Basic Information on Data Processing

At HypeServ, we offer you the opportunity to run your own game servers online. To provide you with these services it is necessary for us to process and store some of your data. Below we explain how and what we process.

By using our services (including this website, the HypeServ App, HypeServ API, contact via e-mail or social media and other online offerings under the HypeServ brand) — hereafter called “HypeServ Services” — you declare that you have read this privacy policy.

Who is responsible for processing your data?

The entity responsible for personal data collected via HypeServ Services is:
onesrv | Regh & Meier Services GbR
Am Ramonchamp Platz 8
55270 Ober-Olm
E-Mail: privacy [at] onesrv.net
(Hereafter referred to as “onesrv”.)

How does onesrv process your data?

We use the data you provide to make the HypeServ websites and services available to you, to further develop and optimise them, and — if you’ve consented — to inform you about news and offers related to HypeServ.

Provision and Development of HypeServ Websites and Services

To make our services available we must process your data. This is based on your consent or our (onesrv) legitimate interests. Your data is also used — where you have given your consent — for error correction and statistical analysis of our services.

Communication with You

We use your data to respond to any inquiries you have made or to send you information about HypeServ.

How is your information shared?

We do not share your data without your explicit consent. At this time, we do not share any of the personal data we collect with other parties.

Hosting

We at onesrv are proud to host almost all of our services on our own hardware. Your data is stored on our servers and is therefore not passed on to or processed by third parties during storage.

An exception for our customers is Tebi.io, a cloud-storage service provided by Sideglide Solutions Ltd., Nicosia 1065, Archiepiskopou Makariou III 42, Cyprus. Their privacy policy can be found at: https://tebi.io/legal.html. We use Tebi.io based on legitimate interest to enable the storage and efficient provision of media (image files, videos, and PDF files).

Cloudflare CDN (Content Delivery Network)

We use the CDN of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (“Cloudflare”), based on our legitimate interests to increase the security and delivery speed of our website and services. A CDN is a network of globally distributed servers that can deliver content optimally to website users.

For this purpose, personal data may be processed by Cloudflare in server log files. Details on what data may be processed by Cloudflare can be found under “What Data Do We Process?” in the section “When Visiting the HypeServ Websites”.

Cloudflare is a recipient of your personal data and acts as a data processor for us. Since we do not operate a CDN ourselves, we rely on Cloudflare’s CDN based on our legitimate interest. We have concluded contracts for data processing (DPA) with Cloudflare.
You have, as described under “What Rights Can I Exercise and How?”, the option to object to this processing. Whether this objection is effective will be determined by balancing interests. The functionality of the website and services cannot be guaranteed without this processing.

Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described here. Further information on objection and deletion options regarding Cloudflare can be found at: Cloudflare DPA
Cloudflare has implemented compliance measures for international data transfers that apply to all global activities in which Cloudflare processes personal data from natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). More details: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf. Cloudflare’s privacy policy: https://www.cloudflare.com/privacypolicy/.

Payment Processing

Mollie (Payment Processing)

Up until 20.10.2025 we used the payment service provider Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands, for payment processing. If you made payments to us via Mollie, Mollie received and processed your personal data.
Details on what data Mollie processes, for how long Mollie processes it, on what legal basis this happens and how Mollie uses this data can be found in Mollie’s privacy policy: https://www.mollie.com/de/privacy.
You can object to the processing of your data according to Mollie’s privacy policy directly with Mollie.

Stripe (Payment Processing)

For the payment processing of our online services we use the payment service provider Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, D02 H210, Ireland. If you make a payment over Stripe, Stripe receives and processes your personal data.
Stripe processes your data partly in our behalf to process payments (as a processor), and partly in its own responsibility (e.g., to meet legal obligations such as anti-money-laundering or for fraud prevention).
Stripe may transfer data to connected companies of Stripe, Inc. in the U.S. For this purpose, Stripe ensures the protection of your personal data by using the Standard Contractual Clauses (SCCs) approved by the European Commission.
Which data Stripe processes, how long they are stored, on which legal basis they are processed and how Stripe uses your data can be found in Stripe’s privacy policy: https://stripe.com/privacy.
You can object to the processing of your data according to Stripe’s privacy policy directly with Stripe.

Stripe cookies

When you use our services and make a payment via Stripe, Stripe may set cookies and other similar tracking technologies on your device. These cookies serve multiple functions, including:

• Enabling the payment transaction and checkout process (essential cookies)

• Preventing fraud and enhancing security by recognising the device/browser and monitoring behaviour (essential/functional cookies)

• Remembering user preferences, analysing how the payment flows are used, and improving checkout experience (functional cookies)

• Where allowed, enabling targeted advertising of Stripe’s or related services across websites (advertising cookies)

Stripe’s cookie policy categorises cookies into Essential, Functional and Advertising, and you can manage or opt out of non-essential cookies via Stripe’s Cookie & Consent Settings Dashboard.

Because some of these cookies are necessary for the payment process, disabling certain cookies may impair or prevent the functionality of payment services on our site.

For full details about what cookies Stripe uses, how long they last and how to adjust your preferences, please refer to Stripe’s Cookie Policy: https://stripe.com/legal/cookies-policy

What Data Do We Process?

