GDPR-compliant hosting for European businesses
4hosting acts as a data processor under GDPR Article 28. We provide hosting services exclusively in EU-based data centers. We do not transfer data to third countries without your explicit consent.
Data stays in the EU
All servers, backups and operational copies are in certified EU DCs (Frankfurt, Paris, Warsaw). No transfers to the US, UK or Asia.
Free DPA on signup
A Data Processing Agreement compliant with GDPR Article 28 is downloadable in the customer panel. Free, in Polish and English, ready for qualified e-signature.
Subprocessor list
Current list of all our subprocessors (DC, CDN, anti-DDoS) with processing location. We notify of any change 30 days in advance.
Audit and certifications
Our DC partners hold ISO 27001, ISO 27018, SOC 2 Type II. We can share audit reports on request under NDA.
Data Processing Agreement (DPA) — Article 28 GDPR
Every business customer receives a ready-to-sign Data Processing Agreement compliant with GDPR Article 28. The document covers: scope of processing, data categories, security obligations, audit rights and breach notification. Available in PL and EN.
Current subprocessor list
Data-subject rights
We honor access, rectification, erasure, restriction, portability and objection requests within 30 days. Submit any request via the panel form or email [email protected]. We have appointed a Data Protection Officer available to Polish customers.
GDPR questions?
Our DPO responds within 24h. We can also sign an NDA before sharing audit reports.
Contact the DPO →
