CLIENTAREA
CLIENTAREA

Terms of Service
&
Privacy Policy

  • Last update: 04/10/2023 07:00 AM | Timezone: Europe/Rome

Terms of Service


Lowhosting Services of Davide Gennari below will be defined "Lowhosting", or trivially "We", with registered office in "Via Benetti, 9, 45019 Taglio di Pò, RO, Italy".

1. Terms

By accessing this web site, you are agreeing to be bound by these web site Terms and Conditions of Use, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this web site are protected by applicable copyright and trade mark law.

2. Use License

Permission is granted to temporarily download one copy of the materials (information or software) on LowHosting's web site for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:

  1. modify or copy the materials;
  2. use the materials for any commercial purpose, or for any public display (commercial or non-commercial);
  3. attempt to decompile or reverse engineer any software contained on LowHosting's web site;
  4. remove any copyright or other proprietary notations from the materials; or
  5. transfer the materials to another person or "mirror" the materials on any other server.

This license shall automatically terminate if you violate any of these restrictions and may be terminated by LowHosting at any time. Upon terminating your viewing of these materials or upon the termination of this license, you must destroy any downloaded materials in your possession whether in electronic or printed format.

3. Disclaimer

The materials on LowHosting's web site are provided "as is". LowHosting makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties, including without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights. Further, LowHosting does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet web site or otherwise relating to such materials or on any sites linked to this site.

4. Limitations

In no event shall LowHosting or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption,) arising out of the use or inability to use the materials on LowHosting's Internet site, even if LowHosting or a LowHosting authorized representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.

5. Revisions and Errata

The materials appearing on LowHosting's web site could include technical, typographical, or photographic errors. LowHosting does not warrant that any of the materials on its web site are accurate, complete, or current. LowHosting may make changes to the materials contained on its web site at any time without notice. LowHosting does not, however, make any commitment to update the materials.

Disclaimer

LowHosting has not reviewed all of the sites linked to its Internet web site and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by LowHosting of the site. Use of any such linked web site is at the user's own risk.

7. Site Terms of Use Modifications

LowHosting has not reviewed all of the sites linked to its Internet web site and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by LowHosting of the site. Use of any such linked web site is at the user's own risk.

Disclaimer

LowHosting may revise these terms of use for its web site at any time without notice. By using this web site you are agreeing to be bound by the then current version of these Terms and Conditions of Use.

8. Governing Law

Any claim relating to LowHosting's web site shall be governed by the laws of the State of ITALY without regard to its conflict of law provisions.

9. Payments Missed

The Company reserves the right to temporary or permanent suspend or termination(And delete all datas) of service in the event of non-payment of what is due within the established times. This interruption does not relieve the Underwriter from its liability in connection with the payment of the sums due, increased by legal interest and the credit recovery costs.

For some types of dedicated services you cannot request cancellation if there is already an invoice issued for that service, in some special cases you can pay a penalty of EUR 15 to pay for the failure to cancel the service in time.

10. Service Level Agreements (SLA)

we commit to ensuring the following Service levels:
(a) GE-OPENVZ* Services:
Monthly availability rate: 97.5%
(b) All Other Services:
Monthly availability rate: 99.95%
“Monthly availability rate” should be understood as: the total number of minutes in the month considered as a deduction made from the number of minutes of unavailability over the month concerned. The total is divided by the total number of minutes in the month.
“Unavailability” should be understood to mean: the loss of access to and inability to reboot the VPS, for more than three (3) consecutive minutes from the moment an Incident ticket has been opened by the Customer.

The Service level agreements made above are subject to the exclusions below, and on the conditions that in the event of unavailability the Customer shall collaborate with us to reestablish the Service.
This agreement does not in any way concern the availability of elements that are under the Customer’s control, such as software or applications installed on the VPS and used by the Customer.
This service level agreement is not applicable in the event that we are unable to perform the technical operations required to check the service state due to the Customer’s configuration of their VPS.
If we confirms that a VPS is available and in good working order, we are released from the obligation under the SLA. However, in this case, upon the Customer’s request, we agrees to assist them in identifying the cause of the issues found by the Customer.
If we identify an Unavailability, we complete the diagnostic and works in collaboration with the Customer to reestablish availability.

