Legal Requirements for Hosting Resellers in Europe

Published on

Essential legal requirements for European hosting resellers. Covers GDPR compliance, Terms of Service, business registration, payment regulations, and liability.

Written by Space-Node Team – Infrastructure Team – 15+ years combined experience in game server hosting, VPS infrastructure, and 24/7 streaming solutions. Read author bio →

Running a hosting reseller business in Europe requires compliance with several regulations. Ignoring them doesn't make them go away - it creates liability. Here's what you need.

Business Registration

Sole Proprietorship (Eenmanszaak/Einzelunternehmen)

  • Simplest structure
  • Personal liability for business debts
  • Lower administrative requirements
  • Suitable for starting out

Limited Company (BV/GmbH/Ltd)

  • Separate legal entity
  • Limited personal liability
  • Higher administrative requirements
  • Required for serious growth

Register with your local Chamber of Commerce (KvK in Netherlands, Handelsregister in Germany, Companies House in UK).

GDPR Compliance

As a hosting provider, you process personal data:

  • Customer names, emails, addresses
  • Payment information
  • IP addresses
  • Server access logs

Required Elements

Privacy Policy must include:

  • What data you collect
  • Why you collect it (legal basis)
  • How long you store it
  • Who has access (including infrastructure providers)
  • Customer rights (access, correction, deletion)
  • Cookie usage
  • Data Protection Officer contact (if applicable)

Data Processing Agreement (DPA) When using infrastructure providers (like Space-Node), you need a DPA defining:

  • What data the provider processes
  • Processing purposes
  • Security measures
  • Notification procedures for breaches

Consent Management

  • Cookie consent banner (required for non-essential cookies)
  • Marketing consent (separate from service agreements)
  • Account creation consent (link to Terms of Service and Privacy Policy)

Data Breach Notification If personal data is compromised:

  • Notify supervisory authority within 72 hours
  • Notify affected individuals if high risk
  • Document the breach and response

Terms of Service

Your ToS defines the relationship with customers. Include:

Service Description

What you provide, what you don't. Be specific:

  • "We provide game server hosting on shared infrastructure"
  • "We do not provide game configuration or development support"

Acceptable Use Policy (AUP)

What customers can and cannot do:

  • No illegal content
  • No spam or phishing
  • No DDoS attacks from your servers
  • No excessive resource usage beyond plan limits

Liability Limitations

  • Maximum liability equal to amounts paid
  • No liability for data loss (encourage customers to maintain backups)
  • Force majeure clause

Termination

How you and the customer can end the relationship:

  • Customer cancellation: 30-day notice
  • Your termination for ToS violations: immediate after warning
  • Data retention after termination: 30 days

Refund Policy

State it clearly. Options:

  • 30-day money-back guarantee
  • Prorated refunds for annual plans
  • No refunds after service delivery

Payment Regulations

PSD2 (Payment Services Directive)

If using Stripe/PayPal: they handle compliance. If processing payments directly: PSD2 requirements apply.

VAT (Value Added Tax)

  • Register for VAT when exceeding thresholds (varies by country)
  • EU B2C sales: charge VAT based on customer's country
  • EU B2B sales: reverse charge mechanism (no VAT charged)
  • Non-EU customers: no EU VAT
  • Use tools like Quaderno or Stripe Tax for automation

Invoicing Requirements

Each invoice must include:

  • Your business name and address
  • Customer details
  • Invoice number (sequential)
  • Date
  • VAT number (if applicable)
  • Line items with amounts
  • VAT breakdown
  • Total amount

WHMCS handles invoice generation, but verify it includes all required elements for your jurisdiction.

Content Responsibility

Notice and Takedown

When receiving complaints about customer content:

  1. Evaluate the complaint
  2. If clearly illegal: remove immediately
  3. If disputed: notify customer, allow response time
  4. Document everything

Hosting Liability

Under EU E-Commerce Directive (and upcoming Digital Services Act):

  • You're generally not liable for customer content you don't know about
  • Once notified, you must act
  • Document your notice and takedown procedures

Recommendations

  1. Get legal advice - Generic templates are a starting point, not a solution
  2. Use WHMCS compliance features - Built-in GDPR tools
  3. Keep records - Document compliance efforts
  4. Update regularly - Laws change; review annually
  5. Join hosting associations - Industry groups share compliance guidance

Legal compliance isn't optional. It protects both your business and your customers.

Space-Node Team

About the Author

Space-Node Team – Infrastructure Team – Experts in game server hosting, VPS infrastructure, and 24/7 streaming solutions with 15+ years combined experience.

Since 2023
500+ servers hosted
4.8/5 avg rating

Our team specializes in Minecraft, FiveM, Rust, and 24/7 streaming infrastructure, operating enterprise-grade AMD Ryzen 9 hardware in Netherlands datacenters. We maintain GDPR compliance and ISO 27001-aligned security standards.

View Space-Node's full team bio and credentials →

Launch Your VPS Today

Get started with professional VPS hosting powered by enterprise hardware. Instant deployment and 24/7 support included.

Deploy VPS NowNeed Custom Config?
Legal Requirements for Hosting Resellers in Europe