transaction identifiers returned by payment channels, invoice details, and reconciliation records (payment processing may be handled by our payment partners and is subject to their terms).
- Service & Technical Logs:IP addresses, device and browser identifiers, access timestamps, API call logs, connection metadata for SSH/VNC and other remote sessions at the perimeter layer, bandwidth and resource usage statistics, and fault and performance telemetry data.
- Communications Content:Messages and attachments you send to us via tickets, email, or instant channels, used for issue resolution and service record retention.
- Information You Voluntarily Provide:For example, configuration descriptions, log excerpts, or screenshots provided in technical support scenarios (which may contain business data — please desensitize as appropriate).
To the extent necessary for our lawful operations, you acknowledge and agree that, unless otherwise mandated by law: we may process the above information through automated means, andwe cannot guarantee to assume all obligations equivalent to a "personal data controller" for user business data stored on server disks— data you independently store and process within your instance is your own responsibility to assess for compliance and security; we access such data only to the extent necessary to provide infrastructure services and fulfill legal obligations.
3. How We Use Information
We may use information for the following purposes:
- Entering into and fulfilling service contracts, provisioning and delivering bare-metal resources, billing and reconciliation;
- Verifying identity, detecting and preventing fraud, abuse, intrusions, and violations of acceptable use;
- Operations, monitoring, capacity planning, troubleshooting, and service improvements (including the use of aggregated or de-identified statistics);
- Complying with laws and regulations, responding to lawful requests from competent authorities, and supporting dispute resolution;
- Sending you product updates or marketing information with your separate consent or as permitted by applicable law (you may unsubscribe at any time).
4. Cookie and similar technologies
We use cookies, local storage, and similar technologies to maintain login sessions, remember preferences, and measure traffic and conversions. You may restrict cookies via browser settings, but certain features may not function properly.
5. Sharing, Transfer, and Public Disclosure
We do not sell your personal information to unrelated third parties. We may share or disclose information in the following circumstances:
- Service Providers and Subcontractors:Such as cloud data centers, payment processors, email delivery, customer support ticketing, monitoring and security vendors — who process data on our behalf within the scope of their contractual confidentiality and security obligations;
- Affiliates:For unified technical support and compliance management;
- Legal and Rights Protection:To comply with legal proceedings, enforce our terms and policies, protect the safety of users and the public, or protect our legitimate interests;
- Business Changes:In the event of a merger, split, acquisition, or asset sale involving a transfer of personal information, we will require the successor to remain bound by this policy or obtain fresh consent (except where legally exempt).
6. Cross-Border Transfers
Our infrastructure may be distributed across multiple countries or regions. To provide services to you, your information may be transferred abroad and processed by overseas entities. We will adopt necessary mechanisms in accordance with applicable law (such as standard contractual clauses, security assessments, or certification pathways) and require recipients to implement appropriate safeguards.
7. Retention Periods
We retain information for the period necessary to fulfill the purposes described in this policy, including any longer retention required by applicable accounting, tax, audit, and dispute resolution regulations. After lease termination, we may delete or anonymize instance-related connection metadata and copies within the scope permitted by backup and retention policies in accordance with theTerms of Serviceand our internal erasure processes, unless retention is required by law.
8. Security
We use industry-standard management and technical measures to protect information security. However, the internet is not absolutely secure, and you acknowledge that no system can guarantee zero risk.To the maximum extent permitted by law, we are not liable for leaks or losses caused by force majeure, third-party attacks, inadequate safeguarding on your part, or circumstances not attributable to our fault.
9. Your Rights
To the extent permitted by applicable law, you may exercise rights of access, correction, deletion, restriction of processing, objection to processing, data portability, and withdrawal of consent regarding your personal information. To protect security, we may require identity verification. We may refuse or charge reasonable costs (as permitted by law) for requests that are clearly repetitive, unfounded, or incompatible with service provision.
10. Minors
Our services are primarily intended for commercial users and professionals with full legal capacity. If you are under the applicable legal age, please use the service under the guidance of a guardian. If we discover that we have collected information from a minor without authorization, please contact us to have it deleted.
11. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices and recommend you review their policies before submitting any information.
12. Policy Updates
We may revise this policy from time to time. Updated versions will be published on the website with the effective date noted.If you continue to use the services after the update takes effect, you are deemed to have accepted the revised policy; if you do not agree, you should stop using the services.If a revision materially reduces your rights, we will take additional measures such as supplementary notice or obtaining consent as required by law.
13. Contact Us
To exercise your rights or if you have questions about this policy, please contact us via the console ticket system or the contact information published on our official website. We will respond within the timeframe required by applicable law.
Note: This policy is intended to clarify the rights and obligations of both parties. Mandatory provisions for consumers or employees in certain jurisdictions shall prevail within the applicable scope.