Looking After Your Data
This Updated Privacy Notice shall become effective as of 25 May 2018 - At Magic Square Systems Limited, we understand that we have a responsibility to protect and respect your privacy and look after your personal data. This Privacy Notice, inclusive of our General Terms of Service, explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store your personal data securely. For clarity, Magic Square Systems Limited may be both data controller and data processor for your personal data under certain circumstances. We must advise that this policy is subject to change, so please check our website on a regular basis for any further changes.
This Privacy Notice sets out your rights under the new laws.
How the law protects you
Data protection laws state that we are only able to process personal data if we have valid reasons to do so. The basis for processing your personal data includes, but is not limited to, your consent, performance of a contract, to enable billing and remittance, and to contact you for customer service purposes.
How do we collect personal data
We receive information about you and from you when you use our website, complete forms on our website, if you contact us by phone, email or otherwise in respect of any of our products and services or during the purchasing of any such product development and support services. Your personal data may be automatically collected when you use our services, including but not limited to, your IP address, device-specific information, server logs, device event information, location information and unique application numbers.
What type of data do we collect
The personal data that we may collect from you includes your name, address, email address, phone numbers, payment information. We may also keep details of your visits to our site, email us and/or telephone us. We retain records of your queries and correspondence for reference purposes. Please be aware that any video, image, or other content posted, uploaded or otherwise made available by you onto your website we are hosting for you, whether published content or not, is not subject to our Privacy Notice. We merely process such data on your behalf, subject to our Terms and Conditions and you are responsible for any applicable legal requirements in respect of your content. This relates to your dynamic content using our content management studio if included in your product.
How do we use your data
We use information about you (personal data) in the following ways:
- To process orders that you have submitted to us;
- To provide you with products and services;
- To comply with our contractual obligations we have with you;
- To help us identify you and any accounts you hold with us;
- To enable us to review, develop and improve our products and services;
- To provide customer care, including responding to your requests if you contact us with a query;
- To administer accounts, process payments and keep track of billing and payments;
- To detect fraud and to make sure what you have told us is correct;
- To review job applications;
- To notify you about changes to our products and services;
- To inform you of service and price changes.
We will keep your personal data for the duration of the period you are a customer of Magic Square Systems Limited. We shall retain your data only for as long as necessary in accordance with applicable laws. On the closure of your account, we may keep your data for up to 7 years after you have cancelled your services with us. We may not be able to delete your data before this time due to our legal and/or accountancy obligations. We assure you that your personal data shall only be used for these purposes stated herein.
Who has access to your personal data
Here is a list of all the ways that we may use your personal data and how we share the information with third parties. For clarity, we have grouped them into the specific products and services that we offer:
If we register domain names on your behalf we process your data for administration, billing, support and the provision of services. Your data (Registrant) may be sent to the domain registrar outside of the EEA.
When we setup webspace we process your data for administration, billing, support and the provision of services
We process your data for administration, billing, support and the provision of services. Additionally, to provide customer domain and connection details and use email addresses to provide the service. IMPORTANT NOTE: Office 365 user data shared with Microsoft in the EEA. Exchange email shares data with third party infrastructure in the EEA. Standard email all UK based.
We process your data for administration, billing, support and the provision of services. Additionally, to provide details of the certificate owner to the certificate authority for its authentication and use. Owner data to certificate provider outside the EEA.
For the avoidance of doubt, we do not and never shall sell your personal data to third parties for marketing or advertising purposes.
In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations to you. It may also mean that we shall be unable to provide our services or process the cancellation of your service. You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly. Our Privacy Notice shall be made clear to you at the point of collection of your personal data.
Accessing and Updating your data
You must maintain the accuracy of your information and ensure all your details, including but not limited to, name, address, title, phone number, e-mail address and payment details are kept up to date at all times. You must do this by contacting firstname.lastname@example.org please make the subject: change my details to update your personal details.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.