We would like to take this opportunity to assure you that we are 100% committed to protecting your privacy and security.
In order to communicate with you and to provide our products and services and related support, it is necessary for Smart Domain Group Ltd to process your personal data. In such cases, the data controller for this data for EU residents is Smart Domain Group Ltd, with its registered offices at Britannia House, 18 Second Avenue, Chatham, Kent ME4 5AU. All questions or requests regarding the processing of data may be addressed to: email@example.com.
2. Collection of Personal Information
We collect information from you when you place an order for a Smart Domain Group Ltd product, fill out a form for pre-sales assistance, open a support ticket, during a meeting or from a telephone appointment or your use of social media.
Smart Domain Group Ltd is a website design, SEO, web hosting and purchaser of domain names (for our clients). We provide services for you to use such as web hosting, secure e-commerce and e-mail.
The data is stored on our secure servers based in the UK.
To fulfil requests for domain names, SSL certificates or other products or services, you may be asked to enter/provide your name, email address, physical address, phone number, credit card information and/or organisational details or other personal information.
Domain name specific data
Smart Domain Group Ltd is required to provide certain information about customers who we register domain names on behalf of. This data is given to the relevant naming authority. This information will include personal data such as the customer’s name, address and telephone number.
The relevant naming authority will make such information available to the public through publicly accessible directories of owners of domain names.
It is a condition of the purchase of a domain name from Smart Domain Group Ltd that the customer agrees to the transfer of their personal data to the relevant naming authority and agrees to the naming authority making that personal data available on a public database. Smart Domain Group Ltd can provide its customers with details of the relevant naming authority on request.
3. Use of Personal Information
Your information, whether public or private, will not be sold, exchanged, transferred outside of our group company, or given to any other company for any reason without your consent, other than for the purposes specified below:
- 3.1 To process applications for Smart Domain Group Ltd products and services
Your information is used to provide our products and services and order processing as well as to conduct business transactions such as accounting.
- 3.2 To improve customer service
Your information helps us to more effectively respond to your sales requirements and provide technical support.
- 3.3 To send renewal notices and invoices
The email address you provide for order processing may be used to send you renewal notices and invoices for your services.
- 3.4 To send periodic emails
In addition, we may send you company newsletters, new service updates, security updates, related product or service information and status updates on maintenance or service availability.
- 3.5 To tell you about our products and services
We may send you information about our products and services that may be of interest to you based on your use of other products or services we provide.
4. Processing of Data and Consent
We will process your data for the purpose of performance of our contract with you or the legitimate interest of our business. In other cases, we will request your consent for the processing of the personal data you may submit. If you need to inform us of any personal information of another person (i.e. business partner, co-director, employee etc) you must obtain that person’s consent to both the disclosure and the processing of their personal information in accordance with this policy.
Your refusal to provide personal data to us for certain products and services may hinder us from fulfilling your order for those products or services. Also, if you deny or withdraw your consent to use personal data or opt out of receiving information about Smart Domain Group Ltd products and services this may result in you not being made aware of sales promotions, renewal notices, company newsletters, new service updates, security updates, related product or service information, and status updates on maintenance or service availability.
If Smart Domain Group believes or becomes aware that its processing of the Data is likely to result in a high risk to the data protection rights and freedoms of data subjects, it shall inform the Client as soon as reasonably practicable and provide the Client with all such reasonable assistance at the Client’s cost as the Client may reasonably require, in order to conduct a data protection impact assessment.
6. Use of application logs for diagnostics or to gather statistical information
Our servers automatically record information ("Application Log Data") created by your use of our services. Application Log Data may include information such as your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device and application IDs, search terms, and cookie information. We use this information to diagnose and improve our services. Except as stated in section 8 (Data Retention), we will either delete the Application Log Data or remove any account identifiers, such as your username, full IP address, or email address, after 12 months.
7. Sharing of Information and Transfers of Data
We do not sell or trade your personal information to outside parties.
We may transfer your personal data to trusted third parties in order to serve purposes that are specified in section 3 above. In circumstances where data is shared with such third parties, they are required to agree to confidentiality terms. This prohibits such third parties from selling, trading, using, marketing or otherwise distributing Smart Domain Group Ltd customer data.
For instance, we do share some of your data with MailChimp who are outside of the European Economic Area (EEA), as it is currently defined. Their servers are located in the United States. Because MailChimp certifies to the Privacy Shield framework, they can lawfully receive EU data. As we are located in the EEA, we have signed their Data Processing Agreement.
We may also release your information when we believe release is appropriate to comply with the law or protect our rights, property, or safety. It is our policy to notify customers of requests for their data from law enforcement agencies unless we are prohibited from doing so by statute or court order.
Law enforcement officials who believe that notification would jeopardise an investigation should obtain an appropriate court order or other process that specifically precludes member notification.
