Whitebolt LTD is a web services company based in the UK and operating under UK & European Law. We provide software development and hosting services, including and not limited to: Email Hosting, Web Hosting, App Hosting, Software Development and Database Hosting.
Information Covered by this Policy
Information we collect from you
In the course of your use of the Services, we obtain the following information about you as described below. We collect this data for the purposes described under “How We Use Your Information”.
Signing-up for services – User information
- Information you provide prior to any registration process, such as your email or mobile number when you provide it to us.
- Information that you provide during any registration process; or when you call or email us (for support or otherwise) or when you use our products or services.
- Payment information that you provide to us (by way of our Services or otherwise) when you purchase some of our products and services, including credit card data.
Use of services, website visits
- IP address
- browser type and version
- geographic location
- pages you view
- how you got to our Services
We store this data we collect in a variety of places within our infrastructure, including system log files, back end databases and analytics systems.
- Information from third party social networking sites, including information that social networking sites provide to us if you use your credentials at such social networking sites to log into some of our Services (such as your name and email address to pre-populate our sign-up form).
- The information you allow us to access varies by social networking site, and depends on the level of privacy settings you have in place at the social networking site. You can control and find out more about these privacy settings at the applicable social networking site.
How we use your information
We use the information we collect, both on its own and combined with any other information we collect about you, for the following purposes:
- To provide the requested Services to you;
- To ensure the proper functioning of our Services
- To offer and improve our Services;
- To provide you with requested information or technical support
- To facilitate your movement through our websites or your use of our Services;
- To diagnose problems with our servers or our Services;
- In connection with our security and compliance programs
- To administer our websites;
- To communicate with you;
- We also may use the information we receive in aggregated and anonymized formats to produce reports on trends and statistics.
- Payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services.
Sharing of information
As further described below, we will only share certain personal information with:
- Authorised members of our organisation
- Legal obligation
- Security audits
- Authorized users within your organisation
Authorised members of our organisation:
Information held by us will be used by us to provide your services and any support.
If legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be:
- violating our terms and conditions of use;
- causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or
- violating federal, state, local, or other applicable law.
We may use your information in the process of tracing any security breach. This information will used for the purpose of the audit and not be deleted after the audit. Audits and conducted internally by member of the Whitebolt team.
Authorised users within your organisation:
The transmission of information via the internet, email or text message is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted through the Services or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organisational measures to safeguard your personal information against loss, theft and unauthorized use, access or modification.
When we collect financial account information, such as credit card numbers, we protect its transmission through the use of encryption such as the Transport Layer Security (TLS) protocol.
Marketing & communication
You always have the opportunity to opt out of our marketing communications with you or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at firstname.lastname@example.org.
Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for Whitebolt products and services are provided to you upon the condition that you receive these communications from us. You must cancel your account(s) for Whitebolt and services, as applicable, if you do not wish to receive any transactional or service communications.
To cancel your Whitebolt account(s), please follow the instructions found in the terms of service for the applicable Whitebolt service. You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than seven years following the later of (i) the date on which you terminate your use of the Services or (ii) May 25, 2018, unless we are otherwise required by law or regulation to retain your personal information for longer.
Legal basis for processing your data
Depending on what information we collect from you and how we collect it, we rely on various grounds for doing processing your information under the GDPR, including the following reasons:
- In order to administer our contractual relationship, including setting up your requested Services, payments, renewals and processes;
- Because it is in our legitimate interest to run a successful and efficient business and provide you with the Services and other useful content;
- In order to fulfill any legal obligations we may have to collect this information from you; and/or
Because you have provided your consent for us to do so.
Your rights under GDPR
Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to the personal information we hold about you. We set out below an outline of those rights and how to exercise those rights.
Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. To exercise any of your rights, please send an email to email@example.com. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.
You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
You may request that we erase the personal information we hold about you in the following circumstances:
- where you believe it is no longer necessary for us to hold the personal information;
- we are processing it on the basis of your consent and you wish to withdraw your consent
- we are processing your data on the basis of our legitimate interest and you object to such processing
- you no longer wish us to use your data to send you marketing
- you believe we are unlawfully processing your data
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
Restriction of processing to storage only:
You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
- You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
- We wish to erase the personal information as the processing we are doing is unlawful but you want us to simply restrict the use of that data;
- We no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
You have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
Withdrawal of consent:
Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by emailing: firstname.lastname@example.org or following any links at the bottom on consented emails.
Some of our Services provide links to other websites. Because we do not control the information policies or practices of these third party sites, you should review their privacy policies to learn about how they collect and use personal information.
You may also log in to some of our Services using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain personal information with us, such as your name and email address to pre-populate our sign up form. For example, if you take advantage of certain of our social media features, such as the Facebook Like button, and widgets, such as the “Share This” button, the applicable social networking sites may collect your IP address, which page you are visiting on our websites, and may set a cookie to enable it to function properly.
Our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
We do not transfer data outside of the European Union and/or areas controlled by GDPR (such as the United Kingdom).
In the event that you wish to make a complaint about how we process your personal information, please contact our Data Protection Officer at email@example.com and we will try to deal with your request.
Notification of changes
Last changed: 4th Feb 2019