SUZKO Logo
Pricing

Hosting

Web Hosting

Fast & reliable hosting for your websites and apps

Business Hosting

Enterprise-grade hosting with priority support

Game Server Hosting

Low-latency servers optimized for gaming

Domains

Domain Registration

Find and register your perfect domain name

NameLab

AI-powered domain name suggestions

Services

Web Design

Professional web design for your community or business

Graphic Design

Leave lasting impressions and build brand trust online

Nonprofit Services

Free web development & graphic design for 501(c)(3) organizations

NordVPN

Get industry leading VPN service and save some money!

Learn More

About Us

Learn about our mission and the team behind SUZKO

Contact Us

Get in touch with our support and sales teams

Knowledge Base

Tutorials, guides, and documentation

Affiliates

Earn money by referring customers to SUZKO

Preferences

Language
Currency
Theme
SUZKO Logo

Your Cart

Your cart is empty

Add products or domains to get started

Browse PricingFind Domains

Data Processing Agreement

Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Suzko, LLC ("Processor," "we," "us," or "our") and the customer ("Controller," "you," or "your") and governs the processing of personal data by us on your behalf.

This DPA applies where we process personal data on behalf of our customers in connection with the provision of our hosting services and is designed to meet the requirements of the EU General Data Protection Regulation (GDPR), UK GDPR, and other applicable data protection laws.

1. Definitions

  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processing" means any operation performed on personal data, including collection, storage, modification, transmission, and deletion.
  • "Data Subject" means the individual to whom the personal data relates.
  • "Sub-processor" means any third party engaged by us to process personal data on your behalf.
  • "Data Protection Laws" means all applicable laws relating to data protection and privacy, including GDPR, UK GDPR, CCPA, and other relevant regulations.

2. Scope and Purpose of Processing

2.1 Subject Matter

We will process personal data only as necessary to provide the hosting services you have purchased, including:

  • Web hosting and server infrastructure
  • Data storage and backup services
  • Email hosting and delivery
  • Database hosting
  • Technical support services

2.2 Duration

Processing will continue for the duration of your service agreement with us, plus any retention period required by law or as specified in our Privacy Policy.

2.3 Types of Personal Data

The types of personal data processed depend on your use of our services and may include:

  • Names and contact information
  • Account credentials
  • Email addresses and communications
  • IP addresses and access logs
  • Any personal data you or your end users store on our servers

2.4 Categories of Data Subjects

Data subjects may include:

  • Your customers and end users
  • Your employees and contractors
  • Visitors to your websites
  • Any individuals whose data you process using our services

3. Obligations of the Processor

3.1 Processing Instructions

We will:

  • Process personal data only on your documented instructions, unless required by law
  • Inform you if we believe an instruction infringes data protection laws
  • Not process personal data for any purpose other than providing the services

3.2 Confidentiality

We will:

  • Ensure that persons authorized to process personal data have committed to confidentiality
  • Limit access to personal data to personnel who need access to perform the services

3.3 Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • DDoS protection and network security
  • Physical security of data centers
  • Employee security training
  • Incident response procedures

3.4 Sub-processors

You authorize us to engage sub-processors to assist in providing the services. We will:

  • Maintain a list of sub-processors at suzko.com/legal/subprocessors
  • Notify you of any intended changes to sub-processors, giving you an opportunity to object
  • Ensure sub-processors are bound by data protection obligations no less protective than this DPA
  • Remain liable for the acts and omissions of our sub-processors

3.5 Data Subject Rights

We will assist you in responding to data subject requests, including:

  • Access to personal data
  • Rectification of inaccurate data
  • Erasure ("right to be forgotten")
  • Restriction of processing
  • Data portability
  • Objection to processing

3.6 Data Breach Notification

In the event of a personal data breach, we will notify you without undue delay (and in any event within 72 hours) after becoming aware of the breach. The notification will include:

  • Description of the nature of the breach
  • Categories and approximate number of data subjects affected
  • Likely consequences of the breach
  • Measures taken or proposed to address the breach

3.7 Data Protection Impact Assessments

We will assist you with data protection impact assessments and prior consultations with supervisory authorities, where required.

3.8 Deletion and Return of Data

Upon termination of services or upon your request, we will, at your choice:

  • Return all personal data to you in a commonly used format
  • Delete all personal data (unless retention is required by law)

Deletion will be completed within 30 days of termination or request, except for data in backup systems which will be deleted in accordance with our backup retention schedule.

4. Obligations of the Controller

You represent and warrant that:

  • You have a lawful basis for collecting and processing personal data
  • You have provided appropriate notices to data subjects regarding our processing
  • Your processing instructions comply with data protection laws
  • You will obtain any necessary consents from data subjects where required

5. International Data Transfers

Personal data may be transferred to and processed in the United States. For transfers from the European Economic Area, United Kingdom, or Switzerland, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Supplementary measures where necessary

The Standard Contractual Clauses are incorporated into this DPA by reference and are available upon request.

6. Audits and Compliance

We will:

  • Make available all information necessary to demonstrate compliance with this DPA
  • Allow for and contribute to audits, including inspections, by you or an auditor mandated by you (with reasonable notice and during normal business hours)
  • Provide attestations of compliance upon request

7. Liability

Each party's liability under this DPA is subject to the limitations set forth in the Terms of Service, except that limitations shall not apply to breaches of data protection obligations to the extent prohibited by law.

8. Term and Termination

This DPA shall remain in effect for the duration of your service agreement with us. The provisions regarding confidentiality, data deletion, and liability shall survive termination.

9. Amendments

We may update this DPA to reflect changes in data protection laws or our practices. Material changes will be communicated to you with at least 30 days' notice.

Contact Information

For questions about this DPA or to exercise your rights, please contact our Data Protection Officer at:

Suzko, LLC

legal@suzko.com

+1 (888) 819-1699 Toll Free (US & Canada)

+1 (317) 854-5007 Headquarters (US Only)

312 N Green St, Suite D
Crawfordsville, Indiana
47933, United States

Last updated: January 16, 2026