If the service level set out above is not reached, the Customer can request the following credits :
• Unfulfilled availability rate:
(a) GE-OPENVZ* Services:
Credit equal to 10% of the monthly amount paid by the Customer for the month during which the components were affected by the Unavailability, if the availability rate identified is equal or lower than 97.5%.
(b) All Other Services:
Credit equal to 10% of the monthly amount paid by the Customer for the month during which the components were affected by the Unavailability, if the availability rate identified is equal or lower than 99.5%.
It is expressly agreed that for the Customer, the aforementioned credits represent a flat-rate compensation for any damage resulting from our non-compliance with the relevant service commitments. As a result, the Customer renounces the right to submit any other request, demand and/or action.
If an incident results in our side failing to comply with several commitments in the Service Level Agreement, the credits cannot be accumulated. When credit compensation is applied, it is provided as generously as possible to the Customer. Furthermore, the total accumulated compensation able to be attributed over the course of a month for all incidents combined cannot exceed 100% of the total monthly amount billed to the Customer.

The Customer cannot under any circumstances use this article and request the aforementioned credit compensation in the event of unavailability resulting in full or in part from:

  1. events or factors outside of the our control including but not limited to cases of force majeure, third parties, downtime or incorrect usage of hardware or software under the Customer’s management (particularly the applications run on the VPS);
  2. failure on the Customer’s part to fulfil the obligations listed as part of this Contract (in particular, failure to collaborate in resolving the incident); (iii) incorrect or inappropriate usage of the Service by the Customer;
  3. scheduled maintenance;
  4. an interruption that falls under the conditions listed in the “Terms and Conditions of Use” article in this document;
  5. hacking or piracy.

11. Fair usage policy

Some resources are subject to a fair-usage rule and this means that it is forbidden to abuse, we are very large with quantities and do not set a real limit but when the action of a customer can also create problems for other people in the same node/network this violates the fair use policy.
Except in rare cases we will contact you before taking any action on your service or account and we will ask you for explanations and if the abuse is caused by excessive use of resources (e.g. network bandwidth) and you requires this massive use we will arrange a solution for you.

We reserve the right to suspend any service without prior notice if the abuse vastness is excessive.


You also accept to respect our Acceptable Use Policy (AUP)


This Acceptable Use Policy (this “Policy”) describes prohibited uses of the services offered by LowHosting (the “Services”) and the websites located at https://lowhosting.org/ and https://lowhosting.com/. The examples described in this Policy are not exhaustive. We may modify this Policy at any time by posting a revised version. By using the Services or accessing the our Site, you agree to the latest version of this Policy. If you violate the Policy or authorize or help others to do so, we may suspend or terminate your use of the Services.



(A1) No Illegal, Harmful, or Offensive Use or Content

You may not use, or encourage, promote, facilitate or instruct others to use, the Services or our Site for any illegal, harmful, fraudulent, infringing or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, fraudulent, infringing or offensive. Prohibited activities or content include:

  • Illegal, Harmful or Fraudulent Activities. Any activities that are illegal, that violate the rights of others, or that may be harmful to others, our operations or reputation, including disseminating, promoting or facilitating child pornography, offering or disseminating fraudulent goods, services, schemes, or promotions, make-money-fast schemes, ponzi and pyramid schemes, phishing, or pharming.
  • Infringing Content. Content that infringes or misappropriates the intellectual property or proprietary rights of others.
  • Offensive Content. Content that is defamatory, obscene, abusive, invasive of privacy, or otherwise objectionable, including content that constitutes child pornography, relates to bestiality, or depicts non-consensual sex acts.
  • Harmful Content. Content or other computer technology that may damage, interfere with, surreptitiously intercept, or expropriate any system, program, or data, including viruses, Trojan horses, worms, time bombs, or cancelbots.


