Last updated 18th June 2018
Who are “We?”
In this policy, whenever you see “We”, “Us” or “Our” it refers to UKCloudX, UKCloud and UKCloud Health, which are wholly owned and controlled by the Virtual Infrastructure Group Limited.
The full legal information for each legal entity is:
Virtual Infrastructure Group Limited, Company Number 08099285, Registered Office Hartham Park, Corsham, Wiltshire SN13 0RP.
UKCloudX Company Number 07619797, Registered Office Hartham Park, Corsham, Wiltshire SN13 0RP.
Your acceptance of this policy, and Our right to change it
By using Our websites, social media pages or providing your personal information you consent to Our collection of and use of the information you provide in the ways set out in this policy. If you do not agree to Our policy, please do not use Our websites, social media pages or associated services.
We may make changes to this policy from time to time. If We do, We will post the changes on this page and they will apply from the time We post them.
What is personal data?
Personal data is information that can be used to identify an individual, such as their name, address, phone number, email address or IP address. More information about what kind of information is classified as personal data can be found here.
The policy in brief
It’s important that you read the full policy to understand what information We hold, how We may use it and what your rights are. Here is a summary of the policy if you don’t have time to read it fully now:
- We collect data that is either personal data (as described above) or non-personal data, such as website pages that have been accessed.
- We collect information about people who visit Our website, or who use Our services or have expressed an interest in Our services.
- We only collect information that we need to provide Our services, to provide information, for administration, research, analysis and to improve Our services.
- We will keep your personal data securely at all times.
- We will never sell your data and We never share it with a third party to use for their own purposes
- We may share your data with carefully selected third parties which undertake work on Our behalf, or where We are required to share your data by Law.
The Full Policy
This policy applies to all the websites We operate, Our use of emails and text messages for marketing purposes and for any other methods We use for collecting information. It covers what We collect, and why, what We do with this information, what We don’t do with this information, and the rights you have.
What information do We collect and why?
We only collect your personal information that you have voluntarily chosen to provide to Us, and We will only collect personal information that We need, including information that will help Us to improve Our services.
We collect two kinds of information:
- Non-personal data such as the web pages that have been accessed and files that have been downloaded. This helps Us understand how many people use Our sites, how many people visit on a regular basis, and how popular Our pages are. This information allows Us to monitor and improve Our services.
- Personal data such as name, postal address, phone number, email address and IP address, and information about your interest in Our services.
We collect this information in connection with specific activities, such as newsletter requests, document downloads, feedback and other activities such as registration for Our events. The information is either needed to fulfil your request or to enable Us to provide you with a more personalised service. You don’t have to disclose any of this information to browse Our websites. However, if you do choose to withhold requested information, We may not be able to provide you with certain services or full functionality.
What do We do with the information?
We will use the information you provide to:
- Fulfil your requests – such as providing information about Our services or communicating Our career opportunities
- Process free trial requests
- Record any contact We have with you
- Prevent or detect any abuses of Our websites and to enable third parties to carry out technical or other functions on Our behalf
- Help Us to gain a better understanding of Our customers and users to enable Us to improve Our service
- Communicate with Our customers and users
- If you have agreed to it, provide information that We think may be of interest to you
Visitors to Our Website
- When someone visits ukcloudx.com, ukcloud.com or www.ukcloudhealth.com We use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google find out the identities of those visiting our website.
Website Search engine
- Our website search and decision notice search is powered by WordPress. Search queries and results are logged anonymously to help Us improve our website and search functionality. No user-specific data is collected by either Us or any third-party.
- We use a third-party provider, Pardot to deliver our monthly e-newsletters. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help Us monitor and improve Our e-newsletter.
UKCloud Ideas Portal
- We use a third-party provider, Salesforce, to provide Our Ideas Portal. If you create an account in the Ideas Portal, it will collect some personal information from you, such as your name, email address, and telephone number, in order that you can suggest improvements to Our services.
UKCloud Customer Portal
- Our Customer Portal is hosted by Us in the UK, and collects personal information needed by Us to deliver Our services to Our customers, such as name, email address and telephone number. The Portal has external links to Our Ideas Portal and GitHub page.
UKCloud GitHub Page
- The UKCloud GitHub page is hosted by GitHub. GitHub collects the minimum amount of personal information needed if you want to join Our GitHub community.
Social media sites
Email Request for Information, Registrations or Seminars
- We use links throughout Our website to provide you with opportunities to contact Us via email or web forms for various reasons, including to ask questions, request information about Our products and services and to provide comments and suggestions. You may also be offered the opportunity to have one of Our representatives contact you personally to provide additional information about Our products and services. To do so, We may request additional personal information from you, such as your name and telephone number, to help Us fulfil your specific request.
