Who are we?

The iomart Group, consisting of iomart Group Plc and its related group companies, provides managed hosting and cloud services. We consider protection of your privacy to be of the utmost importance.

We are committed to securing any data that we collect concerning you (“you”) and complying with applicable data protection and privacy laws. We maintain strict customer information privacy policies and use technologies to safeguard your information and communications from unauthorised intrusions and access.

Many of our group companies operate their own websites independently, but will refer to this central privacy policy to provide more information to you about the basis on which any personal information they collect from you, or that you provide to them, will be used by them. Each group company may provide additional notices to you on its website about its data protection and information security practices (these are called “privacy notices“), and this privacy policy should be read in conjunction with those privacy notices, together with the group company’s website terms and conditions.

In this privacy policy, the terms “we”, “our”, “us” are used to refer to the relevant group company. Please read the following carefully to understand how we collect, use and protect your information when you visit our site and use our products and services.

Relevant Legislation

Our business, systems and website are designed to comply with all relevant and appropriate national and international legislation with regards to data protection and user privacy (including the General Data Protection Regulation).

Collection of Personal Information

We will collect and process the following information about you:

Personal information you give to us.

  • This is information about you that you give us when you purchase a product or subscribe to a service from us, including if you download a whitepaper, ebook or brochure from our site, when you fill in a form on our site to contact us with an enquiry, when you correspond with us by phone, e-mail or otherwise, and includes information you provide when you visit our site, use the services provided by, or available through, our site, when you provide us with information requested by us for the verification of your identity, and when you report a problem with our site. We may also collect information about you when you take part in or register for one of our competitions, events or surveys.
  • The type of information you give us may include: your name and address, date of birth, email address, telephone number, credit card information and any related information. This information will be used in accordance with the purposes described in this privacy policy and in the relevant group company privacy notice at the time at which it was collected, and subject to any preferences stated by you. Further details of how to update your preferences are below.
  • When submitting a C.V. when applying for a job with us, you provide us with contact details and certain personal information about you including information about your education, qualifications, employment and job history.

Personal information we collect from you.

With regards to each of your visits to our site we may automatically collect the following information:

  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), pages you looked at, or searched for, and the products and services you have viewed, ordered or searched including, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us.

Information we collect from other sources.

Other sources can include third party data controllers; publicly available sources; data brokers or other data subjects.

  • If we collect other kinds of personal information about you, we will tell you about this in our privacy notice.

What Happens If You Don’t Provide Your Personal Information?

Please be aware that, if you choose to limit the personal information you provide to us (or, in some circumstances, provide no personal information at all), then we may be unable to provide you with the products and services you have expressed an interest in, or which we have a contract to provide to you. We may also be unable to provide you with access to some or all of our website (or its functionality).

Securing Your Personal Information

We maintain strict security measures in order to protect personal information. These measures include technical and procedural steps to protect your data from misuse, unauthorised access or disclosure, loss, alteration or destruction. Credit card information is transmitted using secure socket layer (SSL) encryption. Credit card information is stored, managed and maintained in line with Payment Card Industry Data Security Standard 3.2.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. All information submitted to our site via a web browser is protected using HTTPS between the server and your endpoint device, for example your mobile telephone or computer.

Retaining Your Personal Information

We will take steps to ensure that the personal information that we hold about you is retained for only as long as it is necessary for the purpose for which it was collected. We apply criteria to determine the appropriate retention period for different categories of personal information that we hold about you. For example, we will keep information necessary to protect us in a legal claim up to 7 years after termination of the contract. After this period it will be deleted to the extent reasonably possible, and in compliance with our data retention policy.

With regards to information contained in any C.V. which you have submitted through our site, we may retain your C.V. information for a period of up to 12 months in order to contact you about further job opportunities that you may be an appropriate candidate for. Please note that you can ask us not to retain your C.V. in this way, at any time, by contacting us using the contact details listed at the end of this privacy policy.

Social Media and Other Websites You Visit

This privacy policy only applies to this site and does not apply to the following:

A) Any social media posts or comments that you make which are about us, or addressed to us on social media platforms or websites (for example, Twitter, LinkedIn and Facebook). Any such posts or comments will be shared by you under the terms of the relevant social media platform or website on which they are published.

B) Links contained on our site, to other recognised and respected organisations’ websites.

We recommend that you review the terms and conditions and privacy policies of the relevant social media platforms and other websites which you visit, to understand how they use your information.

Monitoring

We may monitor and record telephone calls, emails and other communications in accordance with UK law and for business purposes such as for quality assurance, training, for legal or regulatory reasons and to prevent or detect crime.

Where We Store Your Personal Data

From time to time, personal information may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the processing of your payment details and the provision of support services.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and the relevant privacy notice. Where the transfer is to a party located in a territory which does not have adequate privacy safeguards for European Union (“EU”) law purposes, we will take steps to ensure that EU Model Clauses or, for transfers between EU and US, Privacy Shield requirements, are complied with by parties processing such personal data.

Your Rights

You have a number of rights under data protection laws in relation to the way we process your personal data. These are set out below. You may contact our DPO directly (whose details are below) to exercise any of these rights, and we will respond to any request received from you within one month from the date of the request. In very exceptional circumstances we may need to extend this timescale, but we will always tell you in advance if we do, and our reasons why.

