The Importance of Data Security at Digi Company

At Digi Company, trading as Digi Hosting, we place great importance on protecting and respecting our customers' data. It is our responsibility to handle this data carefully and in accordance with applicable laws and regulations.

For more detailed information about the personal data that we process about you (contact information, billing information, etc.), please refer to our Privacy Policy.

I. Definition and Ownership of Customer Data.

1.1 Definition Customer Data Under Customer data means all data that the Customer places, publishes or generates on its assigned web space within the Digi Hosting platform. This includes emails, web pages, images, files and the contents of databases.

1.2 Property rights Customer retains full intellectual property rights in all Customer data and published content at all times. Digi Company claims no property rights to the data posted by the Customer himself. Templates and applications provided by Digi Company remain the property of Digi Company.

1.3 Legal Responsibility The Customer remains fully and exclusively legally responsible for all content hosted through its account.

II. Data management and AVG role

2.1 Processing Personal Data (AVG role). If Customer processes personal data of third parties (such as website visitors) through our Services, Customer acts as Controller And does Digi Company act as Data processor.

2.2 Processor agreement (VWO). Our Processor Agreement applies to all Customers who process personal data of third parties within the European Union through our Services. This agreement provides the legal basis for processing within our infrastructure.

• Notice: If you use our Services exclusively for personal or household purposes (Art. 2(2)(c) AVG), the General Data Protection Regulation (GDPR) does not apply and signing a Processor Agreement is not necessary.

2.3 Management of Contact Information To ensure continuity of service, the Customer is responsible for updating their contact information (name, address, email address) in a timely manner through the Customer Environment under the section Data Owner or similar.

III. Monitoring, Compliance and Intervention.

3.1 Passive Control Digi Company does not actively or pre-screen content posted by Customers, nor does it conduct any legal review.

3.2 Intervention based on Legal Frameworks Digi Company will intervene and take appropriate action in the following situations:

• Patently Illegal Content: In cases of obviously illegal, criminal or dangerous content, such as child pornography, phishing, or hosting servers that pose a threat to the stability of the network. In such cases, the competent authorities will be informed.

• Legal Binding Order: If Digi Company is required to do so by a legally binding order from a competent authority within the EU, or a valid order under applicable international law.

• Violation AUP: Upon violation of the Responsible Use Policy (AUP)., as described in Article 10 of the General Conditions.

IV. Security and Backup Policy (Aligned with T&C Art. 12).

4.1 Data center security Digi Company guarantees that its data center meets high security standards to ensure the physical and technical security of stored Customer Data. This includes access control and network security measures.

4.2 System backups (Disaster Recovery) All system proprietary data is backed up at regular intervals to an external location via a secure connection. This serves solely as a measure for Disaster Recovery of the hosting environment and the infrastructure as a whole in the event of a fatal system failure.

4.3 Customer Responsibility (Essential) Customer acknowledges that the System Backups (4.2) not serve as the primary backup facility for individual files or data recovery. In accordance with Article 12 of the General Conditions, the Customer is responsible for creating and managing its own backups. Digi Company is not liable for data loss unless otherwise agreed under a paid SLA.

4.4 Customer Responsibility (Access) The Customer is responsible for properly securing its access credentials and logging out after using the Customer Environment or the domain configuration screen to prevent unauthorized access to personal data.