We take your privacy very seriously. This privacy notice will inform you as to how we look after your personal data when you visit our website sitecreator.com (our Website) (regardless of where you visit from) and when you correspond with us by telephone, email or otherwise. It tells you about your privacy rights and how the law protects you.
IMPORTANT INFORMATION AND WHO WE ARE
Purpose of this privacy notice
This privacy notice aims to give you information on how Host Plus Limited (DBA Site Creator) collects and processes your personal data through the use of our Website, including any data you may provide through our Website when you sign up for an account, make an online enquiry, login to our Website as a customer, request a call back, sign up for our e-newsletter, complete surveys undertaken by us for research purposes and report a problem with our Website and when you correspond with us by telephone, email or otherwise.
Our Website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Who we are
Host Plus Limited ("we", "us", "our") is a 'data controller' for the purposes of your personal data. This means that we determine the purpose and means of the processing of your personal data. You will find our contact details at the end of this privacy notice (see below: "How to contact us").
PERSONAL DATA WE COLLECT ABOUT YOU
Personal data is any information relating to an identified or identifiable individual.
We collect, use, store and transfer different kinds of personal data about you. Depending on our relationship with you, this may include:
- full name;
- job title;
- business name;
- name of your employer or the organisation you represent;
- email address;
- telephone numbers (mobile and landline);
- information to enable us to check and verify your identity e.g. your date of birth;
- billing information;
- your personal or professional interests;
- technical information from when you visit our Website, including your login data, browser type and version, time zone setting and location, browser plug-in types and versions, Internet Protocol (IP) address, or other unique device identifiers, operating system and platform and other technology on the devices you use to access our Website, including a mobile device;
- profile information, including any username or password, and purchases or orders made by you, any support issue and your preferences;
- information about how you use our Website;
- marketing and communications information, including your preferences in receiving marketing from us and your communication preferences; and
- information that you volunteer to us when you when you sign up for an account, make an online enquiry, login to our Website as a customer, request a call back, sign up for our e-newsletter, complete surveys undertaken by us for research purposes and report a problem with our Website and when you correspond with us by telephone, email or otherwise.
We also collect, use and share aggregated data, such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate the data about how you use our Website to calculate the percentage of users accessing a specific website feature. However if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
If you do not provide personal data
For individual customers or suppliers, where we need to collect personal data to enter into a contract with you and you fail to provide that data when requested, we may not be able to enter the contract with you. This data may include specific details or information for us to be able to register your domain name for example. For individual customers, if you thereafter do not provide the personal data we ask for, this may delay or prevent us from providing our products and/or services to you. If you would like to know the details we may require before entering into a contract with us you can do so by emailing firstname.lastname@example.org.
HOW YOUR PERSONAL DATA IS COLLECTED
Depending on the circumstances, we use different methods to collect personal data from and about you including:
Directly from you. You may give us your personal data by filling in forms on our Website or by corresponding with us by email, telephone or otherwise. This includes personal data you provide when you:
- complete an online enquiry form;
- sign up for a web hosting account;
- log onto our Website as a customer;
- request our products and/or services;
- subscribe to our e-newsletter; or
- give us some feedback.
- Automated technologies or interactions. As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our cookies policy for further details.
- Other sources. We may receive personal data about you from various third parties as set out
Technical data from the following parties:
- advertising networks; and
- search information providers.
- Contact, financial and transaction data from providers of technical and payment and delivery services;
- From publicly accessible sources e.g. Companies House;
- From a third party with your consent e.g. your bank;
HOW AND WHY DO WE USE YOUR PERSONAL DATA?
Under data protection law, we can only use your personal data if we have a proper reason for doing so, for example:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.
