Personal Information is any personally identifiable information, such as your email address, name, home or work address, telephone number, bank details or online identifier, which can directly or indirectly identify you. We refer to it as “Personal Information” here.
What information might we collect about you?
When you interact with us in the different ways described below, we may ask you for the following information:
- personal and contact details (for example your name, email address, address, phone number, financial and credit card information, personal description and photograph, proof of identity and residence.);
- personal and contact details you give us when subscribing to receive emails, newsletters or marketing information from us;
- technical information, including the Internet Protocol (IP) address used to connect your computer or device to the Internet, your log in information, browser type and version, time zone setting, browser plug- in type and versions, operating systems and platform and geographic location;
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time, products you have viewed or searched for, choices you make during your visit, page response times, download errors, on page errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page;
- information from social media activity (such as likes, shares and tweets) when you interact with us on social media;
- information and records obtained when you contact our customer service department by livechat or web;
- information you provide if you report a problem with our website or service;
- additional information which you provide voluntarily and/or which we may ask from you to better understand you and your interests
How and when do we collect your Personal Information?
We may collect your Personal Information when you request for services from us (or otherwise contact us from time to time) by:
- inputting your data onto our website;
- by directly contacting our business,
- when you speak to one of our customer service agents by telephone, live chat or through our webpage; or
- another business or organisation passes your details to us.
Why do we collect your Personal Information?
We collect and use your Personal Information because it is necessary to obtain certain details from you in providing you with the service you have requested and it is in our legitimate interests in the course of operating our business, including:
- providing the requested services and/or information to you;
- responding to your queries;
- transmitting Personal Information between our offices or functions for internal administrative purposes;
- hosting and maintaining our websites;
- ensuring network and information security; and/or
- carrying out direct marketing.
However we will only collect, use and handle your Personal Information when:
- it is necessary for our legitimate interests in connection with carrying out our business, as long as, in each case, these interests are in line with applicable law and your legal rights; and/or
- where you have agreed; and/or
- where this is necessary for legal obligations which apply to us.
How we use the Personal Information that you provide to us
We undertake the following processing of your Personal Information on the legal basis that it is necessary to perform the contract with you and to provide the services we have agreed to provide to you. Where we have not entered into a contract with you, we may also carry out this processing because in that pre-contractual stage where we consider it is necessary in our legitimate business interests in order to deal with requests, enquiries or comments you have made to us.
Pre-contract processing - we collect your Personal Information which you provide to us when applying for a service with us to comply with our legal obligations and to carry out fraud checks. We may also process your Personal Information for this purpose where we consider it necessary for performance of the contract with you, or otherwise with your consent.
Enhancing your experience and our business- we may use your Personal Information to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes. We may also share limited Personal Information with social media platforms to provide you with tailored services relevant to the services you have requested or received.
Other lawfully permitted processing - We may also use any Personal Information that you provide to us for example to other companies within Civo or to other organisations required to provide you with the requested service. If you choose not to provide Personal Information requested by us, we may not be able to provide you with the services and/or information you have requested or otherwise fulfil the purpose(s) for which we have asked for the Personal Information.
Marketing – where legally permitted to do so we use your contact information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or special offers or to notify you about our upcoming events. Providing you with marketing communications is not essential to providing the Services to you, therefore you may opt-out from receiving such communications.
You are entitled to opt-out from receipt of marketing communication at any time (see Marketing Opt-out below). Your decision to opt-out from our marketing communications will not affect your ability to continue receiving the Services from us.
Marketing Opt-Out - you are entitled to opt-out from receipt of marketing communication at any time and free of charge by using the “unsubscribe” option included in any marketing e-mail or other marketing material received from us or by contacting us directly via www.civo.com/contact.
How and when do we share information with third parties?
Some services that we provide require the involvement of third parties. We have carefully selected these third parties and taken steps to ensure that your Personal Information is adequately protected. The third parties may include business partners, suppliers, sub-contractors, advertisers (we do not disclose information about identifiable individuals to our advertisers, but will provide them with aggregate information to help us serve more relevant advertisements to an cohort of visitors and/or customers on various advertising platforms) analytics, search engine providers and evaluation companies.
Where we employ third party companies or individuals to process Personal Information provided by us on our behalf for business functions, including (without limitation) IT support, hosting our data on cloud platforms, legal, accounting, audit, consulting and other professional service providers, and providers of other services related to our business. Portions of our services may be provided by organisations with which we have a contractual relationship, including subcontractors, and, accordingly, your Personal Information may be disclosed to them. We only provide these organisations with the information that they need to be able to perform their services. We will have in place an agreement with our service providers which will restrict how they are able to process your Personal Information.
Sharing within our business and to Service Providers
International Transfers of your Personal Information
We may share or store your Personal Information with our third party service providers based outside the European Economic Area (“EEA”) who we engage to help us, amongst other things, fulfil your order, process your payment details and the provision of support services. We only transfer your Personal Information outside of the EEA:
- where the transfer is to a place that is regarded by the European Commission as providing adequate protection for your Personal Information; or
- where we have put in place appropriate safeguards, for example by using a contract for the transfer which contains specific data protection provisions that have been adopted by the European Commission or a relevant data protection authority. You can request a copy of these contracts by contacting us at: firstname.lastname@example.org
- where you have consented to it, or there is another legal basis to allow us to make the transfer.
Sharing with other third parties
We may also provide your information to other third parties such as regulators and law enforcement agencies, where we are required by law to do so, where necessary for the purposes of preventing and detecting fraud, other criminal offences and/or to ensure network and information security.
How long do we store Personal Information for?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Security and Confidentiality
We employ appropriate security measures to help protect your Personal Information and guard against access by unauthorised persons. Information storage is on our secure servers.
Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the site, you are responsible for keeping this password confidential. We ask that you do not share your password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure so we cannot guarantee the security of your information when it is transmitted to our website or from third party websites, any transmission is at your own risk, however we use strict procedures and security features to prevent unauthorised access.
- You may request access to or copies of the Personal Information that we hold about you. If you would like to exercise this right, please contact us at email@example.com or at Civo’s registered address: Unit H, Gateway 1000, Whittle Way, Stevenage, Hertfordshire, SG1 2FP. No charge will be payable for the first copy, additional copies may incur an administrative charge;
- If you believe that any information we have about you is incorrect or incomplete, please contact us at firstname.lastname@example.org as soon as possible. We will take steps to seek to correct or update any information if we are satisfied that the information we hold is inaccurate. You may request that we restrict our processing;
- You may request that your Personal Information be deleted, where it is no longer necessary for the purposes for which it is being processed and provided there is no other lawful basis for which we may continue to process such information;
- To the extent we are processing your Personal Information to meet our legitimate interests (as set out above), you may object to the processing of your Personal Information by us. If we are unable to demonstrate our legitimate grounds for that processing, we will no longer process your Personal Information for those purposes;
- You may object to our processing as set out above;
- You may withdraw any consent given to processing; and
- Where we are processing your Personal Information automatically for the purposes of performing our contract with you, you may have the right to request that the Personal Information we hold about you be transferred to a third party data controller.
Please contact email@example.com and we will assist you and provide you with all rights to which you are entitled in relation to your Personal Information under applicable data protection law.
If you are unhappy with the way that we have handled your Personal Information, you can make a complaint to the Information Commissioners Office (ICO) which is the UK authority responsible for data protection. Contact details are available online, or alternatively please ask us via email to firstname.lastname@example.org