We may also disclose your personal information to third parties who may take over the operation of our business or who may purchase any or all of our assets, including your personal information. We will contact you using the details you provide if there is any change in the person controlling your information.
8. Data Retention
The personal information we collect is retained for no longer than necessary to fulfil the stated purposes in section 2 above or for a period specifically required by law or regulation that Smart Domain Group Ltd is obligated to follow.
Personal data used to fulfil verification of certain types of products such as SSL certificates and domain names. This data will be retained for a minimum of 10 years depending on the class of product or service and may be retained in either a physical or electronic format.
Even if you request deletion or erasure of your data, we may retain your personal data to the extent necessary and for so long as necessary for our legitimate business interests or performance of contractual obligations.
After the retention period is over, Smart Domain Group Ltd securely disposes or anonymises your personal information in order to prevent loss, theft, misuse, or unauthorised access.
9. Opting out; withdrawing consent
If at any time you would like to unsubscribe from receiving future periodic emails, we include unsubscribe instructions at the bottom of each email.
If Smart Domain Group Ltd is processing your personal data based on your consent, you may withdraw your consent at any time by contacting us at one of the addresses shown below.
10. Access to your personal data
You are responsible for providing Smart Domain Group Ltd with true, accurate, current and personal information. You are also responsible to maintain and promptly update the information to keep it true, accurate and current.
You have the right to access and modify your personal data stored by Smart Domain Group Ltd - you can do this at any time by emailing us at firstname.lastname@example.org. If any of the information we hold is inaccurate, we will delete or correct it immediately. Our security procedures mean that we may request proof of identity before we are able to disclose sensitive information to you. Any access request may be subject to a fee of £10 plus vat to meet our costs in providing you with details of the information we hold about you. We will, where possible, provide the information you require within 30 days of the request.
You have the right to receive the personal information that you have provided to us, in a commonly used and machine-readable format, and you have the right to pass that information to another controller and to have it transmitted directly, where technically feasible.
If you provide any information that is untrue, inaccurate, not current or incomplete, or if we have reasonable grounds to suspect that such information is untrue, inaccurate, not current or incomplete, we have the right to suspend or terminate your account and refuse any and all current or future services.
11. Your rights
In compliance with the rules on privacy, you have the following rights established by law:
You have the right to review your personal data that Smart Domain Group Ltd holds and check it for accuracy.
You have the right to correct data in the case that errors may be found in our records.
You have the right to request that any of your personal data be erased, i.e. right to be forgotten.
You have the right to obtain and re-use use your personal data for your own purposes.
You have the right to request that Smart Domain Group Ltd restrict the processing of your personal data under certain circumstances.
You have the right to object to our processing of your personal data.
12. How we protect your information
We implement a variety of security measures to maintain the safety of your personal information when you place an order or submit your personal information. All supplied sensitive/credit information is transmitted in an encrypted format via Secure Socket Layer (SSL).
After a transaction, your transaction‐related information will be kept on file to meet audit requirements and facilitate renewals.
Smart Domain Group Ltd uses a reputable third party to process credit card payments.
13. Data Breach Policy
The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. All applicable breaches will be reported within 72 hours of becoming aware of the breach to the ICO. We may also report a breach online if we are still investigating and will be able to provide more information at a later date. This is only where the breach is likely to result in a risk to people’s rights and freedoms.
Where there is no risk to people’s rights and freedoms the breach does not need to be reported.
Upon becoming aware of a security incident, Smart Domain Group Ltd will inform the Client without undue delay and shall provide all such timely information and cooperation as the Client may reasonably require in order for the Client to fulfil its data breach reporting obligations under (and in accordance with the timescales required by) Applicable Data Protection Law. Smart Domain Group Ltd shall further take all such measures and actions as are technically practicable given the nature of the Services and within its control to remedy or mitigate the effects of the Security Incident and shall keep the Client up-to-date about all developments in connection with the security incident.
14. Our Client's Data
The Client (the controller) appoints Smart Domain Group Ltd as the processor to process the Data. If we as a processor engage another processor for carrying out specific processing activities on behalf of the controller, the same data protection obligations will apply.
As a processor we shall not engage another processor (except those required to fulfil our business service) without prior specific or general written authorisation of the controller. In the case of general written authorisation, we shall inform the controller of any intended changes concerning the addition or replacement of other processors, giving the controller the opportunity to object to such changes.
We will only process the personal data on documented instructions from the controller. We will assist the controller by appropriate technical means for the fulfilment of the controller’s obligation to respond to requests for exercising the data subject’s rights. At the request of the controller, we will delete or return all the personal data to the controller after the end of the provision of services relating to processing.
16. Contact Us
Data Protection Officer
Our Office Location
Correspondence and Registered Address
Smart Domain Group Ltd,
18 Second Avenue,