Premium Server Privacy Policy
This Privacy Policy (the “Policy”, the “Privacy Policy”) applies to the processing of personal data by Premium Server Hosting Ltd., a company registered in England and Wales (company number: 09348602), with registered address: 7th Floor, 50 Broadway, SW1H 0DB, London, United Kingdom (“Premium Server“, “we“, “us” and “our“) in its capacity as a data controller of personal data.
The Policy explains our data privacy practices in regard to the processing of personal data of individuals (“data subjects”, “you”, “your”) who visit our website (the “Site“), and/or use the services and/or products ordered or accessed through the Site (the “Services”) and/or as otherwise described in the Policy below. For the avoidance of doubt, this Policy does not apply to the processing of your personal data by third parties whose websites are not owned and operated by us.
For the purposes of this Policy, the individuals, whose personal data is subject to data processing under this Policy, respectively the types of their personal data processed by us, may be categorised as follows:
Apart from you, being the main source of information we collect about you, we may also collect information from publicly accessible sources (e.g. companies trade register, WHOIS, local national list(s) of sanctioned persons, social media and other webpages) and/or from third parties, such as our affiliates, trusted partners, including but not limited to marketing, advertising, security service providers, etc.
III. Purposes of and legal basis for data processing
We strive to collect only the minimum personal data necessary for the completion of the purposes of data processing, as set out below.
If you are residing in a country from the EU/EEA or in the UK, or in any other country where the processing of personal data shall be subject to a legally defined lawful basis, the following purposes and legal basis shall be applicable to the processing of your personal data by Premium Server:
If you are residing in a country governed by privacy laws under which consent is the only or most appropriate legal basis for processing personal data, your acceptance of this Privacy Policy or your use of our Site and/or Services, or your communication with us (as the case may be) will be considered your consent to the processing of your personal data for the purposes detailed herein.
We use cookies to collect some of the information set out in this Policy. Cookies can store your account identifier, ordering status, personalisation or website tracking. They can also be used for technical purposes such as keeping track of your current shopping session and enabling you to proceed to checkout and pay for your according order or to save information which has already been entered (languages preference, and your region), so that we can offer improved and more personalised Services, products and other relevant communication tailored to you. Cookies also allow us to fulfil our contractual obligations to third parties and partners if you have made a purchase on our Site by following a link from theirs.
We also use remarketing pixels provided by third parties to collect the information that you have visited our Site and were interested in certain offers.
We also use beacons, tags, click tracking codes and scripts to analyse trends and movements of users around the Site, gather information about the user base as a whole and how we can improve the Services and Site, to provide advertising based upon activities and interests and to measure advertising effectiveness. As a result we may display targeted, or interest-based, offers to you based on the products you currently own or have recently viewed and deliver other communication more relevant to you and your interests outside of our Site, on other websites part of the third party’s network.
We may share a unique code (such as a hashed email address) with аdvertising platforms and social networks to allow us to track online conversions from different sources and to direct targeted advertising to you or to a custom audience who share similar traits.
You can find detailed information about our use of cookies and you may also adjust your preferences as described in our Cookie Policy.
We disclose entire or part of your personal data in the following circumstances and always ensure that the appropriate safeguards on your privacy are undertaken:
In the course of our business operations and for the delivery of the Services we may transfer personal data around the world (including but not limited to the EU/EEA, USA, Canada, Australia, Singapore, Japan, Brazil, etc.) where we and/or the third parties, specified in Section V above, use data centers, facilities and/or maintain data processing operations.
When transferring personal data from the UK to the EU/EEA we rely on the data adequacy granted to the EU/EEA by the UK government. For data that flows from the EU/EEA to the UK we rely on the adequacy decisions of the European Commission in relation to the UK. This means that the EU and the UK have both determined each region’s data protection laws to be sufficiently robust to ensure data can safely flow between the UK and the EU/EEA.
In the event that we transfer personal data from the EU/EEA and/or the UK, we will use the appropriate transfer mechanisms to ensure that the transfer is in compliance with applicable data protection legislation. Such mechanism shall be transferring the personal data: (i) to a recipient in a country covered by the UK adequacy regulations; or (ii) to a recipient that has executed the Standard Contractual Clauses, approved by the European Commission (when the data subject is located in the EU/EEA) or the International Data Transfer Agreement, issued by the competent authority in the UK (when the data subject is located in the UK).
In all cases we will ensure that we have provided appropriate and proportional technical and organisational data protection and cybersecurity risk mitigation measures, as well as we have performed the appropriate risk assessments when transferring your personal data outside the EU/EEA and the UK.
