Privacy notice
This notice explains what information the VPS Secure Base website collects, why it is used, who receives it and what choices you have.
Effective date: 17 July 2026
Who is responsible for the data
Gruster is a trade name used by Sedelnikov Denis Aleksandrovich, an independent service provider based in Indonesia. For privacy requests, use the methods listed on the Contact page. This notice applies to the public website and pre-engagement scope-review requests.
Information we collect
- Your name and preferred contact method.
- Your Telegram username or email address.
- The selected operating system, number of servers and optional message.
- The page address, timestamp and bounded campaign attribution connected to the request.
- Short-lived technical information, including an IP address, used to prevent abuse and enforce rate limits.
- Website usage events only after you choose Accept analytics.
Do not submit passwords, private keys, access tokens, raw logs, customer records, health information or incident evidence through this website.
Why we use it
We use submitted information to answer your request, check whether a server may fit the advertised scope, prepare a possible written engagement, prevent website abuse, maintain consent records and measure page performance after consent. A form submission does not create a contract or authorize access to a server.
Telegram, hosting and analytics
Scope-review requests are delivered to the operator through a private Telegram bot chat. Bot messages are Telegram cloud messages and should not be treated as end-to-end encrypted. The website hosting provider processes requests needed to serve and protect the site. Google Analytics 4 is loaded only after analytics consent; advertising storage, advertising personalization, Google Signals and User-ID are not used.
These providers may process data in countries outside Indonesia. We disclose only what is needed for the stated purpose and do not sell personal data.
Retention
- Website security and rate-limit logs are rotated daily and removed after no more than 30 days.
- Closed or unqualified enquiries are reviewed for deletion when they are no longer needed; our current operational target is within 90 days after the last contact.
- Active sales conversations are retained while needed to prepare or discuss a possible engagement and are reviewed periodically.
- Your analytics choice is stored only on your device until you change it, clear browser storage or the site changes the consent version.
- If GA4 is enabled, event-level retention is set to 2 months.
Records connected to a paid engagement, invoice, dispute or legal obligation follow the retention period stated in the engagement documents or required by applicable law.
Your choices and rights
You may ask for access, correction, deletion or restriction of information connected to your enquiry, withdraw future analytics consent, or object to processing where applicable. We may request reasonable identity verification before acting on a rights request. You may reopen analytics settings from the footer at any time.
Security and updates to this notice
We use access controls, bounded logs and data-minimizing form and analytics designs. No internet transmission can be guaranteed completely secure. If this notice changes materially, its effective date will be updated on this page.