When Visiting the HypeServ Websites (hypeserv.com, app.hypeserv.com):

Type of Data: Technical metadata (IP address, browser, device type, etc.)
Basis: Legitimate interest
Purpose: Provision of the online presence

Type of Data: Anonymised metadata about website usage (browser; country of accessing IP address; access period; referrer URL; URL)
Basis: Consent or explicit consent
Purpose: Statistical analysis of our web offerings with the aim of improving them

Type of Data: Functional cookies (session ID/login, cookie preferences, page settings [dark-mode, etc.])
Basis: Legitimate interest
Purpose: Provision of basic functions of HypeServ Services (login, etc.) and storage of visitor privacy settings
Please note that “Technical metadata” is also processed by our data processor Cloudflare (see “How is your information shared?” under “Cloudflare CDN”).

Upon Contacting Us:

If you contact us via email, social-media, phone, contact-form or via other channels, we process data you provide in order to respond to your contact.

Type of Data: Provided personal data (name, email address, company name, if applicable phone number)
Basis: Legitimate interest
Purpose: Customer support; response to (customer) inquiries of the data subject.

General Use of HypeServ Services:

Type of Data: Electronic transaction and metadata (IP address, device model, browser version, OS version, etc.)
Basis: Legitimate interest
Purpose: Service provision. Without processing this data, access is technically impossible.

Type of Data: User data (email address, name, last login time)
Basis: Consent or explicit consent (upon creation of a user account at HypeServ)
Purpose: Provision of a customer account.

Type of Data: Payment data (name, email address, billing and shipping address, payment method, payment amount, currency, transaction ID, date and time of payment)
Basis: Contract fulfilment (payment processing) & Legal requirements (e.g., tax and commercial retention obligations)
Purpose: Payment processing; invoicing; bookkeeping.

Type of Data: Technical data (IP address, browser & device information, OS, network data, timestamp)
Basis: Legitimate interest (e.g., fraud prevention, system security)
Purpose: Fraud and misuse prevention; ensuring the security of payment transactions.

Type of Data: Communication and metadata (customer ID, merchant ID, payment status, payment platform used, possibly stored payment method for recurring payments)
Basis: Contract fulfilment & Legitimate interest (e.g., improving payment processing)
Purpose: Payment allocation; recognition in case of repeat purchases; customer service.

Type of Data: Legally required data (e.g., information for identity verification or for prevention of money-laundering)
Basis: Legal obligation (e.g., pursuant to AML laws and EU provisions)
Purpose: Fulfilment of legal duties; prevention of fraud and money-laundering.

Type of Data: Data for error-analysis (emerging errors, device metadata, anonymised interaction replays, log data)
Basis: Consent or explicit consent
Purpose: Product improvement; error correction.

On What Legal Basis Do We Process Data?

We process your data strictly in accordance with the (European) General Data Protection Regulation (GDPR). We have described above how we process your data.
The GDPR stipulates that companies must have a legal basis to process your data. Even where we have a legal basis for processing your data, you always have the right to access, correction and deletion of your data under the GDPR.
In the section “What Data Do We Process?” we have listed exactly which of your data we process on which legal basis.
Here is a brief overview of the legal bases we rely upon:

• Art. 6(1)(a) and Art. 7 GDPR: The legal basis for obtaining consent.

• Art. 6(1)(b) GDPR: Legal basis for processing your data to fulfil our contractual obligations and our services.

• Art. 6(1)(c) GDPR: Legal basis for the fulfilment of our legal obligations.

• Art. 6(1)(f) GDPR: Legal basis for the protection of our legitimate interests.

• Art. 6(1)(d) GDPR: Legal basis for the case that processing is necessary to protect vital interests of the data subject or another natural person

Since the data you provide and the processing performed are necessary to provide our services, if you exclude processing this may restrict your user-experience or make usage of HypeServ Services impossible.
Under the GDPR you have the right at any time to withdraw your consent given to us and to request transfer of provided data to you or a person of your choice.

What Rights Can I Exercise and How?

• Right to Access: You can contact us at any time to find out how we process which of your data, with whom we share or have shared those data and where they come from. You can also ask about automated processing of your data.

• Right to Correction or Rectification: You have the right to ensure that the data we process about you are up to date. We ask you to keep your data current and, if this is not the case, update it or contact us.

• Right to Erasure (“Right to be Forgotten”): You have the right to have the data we process and store deleted. Please note this will also mean your credit, your servers and your data will be permanently deleted.

• Right to Restriction of Processing: We process your data until it is no longer needed or your account is deleted.

• Right to Data Portability: You are entitled to receive a copy of your data in a machine-readable format. In most cases we provide the data as a JSON export.

• Right to Withdraw Consent: If we process your data based on your consent, you can withdraw such consent at any time without giving a reason. Please note that this may restrict your use of the HypeServ Services.

• Right to Object: You may object to the future processing of your personal data at any time. Please also note that this may restrict your use of the HypeServ Services.

• Right to Complain: If you identify violations of the GDPR you have the right to lodge a complaint with a supervisory authority. Since our company is based in Rhineland-Pfalz we recommend you contact the Data Protection Commissioner of Rhineland-Pfalz: https://www.datenschutz.rlp.de/. However, you may also contact authorities in the EU member state of your habitual residence, place of work or the place of alleged infringement.

• Exercising My Rights: To exercise your rights, contact the responsible entity for processing. If it is not clear for your customer account which entity is responsible, contact us (onesrv). In order to assign and legitimise your request, please ensure your email originates from the address that your customer account is linked to.
  The responsible entity has, once your request is received and all necessary information for processing is available, 30 days to respond.
  If we (onesrv) or the responsible entity determine that your requests are repetitive, unfounded or disproportionate, we may charge a reasonable fee or refuse the request.

Data Retention Period

By default, we store your personal data until the purpose for the data processing ceases. If you request deletion of your data or you withdraw consent, we delete your data provided that there are no other legally permissible reasons for storing your personal data.