VII. Security measures
We use Secure Sockets Layer (SSL) protocol to encrypt the information you enter on our Site in order to protect its security during transmission to and from our Site. When storing information, we protect its security by encrypting critical data. Access to this information is severely restricted, logged and reviewed periodically. When we collect credit card data and payments (we do not store full credit card numbers and CVV codes), the credit card data is subject to tokenization and strong security measures applied by our payment processors in accordance with the PCI DSS requirements.
We maintain physical, logical, electronic and procedural safeguards when collecting, storing and disclosing personal data. Our security procedures require us in some cases to request proof of identity before disclosing personal data to you.
To protect against unauthorised access to your account and information, we implement session management, strong authentication requirements, login expiration mechanisms and the option of using 2-factor authentication for Client Area access. Authentication data is encrypted. As an additional safety measure, we ask you to sign out when you finish using your account and your computer.
Although we take appropriate technical and organisational measures to maintain the safety and security of your personal data against loss, theft and unauthorised use, access or modification, please note that no transmission of information over the Internet is completely secure. Consequently, please note that we cannot fully guarantee the security of any personal data that you transfer over the Internet to us.
VIII. Retention periods
Information collected on our Site will only be retained for as long as necessary to fulfill the purpose for which it was collected. In general, we will automatically and securely delete your Client Area account information 2 years after you no longer have any active Services with us. Since we need to comply with applicable regulations in regard to retention of personal information related to contractual agreements, provision of Services, financial, billing, invoicing operations, tax calculations etc., a versioned copy of your order, payment and billing documentation may be stored for a period of 10 years after the termination of your Customer account. Your personal data is deleted automatically by our systems in accordance with these retention periods.
You are entitled to the following rights in relation to your personal data:
*If you are a California resident, you can learn more about the processing of your personal data, as well as your rights in the Premium Server California Consumer Privacy Act Addendum which is incorporated herein by reference.
You can exercise any of your rights by submitting a request to the email address specified in the “Contact information” section of this Policy. We will review and address your request(s) within one month as of the date of receipt. Please note that if your request is particularly complex or you have made a number of requests, it may take us longer than a month to respond to you. In this case, we will notify you and keep you updated. Please note that we may ask you to provide us with additional information necessary to verify your identity prior to our response. However, in certain circumstances such as to comply with the applicable legislation, we may be unable to honour your request, for which you will be duly notified.
In addition to the above rights, you can also access, correct, and delete certain personal data associated with your account through the “Owner Profile Details” Section in your Client Area.
In accordance with Premium Server Terms of Service, our Site and Services are designated for use by individuals who are at least 18 years old. If you are under the age of 18, you must request your parent or guardian to use the Site instead. Should you have evidence that someone under the age of 18 has bought Services and provided their personal data to us, please contact us using the details set out in the “Contact information” section below. If we become aware that we process personal data of a person under the age of 18, we will delete the data and terminate the use of the Services.
We reserve the right to modify this Policy at any time. If we decide to change our Policy, we will post the updates in the Site and in any other place we deem appropriate, so that you are aware of what personal data we collect, how we process it, and under what circumstances, if any, we disclose it.
If we make material changes to this Policy, we will notify you here, by email, or by means of a notice via our Site, at least ten (10) calendar days before the changes take effect, unless otherwise specified in the respective notification.
XII. Data Protection Authority
You have the right to direct questions or lodge a complaint about the processing of your personal data at any time with the competent supervisory authority for data protection – the Information Commissioner’s Office in the UK, at: https://ico.org.uk.
XIII. Contact information
For any data processing related questions and/or requests, please contact us at: dpo@Premium Server.co.uk.
Latest revision: September 01, 2023. Previous version may be found here.
Premium Server California Consumer Privacy Act Addendum
This Addendum supplements the information contained in the Premium Server Privacy Policy and applies to Website visitors, Customers, Users, Registrants, End Users, Affiliates and other individuals (incl. households) who are residents of the State of California, USA (“consumer”, “you”, “your”).
For avoidance of doubt, the term “data subject” used in the Privacy Policy shall correspond to the term “consumer” used herein and the term “personal data” in the Privacy Policy shall be equivalent to the term “personal information” used herein. All other terms which are not explicitly defined in this Addendum shall have the meaning as set forth in the Privacy Policy.
This Addendum is drafted in compliance with the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (“CPRA”), together hereinafter referred to as the “CCPA”, and other relevant California privacy laws and its purpose is to provide additional privacy disclosures and to inform you of your additional rights as a California resident.
We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“personal information”).
Section I (“Categories of data subjects and types of personal data”) of the Privacy Policy describes in detail what categories of personal information we have collected from consumers within the last twelve (12) months.
