Legal

Privacy Policy

Last updated: March 10, 2026

1. Who we are

Hosti is operated by Webmethod, a company registered in the Netherlands (KVK 63314061, BTW-ID NL002401656B67). When this policy refers to "Hosti", "we", "us", or "our", it means Webmethod.

2. What data we collect

We collect the minimum data necessary to provide the service:

  • Account information — name, email address, and password when you register.
  • GitHub data — when you connect your GitHub account, we access your repository list, commit metadata, and webhook events. We do not store your source code.
  • Server connection details — SSH host, port, and authentication credentials you provide for your servers. These are stored encrypted at rest.
  • Usage data — deployment logs, build logs, and activity records generated by your use of the platform.
  • Payment information — if you subscribe to a paid plan, payment is processed by our payment provider. We do not store credit card numbers.

3. How we use your data

  • To provide, maintain, and improve the Hosti platform.
  • To build and deploy your applications as requested.
  • To communicate with you about your account, support requests, and service updates.
  • To comply with legal obligations.

We do not sell your personal data. We do not use your data for advertising.

4. Data storage and security

Your data is stored on servers within the European Union. Sensitive data such as SSH credentials and SSL certificates are encrypted at rest. We use industry-standard security measures to protect your data, including encrypted connections (TLS) for all communication with the platform.

5. Third-party services

We use the following third-party services to operate Hosti:

  • GitHub — for repository access, webhooks, and authentication.
  • GitHub Container Registry (GHCR) — for storing built Docker images.
  • Let's Encrypt — for provisioning SSL certificates.

Each of these services has their own privacy policy. We only share data with them as necessary to provide the service.

6. Your servers

Hosti connects to servers you provide via SSH. We execute commands on your servers solely to install blueprints, deploy your applications, and manage configurations you initiate through the platform. We do not access or modify anything on your servers outside of these operations. All commands executed are logged and visible to you in your dashboard.

7. Data retention

We retain your data for as long as your account is active. Build and deployment logs are retained for operational purposes. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

8. Your rights (GDPR)

As a Dutch company, we comply with the General Data Protection Regulation (GDPR). You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Object to or restrict processing of your data.
  • Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

To exercise any of these rights, contact us at the address below.

9. Cookies

Hosti uses only essential cookies required for authentication and session management. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

10. Changes to this policy

We may update this privacy policy from time to time. We will notify you of material changes by email or through the platform. Continued use of Hosti after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or to exercise your data rights:

Webmethod

KVK: 63314061

Email: [email protected]

Website: webmethod.nl