- If you choose to enrol for one of Our products or services via this website, We will need information about you, which will vary depending on the product or service you are signing up to. For some requests, We may require your name, address, telephone number and email address.
- Occasionally We may request information from customers, subscribers and website visitors via electronic surveys. Participation in these surveys is completely voluntary and you have a choice whether or not to participate and disclose information to Us. Survey information will only be used for monitoring or improving Our website, and improving Our products and services.
Information You Provide
The information provided by you to this website is provided with your explicit consent and may be classed as personal data. We will record details of your consent. To the extent that you supply Us with personal data about third parties (for example, your employer) you are confirming that you are entitled and authorised to disclose such data to us and that we are entitled to use such information in the same way that we use information about you as described in this Privacy and Cookies policy.
Opting Out of Future Communications
Occasionally We will tell our customers and subscribers about new products, services, upgrades, updates, events and seminars. You may opt out of these communications at any time by clicking the “unsubscribe” link at the bottom of any email received from us.
Sharing your information
We will only share your information if:
- We are legally required to do so
- We believe it is necessary to protect or defend Our rights, property or the personal safety of Our people or visitors to Our premises or websites
- We work with carefully selected partners that carry out work on Our behalf. We may ask Our partners to store your data or send emails. We only choose partners We can trust. We will only pass personal data to them if they have signed a contract with Us that requires them to:
- comply with all applicable data protection regulation
- treat your information as carefully and securely as We would
- only use the information for the specific purposes for which it was supplied (and not for their own purposes or for the purposes of any other organisation)
- allow Us to carry out checks to ensure they are continuing to do all these things
Declaration of Sub-Processing
- To help you decide whether to provide your personal data to Us, the following third-party companies act as Data Processors for Us in the provision of Our services to you:
- Xcite Digital Ltd, a website management company, based in the United Kingdom, and registered with the Information Commissioner’s Office as required by the UK Data Protection Act (no. ZA093109)
com Inc (and Pardot), a provider of CRM (customer relationship management) and marketing automation solutions, based in the USA, which transfer and process data in accordance with the Standard Contract Clauses formally recognised by the European Union, and the EU / US Privacy Shield
- Mailchimp, a provider of marketing automation solutions, based in the US, which transfers and process data under the EU / US Privacy Shield
- Eventbrite, an events management tool, based in the US, which transfers and processes data under the EU / US Shield
- Office 365 enables Our internal and external communication. Data is processed within the EEA, and may be transferred to the US data in accordance with the Standard Contract Clauses formally recognised by the European Union, and the EU / US Privacy Shield
Storing your information
Information is stored by Us on computers located within the UK. We may transfer the information to reputable third-parties as explained above – they may be situated inside or outside the European Economic Area. We may also store information in paper files.
We place a great importance on the security of Our visitors’, customers’ and users’ personal data. We will at all times collect, process and store your personal information in accordance with industry best practice, applicable data protection legislation/regulations, and Our ISO27001, ISO27017 and ISO27018 certifications for information security. We also undertake regular independent technical validations of all Our systems and services, to ensure that We are operating to the highest possible security standards.
All data processing activities resulting from use of Our website have been subject to formal Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) and these are available upon request from the UKCloud Data Protection Officer.
While We cannot guarantee that loss, misuse or alteration of data will not occur while it is under Our control, We use Our best efforts to try to detect and prevent this.
Unfortunately, the transmission of data across the internet is not completely secure and whilst We do Our best to try to protect the security of your information We cannot ensure or guarantee that loss, misuse or alteration of data will not occur when data is being transferred.
Where you or We have provided a password enabling you to access parts of Our websites or use Our services, it is your responsibility to keep this password confidential and secure. You should notify Us immediately if you suspect that your password has been compromised or becomes known to another person.
We will keep Your information only for as long as We need it to provide you with the goods and services or information you have required, to administer your relationship with Us, to comply with the law or to ensure we do not communicate with people who have asked Us not to. When We no longer need your information, We will always dispose of it securely in accordance with industry best practice.
What We don’t do with your information
We will never sell or share your information to other organisations to use for their own purposes.
The Data Protection Act 2018 gives you certain rights over your data and how We use it. These include:
- the right to be told what personal data we hold about you, and why, and a right to a copy of that information
- the right in certain circumstances to have inaccurate or incomplete personal data rectified, blocked, erased or destroyed
- the right to prevent your data being used for direct marketing purposes
- The right to withdraw your consent to Us storing and processing your personal data
- The right to have your data returned to you in a common, useable format
If you wish to exercise any of these rights please contact the Data Protection Officer in writing at UKCloudX A8 Cody Technology Park, Ively Road, Farnborough, GU14 0LX, or by emailing firstname.lastname@example.org.
If you want to know more about your rights, or you have exercised your rights and are unhappy with Our response you can contact the Information Commissioner’s Office.