    • (A2) Not Accepted Usage

    The following are prohibited from use on our server and may not be uploaded or run. Reasons for banning them include adverse effects on server load, invitations to hackers/spammers/criminal activity, etc.
    Violation will result in immediate suspension without prior notice of the service.

    1. - Nulled Scripts
    2. - Illegal Torrents
    3. - Public Proxy servers/VPN
    4. - SPAM
    5. - TOR
    6. - Phishing Pages
    7. - Slowloris Scripts
    8. - Source or Target of intentional DoS/DDoS attacks
    9. - CPU Wasting Scripts Such as Bitcoin mining and/or Runescape bots
    10. - Illegal Distribution of Copyright Materials via any P2P
    11. - Hosting and/or Distribution of any kind of Child Pornography.


    (A3) No Security Violations

    You may not use the Services to violate the security or integrity of any network, computer or communications system, software application, or network or computing device (each, a “System”).

    Prohibited activities include:

    • Unauthorized Access. Accessing or using any System without permission, including attempting to probe, scan, or test the vulnerability of a System or to breach any security or authentication measures used by a System.
    • Interception. Monitoring of data or traffic on a System without permission.
    • Falsification of Origin. Forging TCP-IP packet headers, e-mail headers, or any part of a message describing its origin or route. The legitimate use of aliases and anonymous remailers is not prohibited by this provision.

    (A4) No Network Abuse

    You may not make network connections to any users, hosts, or networks unless you have permission to communicate with them.

    Prohibited activities include:

    • Monitoring or Crawling. Monitoring or crawling of a System that impairs or disrupts the System being monitored or crawled.
    • Denial of Service (DoS). Inundating a target with communications requests so the target either cannot respond to legitimate traffic or responds so slowly that it becomes ineffective.
    • Intentional Interference. Interfering with the proper functioning of any System, including any deliberate attempt to overload a system by mail bombing, news bombing, broadcast attacks, or flooding techniques.
    • Operation of Certain Network Services. Operating network services like open proxies, open mail relays, or open recursive domain name servers.
    • Avoiding System Restrictions. Using manual or electronic means to avoid any use limitations placed on a System, such as access and storage restrictions.

    (A5) No E-Mail or Other Message Abuse

    You will not distribute, publish, send, or facilitate the sending of unsolicited mass e-mail or other messages, promotions, advertising, or solicitations (like “spam”), including commercial advertising and informational announcements. You will not alter or obscure mail headers or assume a sender’s identity without the sender’s explicit permission. You will not collect replies to messages sent from another internet service provider if those messages violate this Policy or the acceptable use policy of that provider.


    (A6) Our Monitoring and Enforcement

    We reserve the right, but do not assume the obligation, to investigate any violation of this Policy or misuse of the Services or our Site. We may:

    • investigate violations of this Policy or misuse of the Services or our Site; or
    • remove, disable access to, or modify any content or resource that violates this Policy or any other agreement we have with you for use of the Services or the our Site.
    • download/analyze/check and share the files that have incurred/triggered the violation.

    We may report any activity that we suspect violates any law or regulation to appropriate law enforcement officials, regulators, or other appropriate third parties. Our reporting may include disclosing appropriate customer information. We also may cooperate with appropriate law enforcement agencies, regulators, or other appropriate third parties to help with the investigation and prosecution of illegal conduct by providing network and systems information related to alleged violations of this Policy.

    Suspend your service without notice.


    Reporting of Violations of this Policy

    If you become aware of any violation of this Policy, you will immediately notify us and provide us with assistance, as requested, to stop or remedy the violation. To report any violation of this Policy, please follow our abuse reporting process.





    Privacy Policy


    Lowhosting Services of Davide Gennari below will be defined "Lowhosting", or trivially "We", with registered office in "Via Benetti, 9, 45019 Taglio di Pò, RO, Italy".


    We remind you that the processing of personal data means any operation or set of operations, carried out with or without the aid of digital tools, concerning the collection, registration, organization, storage, consultation, processing, the modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, deletion and destruction of data, even if not recorded in a data archive.

