We have a responsibility to protect and respect your privacy and look after your personal data. This Privacy Notice explains what personal data we collect, how we use your personal data, the reasons why we may need to disclose your personal data to others and how we store your personal data securely. For clarity, we may be both data controller and data processor for your personal data under certain circumstances.
This policy is subject to change, so please check this page on a regular basis for any further changes.
WHO ARE WE?
We are a provider of cloud, Internet domain names, hosting and IT support services, and are based in Edinburgh. The business is fully owned by Lee Hair who operates as a sole trader. Full contact details can be found at the end if this policy document.
ICO Registration Reference: ZA157859
The named individual responsible for data protection is: Lee Hair.
HOW THE LAW PROTECTS YOU
Data protection laws state that we are only able to process personal data if we have a valid reason to do so. The basis for processing your personal data includes, but is not limited to, your consent, performance of a contract, to enable billing and remittance, and to contact you for customer service purposes.
HOW DO WE COLLECT PERSONAL DATA?
We receive information about you when you use our website, complete forms on our website, if you contact us by phone, email, live-chat or otherwise in respect of any of my products and services or during the purchasing of any such product. If you provide us with personal data about a third party (for example when registering a domain on their behalf), you warrant that you have obtained the express consent from the third party for the disclosure and use of their personal data.
Your personal data may be automatically collected when you use our services, including but not limited to, your IP address, device-specific information, server logs, device event information, location information and unique application numbers.
WHAT DATA DO WE COLLECT FROM YOU?
The personal data that we may collect from you includes your name, address, email address, phone numbers, payment information and IP addresses. We may also keep details of your visits to my sites including, but not limited to traffic data, location data, weblogs and other communication data. We also retain records of your queries and correspondence when you contact us.
Please be aware that any video, image, or other content posted, uploaded or otherwise made available by you onto your website or web site application, whether published content or not, is not subject to my Privacy Notice. We merely process such data on your behalf, subject to my Terms and Conditions and you are responsible for any applicable legal requirements in respect of your content.
HOW DO WE USE YOUR DATA?
We use information about you in the following ways:
- To process orders that you have submitted to us;
- To provide you with products and services;
- To comply with any contractual obligations we have with you;
- To help me identify you and any accounts you hold with us;
- To enable us to review, develop and improve my website and services;
- To provide customer care, including responding to your requests if you contact us with a query;
- To administer accounts, process payments and keep track of billing and payments;
- To notify you about changes to our services;
- To inform you of service and price changes.
HOW LONG DO WE KEEP YOUR DATA?
We will keep your personal data for the duration of the period you are a customer of mine. We shall retain your data only for as long as necessary in accordance with applicable laws. On the closure of your account, we.may keep your data for up to 7 years after you have cancelled your services with us. We may not be able to delete your data before this time due to my legal and/or accountancy obligations. We assure you that your personal data shall only be used for these purposes stated herein.
WHO DO WE SHARE YOUR DATA WITH?
Here is a list of all the ways that we may use your personal data and how we share the information with third parties.
Your personal data is passed to 20i if you order Internet Domain Names, Web Hosting, Email Hosting or SSL Certificate services from us. This information is used to provide the services ordered and may be sent to a domain registrar outside of the EEA. If you order an Internet Domain Name and do not also purchase a domain privacy service, your personal data (name, address, contact telephone number and email address) will be made available to the public through mandatory domain name registry databases.
Web Hosting content and Email Hosting content will be stored on servers physically located in the UK.
Digital Ocean LLP
We use Virtual Private Servers (VPS) provided by Digital Ocean for all web applications that we provide and host on your behalf. These servers are located in the UK. No personal data is passed to Digital Ocean, but the individual applications on these servers may store personal data. It is the responsibility of the application user to manage the content stored in these applications.
Remote computer support services are provided using a Virtual Private Server (VPS) hosted by ConnectWise. Some personal data is recorded on this server so that individual organisations and users of devices can be identified. This data is limited to company name and a user’s full name. Communication with this server is secured using SSL and it is physically located in the EEA.
Jungle Disk / Amazon S3
Your backup data, which may contain personal data, will be stored on Amazon S3 Cloud servers that are physically located in the EEA. All data is fully encrypted using Jungle Disk software and private encryption keys. Your data is encrypted on your own devices before being copied to the Amazon S3 cloud storage servers. Neither Jungle Disk or Amazon S3 can access your data.
We use a third-party accounting service provided by FreeAgent. This service is used to store invoice contact details, invoice information and to process your payments via links to the following third parties:
- PayPal – for PayPal or card payment processing;
- GoCardless – for Direct Debit payment processing;
- Stripe – for debit or credit card processing;
We do not store any bank account, credit or debit card information.
If you purchase endpoint security or encryption products from us, we will pass your personal data to ESET UK to provide you with software licences or services. This information includes you name, email address and telephone number. Additional information may need to be provided to provide technical support
OUR WEB SITES
We operate and manage the following web sites:
EXTERNAL WEB LINKS
In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations to you. It may also mean that we shall be unable to provide services or process the cancellation of your service.
You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.
Our Privacy Notice shall be made clear to you at the point of collection of your personal data.
REQUESTING PERSONAL DATA RECORDS
If you want to see what information we hold, withdraw consent, object to processing, exercise your right to be forgotten or submit a Subject Access Request, please contact us using the details at the end of this policy document.
If we do hold information about you we will:
- Give you a description of it;
- Tell you why we are holding it;
- Tell you who it could be disclosed to;
- Provide you with a copy of the information in an intelligible form.
WHERE IS MY DATA STORED?
All information you provide to me is stored on encrypted workstations or servers within the EEA. From time to time, your information may be transferred to and stored in a country outside the EEA in relation to the provision of services. The laws in these countries may not provide you with the same protection as in the EEA; however, any third party referred to above outside of the EEA has agreed to abide by European levels of data protection in respect of the transfer, processing and storage of any personal data. By providing your data to us, you agree to this transfer and storage. However, we will ensure that reasonable steps are taken to protect your data in accordance with this privacy notice.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
YOUR RIGHT TO MAKE A COMPLAINT
You have the right to make a complaint about how we process your personal data to the Information Commissioner:
Information Commissioner’s Office
Tel: 0303 1231113
OUR CONTACT DETAILS
Address: Second Floor, 525 Ferry Road, Edinburgh, EH5 2FF
Telephone: 0131 5164760