Compliance Policy

1. Compliance philosophy

Velohost’s compliance approach is based on three core principles:

• Minimise data collection and processing
• Rely on publicly observable information
• Operate transparently and independently

By reducing the amount of personal and sensitive data handled, Velohost limits regulatory risk while increasing user trust.

2. Applicable legal frameworks

Velohost aligns its operations with applicable UK and international laws and standards, including but not limited to:

• UK GDPR and the Data Protection Act 2018
• Privacy and Electronic Communications Regulations (PECR)
• UK Modern Slavery Act 2015
• UK Equality Act 2010 (accessibility principles)
• Online Safety and child protection obligations

3. Nature of Velohost services

Velohost provides automated tools that analyse publicly available internet infrastructure and configuration data.

Services do not:

• Access private systems or accounts
• Authenticate into third-party platforms
• Modify user infrastructure or configurations
• Perform intrusive or exploitative scanning

All outputs are informational and observational in nature.

4. Data protection and privacy compliance

Velohost is designed to operate without storing personal data wherever possible.

Where limited technical data is processed to deliver a service, it is handled transiently and discarded immediately after use unless explicitly stated otherwise.

Full details are available in the Privacy Policy .

5. Analytics and measurement compliance

Velohost uses limited, privacy-respecting analytics solely to improve usability and reliability.

Analytics operate without advertising, profiling, or cross-site tracking and are subject to user consent where required.

Details are provided in the Analytics Policy .

6. Security and operational controls

Velohost applies proportionate technical and organisational measures to protect service availability, integrity, and abuse prevention.

Infrastructure providers and platforms used by Velohost maintain their own security and compliance certifications.

Further details are available in the Security Policy .

7. Third-party providers

Velohost relies on established infrastructure and platform providers, including but not limited to:

• Cloudflare
• IONOS
• Fasthosts
• Plesk
• GitHub
• Expo

Each provider maintains its own compliance, security, and legal obligations.

8. Abuse prevention and acceptable use

Velohost enforces safeguards to prevent misuse, abuse, or unlawful activity.

Prohibited behaviour is outlined in the Acceptable Use Policy .

9. Law enforcement and legal requests

Velohost responds to valid legal requests in accordance with applicable law.

Due to minimal data retention, Velohost is typically unable to provide historical user information.

10. Policy updates

This Compliance Policy may be updated to reflect changes in law, platform operations, or regulatory guidance.

Continued use of Velohost services constitutes acceptance of the current version.