As a webhosting provider we keep logs of who accessed which site, including full IP addresses. Logs are kept for 6 months. These access logs are used for the following purposes:
- As part of our platform, we analyze access logs in an automated fashion to detect fraud and abuse, including bots trying to hack customer sites, etc. The logs are analyzed near real-time as well as retroactively by an algorithm that then creates customized firewall rules.
- We analyze our access logs to improve our platform and see where we need to build out more infrastructure.
- For billing purposes we analyze access logs and may, in dispute situations, give customers a breakdown of data volume and requests by browser, country, files accessed, etc. to give them insight into how the bill was incurred.
- At this time we do not provide customers access to the raw access logs.
These are strictly required to operate the service and cannot be disabled, as it would put our platform at risk or leave us unable to bill customers.
What we do NOT do
- Use sticky cookies for load balancers (although this is not Personally Identifiable Information, so it has nothing to do with GDPR).
- Place tracking cookies on the visitors (although the Wordpress installation may do that, but that's on the website owner).
- Provide analytics services or user tracking to our customers based on logs we collect.
- Analyze the access logs for any other purpose.