What personal data we collect and why we collect it
Version 1.1 25th February 2018
This document is subject to regular changes and modifications. Please check back regularly for the latest version.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We do not use contact forms at the current time.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Standard log files are recorded for logins, and server access. This includes browsing any of the sites we host or sending any of these domains an email. These are necessary to prevent and detect fraud and abuse. These log files are also used for billing purposes and may be used occasionally to identify faults and measure performance.
Our computers and servers are backed up periodically. These backups are accessed on four occasions 1) Deletion of an old backup 2) Creation of a new backup 3) Restoration of a site or service 4) Regulatory requirements.
Who we share your data with
- The IP addresses of all incoming mail is shared with several third parties in order to reduce spam and fraud. (eg RBL service providers.)
- If you abuse the services we offer then your IP address may be used to report your activity to your ISP as well as various enforcement agenices.
- Customer names and phone numbers are uploaded to Google contacts and are sychronised across our phone devices to aid identification, reduce fraud and to improve the customer experience.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Backups are stored for up to eight years.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data
- Data is electronically protected with firewalls, encryption, access control and backups.
- Data is physically protected by limiting and restricting physical access.
- Backups are stored offline in a physically secure environment for up to eight years.
- We use “Two Factor Authentication” where available.
- All of our systems and services use strong passwords that are generated randomly.
What data breach procedures we have in place
- Check that a breach has indeed taken place
- Disable external access to affected services
- Inform affected customer(s) and other authorities
- Identify the source, method and severity of the breach
- Restore from backup if necessary
- Patch, repair, upgrade, educate, change passwords
What third parties we receive data from
We receive data from the following sources
- Domain name registries. When you move a domain name to us we are given access to the registrant information (Name, address, telephone number, email address, expiry dates, registration dates)
- Paypal. When you pay us (email address and sometimes your address)
- Lloyds Bank. When you pay us (Your name and payment reference)
- Caller ID. When you phone us we are given your phone number
What automated decision making and/or profiling we do with user data
- Our mailservers use RBLs to check the IP addresses of incoming mail and SpamAssassin is used to check the contents of emails for spam.
- Logging in repeatedly with invalid information will add your IP number to the firewall.
Industry regulatory disclosure requirements
When registering domain names through us, contact information of the registrant is shared with the relevant registry (eg Nominet for UK domains).