A legitimate interest is when we or a third party have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use your personal data for and our lawful basis for doing so.
|What we use your personal data for||Our lawful basis for processing data|
|For individual customers with whom we have contracts – to provide our products and/or services to you||Necessary for the performance of our contract with you or to take steps at your request before entering into a contract with you|
|For other individuals who work for or represent corporate customers (or prospective corporate customers) e.g. for corresponding with you about the products and/or services we offer, to provide a price quote and to respond to your queries||Necessary for our legitimate interests or those of a third party e.g. to deal with pre-contractual enquiries or issues|
|For individual suppliers with whom we have contracts e.g. for corresponding with you about the products and/or services you offer, to obtain a price quote and to take steps under the contract with you||Necessary for the performance of our contract with you or to take steps at your request before entering into a contract with you|
|For individuals who work for or represent corporate suppliers (or prospective corporate suppliers) e.g. for corresponding with you about the products and/or services your organisation offers and obtain a price quote||Necessary for our legitimate interests or those of a third party e.g. to deal with pre-contractual enquiries or issues|
|To manage our relationship with you which will include (where appropriate) notifying you about changes to our terms of business or privacy notice||Necessary to comply with our legal obligations
Necessary for our legitimate interests i.e. to manage our relationship with you and to analyse and improve the products and/or services we offer
|To prevent and detect fraud against you or us||Necessary for our legitimate interests or those of a third party i.e. to minimise fraud that could be damaging for us and for you|
|Conducting checks to identify our customers and verify their identity||To comply with our legal and regulatory obligations|
|Other processing necessary to comply with legal and regulatory obligations that apply to our business or as otherwise permitted or required by law||Necessary to comply with our legal obligations|
|Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies||Necessary to comply with our legal obligations|
|Ensuring business policies are adhered to e.g. policies covering data security||Necessary to comply with our legal obligations
Necessary for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures so we can deliver the best service to you
|Operational reasons, such as improving efficiency, training and quality control||Necessary for our legitimate interests or those of a third party e.g. to be as efficient as we can so we can deliver the best service for you at the best price|
|Ensuring the confidentiality of commercially sensitive information||Necessary to comply with our legal obligations
Necessary for our legitimate interests or those of a third party i.e. to protect commercially valuable information
|Statistical analysis to help us manage our business e.g. in relation to our financial performance, customer base, product range or other efficiency measures||Necessary for our legitimate interests or those of a third party e.g. to be as efficient as we can so we can deliver the best service for you at the best price|
|Preventing unauthorised access and modifications to systems||Necessary to comply with our legal obligations
Necessary for our legitimate interests or those of a third party e.g. to prevent and detect criminal activity that could be damaging for us and for you
|Updating and maintaining customer and supplier records||For individual customers and suppliers, necessary for the performance of our contract with you or to take
steps at your request before entering into a contract
Necessary to comply with our legal obligations
Necessary for our legitimate interests or those of a third party e.g. to make sure we can keep in touch with our customers and other contacts
|Staff management and administration||Necessary for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service we are able to|
|External audits for the audit of our accounts||Necessary to comply with our legal obligations|
|To make suggestions and recommendations to you about products and/or services that may be of interest to you (including updates and modifications)||Necessary for our legitimate interests e.g. to develop our products and/or services and grow our business|
|To enforce or apply our Website terms and conditions or any other agreements||Necessary for our legitimate interests or those of a third party e.g. to enforce our legal rights and protect our business|
|To administer and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Necessary for our legitimate interests e.g. for running our business, provision of administration and IT
services, network security and to prevent fraud
Necessary to comply with our legal obligations
|To deliver relevant website content to you and measure or understand the effectiveness of the content||Necessary for our legitimate interests e.g. to study how customers use our products and/or services, to develop them, to grow our business and to inform our marketing strategy|
|To trial products and/or services which we consider may improve our products and/or services offering to you or our business processes||Necessary for our legitimate interests e.g. to develop our products and/or services, grow our business and ensure that we can deliver the best service we are able to|
|To use data analytics to improve our Website, products and/or services, marketing, customer relationships and experiences||Necessary for our legitimate interests e.g. to define types of customers for our products and/or services, to keep our Website updated and relevant, to develop our business and inform our marketing strategy|
|For testimonials on our Website||With your consent|
Where we rely on consent as a lawful basis to process your personal data, you have the right to withdraw your consent at any time. To do this, please email or write to us (see below: "How to contact us").
Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.