    This information applies when you visit our website or our social media channels; when you purchase our services and use our applications; when you sign up for our newsletter; request our assistance or you are a supplier, partner, consultant or any other person who has business relations with us.

    The information and data you provide will be treated in compliance with the applicable regulations and standards (including, by way of example but not limited to, the General Data Protection Regulation - EU Regulation 2016/679 - General Data Protection Regulation or “GDPR ").

    The data processing carried out by us is based on the principles of correctness, lawfulness, transparency, accuracy, integrity, confidentiality, limitation of the purposes and conservation and minimization of data.


    THE LEGAL BASIS OF OUR DATA PROCESSING

    We base the processing of your personal data on different legal bases:

    1. your consent (only when necessary or permitted by law). In that case you will still have the right to revoke it;
    2. the need to establish a contractual relationship and fulfill its obligations;
    3. the need to respect the laws in force and to establish, exercise or defend against legal actions;
    4. the need to pursue its legitimate interests: ensuring that networks and information are secure, preventing or investigating alleged or actual violations of the law, commercial contracts or cases of non-compliance with its business principles;
    5. the need to respond to your requests;
    6. any other legal basis permitted by current regulations.


    WHAT KIND OF PERSONAL DATA WE TREAT, WITH WHAT PURPOSES AND HOW LONG WE KEEP THEM

    a) Navigation data
    For the proper functioning of our site and the services provided, IT systems and software procedures are required which, during their normal operation, acquire certain personal data, the transmission of which is implicit in the use of internet communication protocols. These are data that are not collected to be associated with identified subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified (eg IP addresses). These data are used only for anonymous statistical information regarding the use of the service and to check its correct functioning and are kept for the period strictly necessary and in any case in compliance with the regulations in force.

    b) Customer data
    In order to be able to provide the services provided in the contractual agreements, carry out marketing activities and comply with tax obligations and foreseen by current regulations, we will collect the following customer data: Name - Surname - Company name (in case of subject other than private) - Tax code - VAT number (in the case of a subject other than private) - Address - City - Cap - Province - Telephone numbers - Email addresses. These data will be kept for the purpose of providing the services, as well as for promotional activities and for a period of 10 years starting from the termination of the contractual relationship. For tax purposes and other legal obligations, the same data will be kept for 10 years, unless the law allows a longer period of storage; long, also due to the maturing of the limitation period for any rights claimed by third parties.

    c) Supplier data
    In order to ensure the smooth running of the employment relationship, we need the contact details of the relevant subjects operating within the supplier company (such as names, surnames, telephone numbers and e-mail addresses). We also need all the data necessary for issuing the invoice, as well as the bank details needed to pay for the services purchased (if it is part of the contractual agreements stipulated). For the aforementioned purposes the data will be kept for a period of one year starting from the termination of the contractual relationship. For purposes of a fiscal nature and for other legal obligations, the data will be kept for 10 years, unless the law allows for a longer period of storage; long, also due to the maturing of the limitation period for any rights claimed by third parties.

    d) Data related to the registration of domain names
    For the registration of domain names we will only carry out the strictly necessary treatments and if you do not provide the data it will be impossible to provide the service. The data provided may be communicated to third parties exclusively for the aforementioned purposes (national and foreign registration authorities). At the end of the registration of the domain, as provided by each of the relevant Registers, the data provided will be published on the WHOIS (public database that contains all the data of the domain name holders). These data will be kept for a period of 6 months starting from the deletion of the domain name to which they refer, unless further storage is imposed by order of a judicial or administrative authority.

    e) Data of third parties provided by the interested party
    It could happen that you provide the data of third parties to request the assignment of domain names or to differentiate the billing contacts (in case your customer directly pays for the service). In this circumstance you will be the exclusive owner of the processing of the aforementioned data with related legal obligations and responsibilities. These data will be stored exclusively for tax purposes (invoicing) for a period of 10 years and for a period of 6 months starting from the cancellation of the domain name to which they refer (domain registration for third parties), unless the law requires or allow a longer storage period; long.