If you have any concerns regarding our processing of your personal data, or are not satisfied with our handling of any request by you in relation to your rights, please get in touch with our Data Protection Officer at the contact details set out below in the first instance. You always have the right to make a complaint to the Information Commissioner’s Office (“ICO“). The ICO is the UK’s independent body set up to uphold information rights. You can find out more about the ICO on its website (https://ico.org.uk/). Their address is:

First Contact Team
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
SK9 5AF

Contact Us and Complaints

Please address any questions, comments and requests regarding our data processing practices to our Data Protection Officer in the first instance. You can write to us at any time in relation to your rights, including to receive details of the personal information we have about you. Please contact us at dpo@iomart.com or write to:

Data Protection Officer,
iomart Group PLC
6 Atlantic Quay
55 Robertson Street
Glasgow
G2 8JD

Please quote your name and account number (if you are a customer). If you are requesting information, please also include details of the information you require a copy of as this will help us locate the relevant information. Please be aware that we will take all reasonable steps to confirm your identity before providing you with the information you have requested.

Changes to This Privacy Policy

Any changes to our privacy policy will be placed here and will supersede this version of our privacy policy. We will email you to notify you of these changes where:

  • We are making substantial changes, or
  • Where we are doing something with your personal data, which you might not expect based on what we have told you in this privacy policy.

Otherwise, any updates to this privacy policy will be notified to you by a clearly highlighted on the homepage of this site.

Appendix

Top Layer Privacy Notice

How Will We Use Your Information

We will use information held about you in the following ways:

Information you give us.

We will use this information:

  • to carry out our obligations arising from any agreements entered into between you and us, including processing your orders and providing you with the information, products and services that you request from us;
  • to send you a welcome email to verify your account when you register with the site and other emails and communications for the purposes of account management or system maintenance;
  • verifying your identity when required (such as when you forget a password or security information) to protect your data from unauthorised access and to help prevent fraud;
  • to provide you with marketing information about other services or products we offer that are similar to those that you have already enquired about, or services or products you have consented to receiving on the relevant site;
  • to notify you about changes to our services and/or products;
  • in relation to your CV submitted on our site, for purposes in relation to the relevant job which you are applying for, and to notify you about the progress of your job application and contact you about further job opportunities that you may be an appropriate candidate for; and/or
  • to ask you for feedback on our services and/or products and to develop and manage our sites in order to give you a better user experience and to improve the design of our products and services.

Information we collect about you.

We will use this information:

  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • to allow you to participate in interactive features of our site, when you choose to do so;
  • as part of our efforts to keep our site safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you where permitted; and/or
  • to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

Information we receive from other sources.

We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Using Your Information In Accordance With Data Protection Laws

Data protection laws require that we meet certain conditions before we are allowed to use your data in the manner described in this privacy policy.  We take our responsibilities under data protection laws extremely seriously, including meeting these conditions.  To use your personal data, we will rely on various conditions, depending on the activities we are carrying out:

  • Consent: We may provide you with marketing information about our services or products where you have provided your explicit consent for us to do so.
  • Legitimate interests: We may rely on a condition known as “legitimate interests”. It is in our legitimate interests to collect your personal data as it provides us with the information that we need to provide our services to you more effectively. This requires us to carry out a balancing test of our interests in using your personal data (for example, in order to provide you with the information, products and services that you request from us), against the interests you have as a citizen and the rights you have under data protection laws (for example, to not have your data sold to third party marketing companies without your knowledge, or store your personal data in insecure or unstable countries or regions). The outcome of this balancing test will determine whether we can use your personal data in the ways described in this privacy policy (except in relation to marketing, where we will always rely on your explicit consent). We will always act reasonably and give full and proper consideration to your interests in carrying out this balancing test.

Disclosure of Your Information to Others

We will only disclose your information to:

  • companies within the iomart Group, subject to the terms of this privacy policy;
  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
  • members of the iomart Group and third party suppliers and service providers for the purposes listed under How We Will Use Your Information above;
  • selected third parties so that they can contact you with details of the services that they provide, where you have expressly opted-in/consented to the disclosure of your personal data for these purposes;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site and other selected third parties; an
  • law enforcement or fraud prevention agencies, as well as our legal advisers etc.

We may also disclose your personal information to third parties:

  • in the event that we are subject to a re-organisation or any of our business or assets are sold to a third party, to the re-organised or third party identity;
  • if we, or substantially all of its assets, are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets;
  • where it has been legitimately requested for legal or regulatory purposes, as part of legal proceedings or prospective legal proceedings or otherwise for the prevention or detection of fraud or crime;
  • in order to enforce or apply our site terms of use; and
  • to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;

From time to time we may provide anonymised information of a general nature to third parties – for example, the number of individuals visiting our site or using our services – but we will not use any information that could identify those individuals.

Controller Contact Details

The controller of this website is: iomart Group Plc, a UK Public Limited Company with the company number SC204560.

Registered office and head office:
iomart Group PLC
6 Atlantic Quay
55 Robertson Street
Glasgow
G2 8JD