Sensitive personal information
Some of the personal information we collect may be considered “sensitive” within the meaning of Section 1798.140 (ae) of the CCPA. We may collect the following sensitive personal information: social security, driver’s license, state identification card, or passport number; account log-in information; debit card or credit card number; contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication.
Apart from you, being the main source of information we collect about you, we may also collect personal information from publicly accessible sources (e.g. companies trade register, WHOIS, local national list(s) of sanctioned persons) and/or third parties, such as our affiliates, trusted partners, including but not limited to marketing, advertising, security service providers, etc.
III. Purposes for collection of personal information, incl. sensitive personal information
The business and commercial purposes for which we collect, use and disclose personal information, incl. sensitive personal information about consumers are described in detail in Section III (“Purposes of and legal basis for data processing”) of the Privacy Policy.
We may disclose personal information to the categories of third parties and for the disclosure purposes as set forth in Section V (“Sharing of personal data”) of the Privacy Policy.
The periods for which we retain your personal information are described in Section VIII (“Retention periods”) of the Privacy Policy.
In the course of provision of our Services we do not sell any personal information related to consumers.
Premium Server has taken substantial steps to identify whether any of our activities as well as our data sharing arrangements would constitute a “sale” or “share” under the CCPA. Due to the complexities and ambiguities in the CCPA, we evaluate some of our third-party relationships periodically.
Under the CCPA, “sell,” “selling,” “sale,” or “sold,’’ means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for monetary or other valuable consideration. Therefore, it does not necessarily mean money was exchanged for the transfer of personal information, but the transfer may still be considered a “sale”. “Share” is defined as sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged.
VII. Consumer rights under the CCPA
The CCPA provides consumers with specific rights with respect to their personal information as follows:
A consumer shall have the right, at any time, to direct Premium Server not to sell or share the consumer’s personal information (“the right to opt-out”). Such a request of the consumer shall be respected for at least twelve (12) months before requesting that the consumer authorizes again the sale or share of the consumer’s personal information. In order to process the consumer’s request, Premium Server may use any personal information collected from the consumer in connection with the submission of the consumer’s opt-out request solely for the purposes of complying with the opt-out request.
To exercise your right to opt-out from sale or share or any other right under the CCPA, you may submit a request at any time via email to dpo@Premium Server.co.uk. At a minimum, you must provide us with your names and email address you have used when engaging with us. We reserve the right to request additional information in order to identify you and process your request. We will keep a record of this request. Please note that we will not discriminate against you if you exercise your rights under the CCPA.
Pursuant to the CCPA, you have a right to request information about the collection, use, and disclosure of your personal information performed by Premium Server over the preceding twelve (12) months, as well as to ask to provide you with these specific information:
You have a right to request that we delete a part of or all your personal information, subject to certain exceptions (i.e., when the information is necessary to: complete a transition or provide a service requested by you; debug or repair expected product functionality; detect or investigate cyber threats, etc.). Once we receive and confirm your verifiable consumer request, we will delete your personal information from our records, unless an exception applies.
You have the right to request that we correct inaccuracies in the personal information we have collected about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.
The CCPA grants you the right to instruct a business to limit its use or disclosure of your sensitive personal information to that use which is necessary to perform the services reasonably expected by you in your request for those services and to perform certain activities permitted by the CCPA. Please note that we do not use or disclose sensitive personal data for any purposes other than those necessary to provide you with our services or as permitted by the CCPA.
Premium Server shall not discriminate against a consumer because the latter exercised any of the consumer’s rights under the CCPA, including, but not limited to, by:
VIII. Exercising your rights
If you wish to exercise any of your rights under the CCPA, please submit your request to the following email address: dpo@Premium Server.co.uk.
As per the CCPA Premium Server shall take into consideration the following requirements when answering a consumer’s request:
With respect to your right to know and data portability – Premium Server is obliged to provide the required information no more than twice in 12 (twelve) months. The provision of information by Premium Server is generally free of charge. The disclosure shall cover the 12-month period preceding the receipt of the verifiable consumer request and shall be made in writing and delivered through the consumer’s Client Area, if the consumer maintains an account with us, or by mail or electronically at the consumer’s option if the consumer does not maintain an account with us, in a readily useable format that allows the consumer to transmit this information from one entity to another without hindrance. Premium Server may require authentication of the consumer that is reasonable in light of the nature of the personal information requested, but shall not require the consumer to create an account in order to make a verifiable consumer request. If the consumer maintains an account with Premium Server, we may require the consumer to submit the request through its Client Area.
If you have additional questions regarding your rights under the CCPA, please refer to the Premium Server Privacy Policy and contact us at [email protected]