    f) Cookies
    Access to the lowhosting.org/lowhosting.com site may involve the sending, by our servers to the user's PC, of so-called "cookies", ie files that allow information to be obtained about the pages visited in order to make them more convenient; quick use of various services. The use of cookies is limited to the duration of the single session (except for technical cookies of Tawk.to that have a prolonged expiration), and does not in any way allow the acquisition of personal identification data of the user. The acquired data will not be stored but will be deleted when the browser is closed. You can choose at any time to disable cookies simply by changing the browser settings; however, we remind you that deactivating cookies can slow down or prevent access to certain sections of the site.

    g) Traffic data
    We inform you of the existence of the log of the connections (LOG), in which the data relating to the telematic traffic are kept, in the terms and according to the timescales foreseen by law. Once the statutory retention period has expired, and unless otherwise indicated by the Authority with administrative or judicial provision, the aforementioned data will be destroyed and will no longer be relevant; guaranteed the possibility of obtaining a copy.



    HOW WE MANAGE YOUR DATA FOR PROMOTIONAL AIMS

    We may send you marketing communications relating to your services, products, promotions or events via e-mail, telephone and social networks.
    These communications may also be customized taking into account your preferences (expressly indicated or deducted from visits to the lowhosting.org/lowhosting.com website or based on the links you clicked on). Before starting any marketing activity and if required by applicable laws, we will ask you to give us your consent, which you can still revoke by sending an email request to privacy@lowhosting.org . Even in the event of withdrawal of consent to the receipt of marketing communications, you may still receive other types of communications (for example important notices of a technical or administrative nature).


    WHO IS THE HOLDER OF PERSONAL DATA

    The Data Controller carried out through the site is Lowhosting Services of Davide Gennari with registered office at Via Benetti, 9, 45019 Taglio di Pò, RO, Italy.
    The appointed DPO (Data Protection Officer) can be contacted at the following address dpo@lowhosting.org for all information relating to the processing personal data and to provide the list of all the managers involved in the management.


    WHO ARE THE RECIPIENTS OF PERSONAL DATA

    The recipients of the personal data collected are:

    • people, companies, professional offices that provide accounting, administrative, tax or legal consulting services for Lowhosting Services of Davide Gennari;
    • subjects with whom we interact for the provision of services (for example Public Registers for the registration of domain names or Authorities that manage the WHOIS database);
    • entities that provide services related to the collection of payments (eg bank transfer, credit card);
    • any subjects who carry out maintenance activities on network equipment and communication networks;
    • other organizations or authorities to which, for legal reasons or reasons, it is necessary to communicate your personal data;
    • persons authorized by us to carry out activities necessary for the provision of services (with legal obligation of confidentiality).

    The complete list of data processors can be requested by sending an email to privacy@lowhosting.org .


    TRANSFER OF PERSONAL DATA

    In order to be able to provide some services regulated in the contract (such as registration of international domain names), some of your data may be transferred outside the European Economic Area. In particular:

    • for the domains of competence of ICANN (Internet Corporation for Assigned Names and Numbers) and on the advice of ICANN, a copy of the data supplied is also deposited with the company Iron Mountain Intellectual Property Management, Inc. as a guarantee ( both companies are based in the United States);
    • for domains under the jurisdiction of the GMO Registry, data is transmitted to Tokyo - Japan (where the register is located);
    • for the domains of competence of the register Uniregistry the data is transmitted to George Town Grand Cayman (where the register is located);
    • for domains under the jurisdiction of the InternetX register, data is transmitted to Miami - Florida (where the register is located);
    • for domains under the jurisdiction of the Neustar registry, data is transmitted to Sterling - United States (where the register is located);
    • for domains covered by the Public Internet Registry (PIR) the data is transmitted to Reston - United States (where the register is located);
    • for Verisign's domains the data is transmitted to Reston - United States (where the company is based);
    • for Onlinenic competence domains data is transmitted in California - United States (where the company is based)
    • for digital certificates issued by Digicert the data is transmitted in Utah - United States (where the company is based)
    • for digital certificates issued by the company Comodo Security Solutions, Inc. the data is transmitted to Clifton - United States (where the company is based)

    In the aforementioned circumstances the companies receiving the data guarantee us standards of protection, thanks to appropriate technical, organizational and legal measures.


