Legal
Privacy Policy
MS Host IT (“we”, “us”) provides a software delivery control plane for teams that operate their own VPS hosts. This policy explains what we collect, why we collect it, and the choices you have. It is written in plain language for customers and for platforms (such as GitHub) that review our OAuth application.
1. Who this covers
This policy covers visitors to our public website, people who create MS Host IT accounts, and operators who connect VPS hosts or GitHub accounts through the dashboard.
2. Information we collect
- Account data: email address, display name, and authentication credentials needed to sign in.
- VPS metadata: labels, hostnames, ports, and operational status you enter for your servers.
- Infrastructure secrets: SSH passwords or private keys you choose to store for mediated sessions. These are encrypted at rest and are not returned to the browser.
- GitHub connection data: OAuth tokens and identifiers needed to list or pull repositories you authorize for deploy workflows. Tokens are treated as secrets and encrypted at rest.
- Usage and audit signals: high-level events such as session minting, deploy attempts, and security-relevant actions, kept so we can operate and secure the service.
- Technical logs: standard request metadata (for example IP address, user agent, timestamps) used for reliability and abuse prevention.
3. How we use information
- Provide and improve the control panel and public documentation.
- Authenticate you, protect accounts, and mediate SSH/SFTP or deploy workflows to infrastructure you control.
- Connect to GitHub solely to support repository selection and source retrieval for delivery features you enable.
- Respond to support requests and security incidents.
- Comply with law and enforce our Terms of Service.
We do not sell personal information. We do not use GitHub data for advertising.
4. GitHub OAuth
When you connect GitHub, GitHub shares tokens and profile/repo access according to the scopes you approve. We use that access to deliver MS Host IT project and deploy features. You may disconnect GitHub in MS Host IT and revoke the application in your GitHub settings at any time. More detail: Docs · GitHub access.
5. Storage and security
Customer secrets use envelope encryption at rest. Decryption happens in short-lived broker paths for sessions and deploys. We design so that a stolen application database without key-management access should not yield usable VPS or GitHub credentials. No method of transmission or storage is perfectly secure; we work to reduce risk with defense in depth.
6. Sharing
We share data only with processors that help us run the service (for example hosting, email delivery, or error monitoring), under obligations to protect it; when you direct us to (for example connecting GitHub); or when required by law. We do not share your repository contents with unrelated third parties for their marketing.
7. Retention
We retain account and operational data while your account is active and for a reasonable period afterward for backups, disputes, and legal obligations. You may request deletion of account data by contacting us; some records may be retained where required for security or compliance.
8. Your choices
- Update or delete account information through the dashboard where available.
- Disconnect GitHub or remove stored VPS credentials.
- Contact support@mshostit.com for privacy requests.
9. Children
MS Host IT is intended for professional and business use. We do not knowingly collect personal information from children under 16.
10. Changes
We may update this policy as the product evolves. We will revise the “Last updated” date and, for material changes, provide additional notice when appropriate.
11. Contact
Privacy: support@mshostit.com
Support: support@mshostit.com
Related: Terms of Service · Security model