Skip to content

HostStack Trust Center

Your customers' apps, databases, and domains run on our infrastructure. This page collects everything you need to evaluate HostStack on security, privacy, and reliability.

EU hosted

All compute and data live in Germany and Finland. No US sub-processors in the request path.

GDPR compliant

Built around GDPR Articles 28 and 32 with a DPA signed automatically at signup.

Transparent uptime

Real-time component health and 90-day historical uptime on our public status page.

Documents and policies

Status

Live component health, incident history, and 90-day uptime per region.

View live status →

Security

Encryption, authentication, infrastructure isolation, vulnerability disclosure, and security.txt.

Read security overview →

Service Level Agreement

Uptime guarantees by tier, service credits, and incident response commitments.

Read SLA →

Data Processing Agreement

GDPR Article 28 DPA, signed automatically at signup. Includes data flow and retention details.

Read DPA →

Sub-processors

The third-party service providers we engage under GDPR Article 28.

View sub-processors →

Privacy Policy

What data we collect, why we collect it, and your rights as a data subject.

Read Privacy Policy →

Acceptable Use Policy

What you can and can't run on HostStack — abuse, content, and resource limits.

Read AUP →

Terms of Service

The legal terms governing your use of HostStack.

Read Terms →

Compliance roadmap

Pursuing ISO 27001 certification. For enterprise customers needing documentation of our current controls, contact security@hoststack.dev.

Essential cookies only — for login sessions. No tracking. Details