    WHICH RIGHTS YOU CAN EXERCISE

    As an interested party, you will be able to exercise your rights pursuant to articles from 16 to 22 of EU Regulation 679/16:

    Art. 16 - Right of rectification
    You have the right to obtain from the data controller the rectification of inaccurate personal data that concerns you without undue delay. Taking into account the purposes of the processing, you have the right to obtain the integration of incomplete personal data, even providing a supplementary statement.

    Art. 17 - Right to cancellation
    You have the right to obtain from the data controller the deletion of personal data about you without undue delay and the data controller has the obligation to delete personal data without unjustified delay, if one of the following reasons exists:

    1. personal data is no longer relevant; necessary with respect to the purposes for which they were collected or otherwise processed; 4.5.2016 EN Official Journal of the European Union L 119/43
    2. withdraw the consent on which the processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and if there is no other legal basis for processing;
    3. You object to the processing pursuant to Article 21 (1), and there is no legitimate prevailing reason to proceed with the processing, or you object to the processing under Article 21, paragraph 2;
    4. personal data have been processed unlawfully;
    5. personal data must be deleted in order to fulfill a legal obligation under Union law or the Member State to which the data controller is subject;
    6. personal data was collected in relation to the offer of information society services referred to in Article 8, paragraph 1.


    The data controller, if he has made personal data public and is obliged, pursuant to paragraph 1, to delete them, taking into account the available technology and the implementation costs, takes reasonable measures, including technical, to inform the data controllers who are processing processing personal data of your request to cancel any link, copy or reproduction of your personal data.
    Paragraphs 1 and 2 do not apply to the extent that processing is necessary:

    • for the exercise of the right to freedom of expression and information;
    • for ascertaining, exercising or defending a right in court.

    Art. 18 - Right to limitation of treatment
    You have the right to obtain the treatment limitation from the data controller when one of the following hypotheses occurs:

    1. contests the accuracy of personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
    2. the processing is unlawful and you oppose the deletion of personal data by requesting instead that its use be limited;
    3. bench & eacute; the data controller does not have it anymore; need for the purposes of processing, your personal data is necessary for ascertaining, exercising or defending a right in court;
    4. you have opposed the processing pursuant to Article 21, paragraph 1, pending verification regarding the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.

    If the processing is limited pursuant to paragraph 1, such personal data shall be processed, except for storage, only with your consent or for the establishment, exercise or defense of a right in court or to protect the rights of another natural or legal person or for reasons of significant public interest of the Union or a Member State. L 119/44 EN Official Journal of the European Union 4.5.2016 3.
    If you have received the processing limitation pursuant to paragraph 1, you are informed by the data controller before the limitation is revoked.

    Art. 19 - Right to obtain notification from the data controller in the event of rectification or deletion of personal data or deletion of the same
    The data controller informs each of the recipients to whom the personal data were sent of any adjustments or deletions or limitations of the processing carried out pursuant to Article 16, Article 17, paragraph 1, and Article 18, except where proves impossible or involves a disproportionate effort. The data controller informs you of these recipients if you request it.

    Art. 20 - Right to portability
    You have the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning you provided to a data controller and you have the right to transmit such data to another data controller without hindrance from the holder of the processing which you provided if:

    1. the treatment is based on consent pursuant to Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), or on a contract pursuant to Article 6, paragraph 1, letter b);
    2. the processing is carried out by automated means.

    In exercising your rights with respect to data portability pursuant to paragraph 1, you have the right to obtain direct transmission of personal data from one data controller to another, if technically feasible.
    The exercise of the right referred to in paragraph 1 of this article is without prejudice to Article 17.
    The right referred to in paragraph 1 must not affect the rights and freedoms of others.

    Art. 21 - Opposition right
    You have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you pursuant to Article 6, paragraph 1, letters e) or f), including profiling on the basis of such provisions. The data controller refrains from further processing personal data unless he demonstrates the existence of legitimate cogent reasons for processing that prevail over your interests