We may use your personal data to contact you through desktop alerts and live chat, and send you periodic communications by email and (where you have consented) SMS/text messaging about matters such as:
- new or related products and/or services from us (or other service providers as outlined in this privacy notice);
- notices concerning enhancements to our products and/or services; and
- requests for feedback on our products and/or services.
We have a legitimate interest in processing your personal data for marketing purposes. This means we do not usually need your consent to send you information about our products and services. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.
You have the right to opt out of receiving marketing communications at any time by:
- emailing email@example.com; or
- using the 'unsubscribe' link in our emails or 'STOP' number in texts.
We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.
Third party marketing
We will get your express opt-in consent before we share your personal data with any other company for marketing purposes.
WHO DO WE SHARE YOUR PERSONAL DATA WITH
Depending on the circumstances, we may share your personal data with:
- Companies within our group of companies;
- External service providers we use to help run our business e.g. email service provider, marketing service providers, IT system providers, document management providers, banks, payment card providers, analytics and search engine providers and postal service providers;
- Professional advisers including lawyers, bankers, loss adjusters, insurers, auditors, technical consultants and experts;
- Third parties to enable us to provide you with the products and/or services you have requested e.g. the relevant Registry for the domain name you have purchased;
- Third parties where you have given your express consent or where we reasonably believe a third party is acting on your behalf;
- Third parties e.g. courts, if necessary to enforce our terms of business;
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We may disclose and exchange information with law enforcement agencies, regulatory bodies and others to comply with our legal obligations.
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring. Usually, information will be anonymised but this may not always be possible. If Host Plus Limited is acquired by a third party, any personal data held about you will be one of the transferred assets.
TRANSFERRING YOUR PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA
Some of organisations with whom we share your personal data are based outside the European Economic Area (EEA) (which comprises the countries in the European Union and Iceland, Liechtenstein and Norway) so their processing of your personal data will involve a transfer outside of the EEA.
These transfers are subject to special rules under European and UK data protection law.
Whenever we transfer your personal data outside of the EEA (or once the UK leaves the European Union the UK), we will ensure a similar degree of protection is afforded to your data by ensuring one of the following (or one of the other grounds set out in data protection law) applies:
- your data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- the transfer is necessary for the performance of a contract between you and us;
- the transfer is necessary to establish, exercise or defend legal claims;
- there are adequate safeguards in place between us and the organisation receiving it (e.g. by the use of European Commission approved contractual terms); or
- you have provided explicit consent to the proposed transfer after being informed of any potential risks.
Please contact us (see below: "How to contact us") if you want further information on the specific mechanism used by us when transferring your personal data outside of the UK.
Residents of California
The following section pertains to the rights of individuals or households in California ("California consumers").
Civil Code Section 1798.83
Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California consumer, a business may be required to provide detailed information regarding how that business has shared that customer's Personal Information with third parties for direct marketing purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Information to third parties for direct marketing purposes without prior approval or give you a free mechanism to opt out of having their Personal Information disclosed to third parties for their direct marketing purposes.
Rights under the CCPA
As of January 1, 2020, the CCPA (California Civil Code Section 1798.100 et seq.) provides California consumers with additional rights regarding Personal Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of Personal Information are generally described above but differ for individual consumers depending on the Services used by such consumers.
Under the CCPA, qualifying California consumers may have the following rights:
Right to Know and Right to Delete
A California consumer has the right to request that we disclose what Personal Information we collect, use, disclose and sell. A California consumer also has the right to submit requests to delete Personal Information.
When we receive a request to know or delete from a California consumer, we will confirm receipt of the request within 10 business days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.
Our obligation to delete Personal Information is not required regarding information necessary, among other things: (1) to provide our services; (2) to detect and resolve issues related to security or functionality; (3) to comply with legal obligations, including our responsibilities and obligations, and privileges; (4) to exercise free speech or to ensure another's exercise of free speech; or (5) for internal purposes that a consumer might expect.
Right for Disclosure of Information.
A California consumer may also submit requests that we disclose specific types or categories of Personal Information that we collect.
Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable and unreasonable risk to the security of that Personal Information, or the security of our systems or networks. We also will not disclose California consumers' social security numbers, driver's license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers. Our obligations to disclose information are also subject to legal restrictions placed on us, including our duty to protect information from disclosure, or restrictions placed by legal or court authority.
If you are a California consumer and would like to make any requests under the CCPA, please direct them to the Protected.net Group Contact Information listed below.
If we receive any request we will use a two-step process for online requests where the California consumer must first, clearly submit the request and then second, separately confirm the request. We will use other appropriate measures to verify requests received by mail or telephone.
In submitting a request, a California consumer must provide sufficient information to identify the consumer, such as name, e-mail address, home or work address, or other such information that is on record with us so that we can match such information to the Personal Information that we maintain. Do not provide social security numbers, driver's license numbers, account numbers, credit or debit card numbers, medical information or health information with requests. If requests are unclear or submitted through means other than outline above, we will provide the California consumer with specific directions on how to submit the request or remedy any deficiencies. If we cannot verify the identity of the requestor, we may deny the request.
California Do Not Track Disclosures
Although some browsers currently offer a "do not track ("DNT") option," no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers' DNT signals.
WHAT ARE YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA?
Data protection law gives you certain rights, which you can exercise free of charge. Your rights will differ depending on our lawful basis for processing your data:
|Access||The right to be provided with a copy of your personal data and certain other prescribed information|
|Rectification||The right to require us to correct any mistakes in your personal data|
|To be forgotten||In certain situations, the right to require us to delete your personal data|
|Restriction of processing||In certain situations, the right to require us to restrict processing of your personal data e.g. if you contest the accuracy of the data|
|Data portability||In certain situations, the right to ask us to transfer any personal data you provided to us to another organisation|
|To object||The right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data e.g. where processing is carried out for the purpose of our legitimate interests|
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner's Office (ICO) on individuals' rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please email or write to us (see below: "How to contact us") and let us have enough information to identify you e.g. your full name, domain name and email address as well as what right you want to exercise and the personal data to which your request relates.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including;
- to respond to any questions, complaints or claims made by you or on your behalf;
- to show that we treated you fairly; and
- to keep records required by law to comply with our legal obligations.
We will not retain your data for longer than necessary for the purposes set out in this notice. Different retention periods apply for different types of personal data.
KEEPING YOUR PERSONAL DATA SECURE
We have put in place reasonable and appropriate security measures to endeavour to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk.
Our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our Website, we encourage you to read the privacy notice of every website you visit.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
HOW TO COMPLAIN
We hope that we can resolve any query or concern you may raise about our use of your personal data. If you want to complain about how we have used your personal data, please email or write to us (see below: "How to contact us"). However, if we are not able to resolve your complaint to your satisfaction, you can complain to the UK's supervisory authority, the Information Commissioner's Office (ICO). Further information about how to make a complaint to the ICO can be found on the ICO website www.ico.org.uk.
The EU General Data Protection Regulation also gives you the right to lodge a complaint with the supervisory authority in the European Union state where you work, normally live or where any alleged infringement of data protection laws occurred.
CHANGES TO THE PRIVACY NOTICE
This version was last updated in January 21st, 2020.
We may modify this privacy notice from time to time to reflect changes in or requirements of the law or modifications or updates to our products or services made in accordance with our terms of business. We will notify you if such change materially affects your rights under this privacy notice. Changes will not apply retrospectively and, unless the change is required immediately for legal reasons, notice of the modified terms will be provided a reasonable period prior to the changes taking effect.
CHANGES TO YOUR PERSONAL DATA
Please let us know if you change your name, address or any other personal detail (see below: "How to contact us")
HOW TO CONTACT US
If you have any queries about this privacy notice or how we use your personal data, you can contact us by email firstname.lastname@example.org or at the address listed below:
Host Plus Limited, trading as Site Creator,
Larch House, Parklands Business Park, Denmead, Hampshire, United Kingdom, PO7 6XP
Do you need extra help?
If you would like this notice in another format (for example large print) please contact us (see above: "How to contact us").