PRIVACY POLICY -
THE CLOUDOPS
Effective Date: January 2025
Last Updated: January 2025
1. INTRODUCTION
1.1 Our Commitment
The CloudOps ("we," "us," "our," "Company") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.
1.2 Data Controller
The CloudOps is the data controller responsible for your personal data. We determine how and why your data is processed and are accountable for ensuring compliance with data protection laws.
1.3 Contact Details
Data Protection Officer: The CloudOps Email: [email protected] Website: www.thecloudops.co.uk Address: United Kingdom
2. INFORMATION WE COLLECT
2.1 Information You Provide
We collect information you provide directly to us:
- Contact Information: Name, email address, phone number, company name
- Account Information: Username, password, account preferences
- Payment Information: Billing address, payment method details (processed by secure payment providers)
- Project Information: Requirements, specifications, documents you share
- Communication Data: Emails, messages, feedback you send us
2.2 Information Collected Automatically
When you visit our website, we automatically collect:
- Technical Data: IP address, browser type, operating system, device information
- Usage Data: Pages visited, time spent, click patterns, referral sources
- Location Data: General geographic location based on IP address
- Cookie Data: As detailed in our Cookie Policy section
2.3 Information From Third Parties
We may receive information from:
- Analytics Providers: Google Analytics
- Payment Processors: Stripe, PayPal
- Social Media Platforms: When you interact with us through social channels
- Business Partners: Referral information from partners
3. LEGAL BASIS FOR PROCESSING
We process your personal data based on the following legal grounds under UK GDPR:
3.1 Contract Performance
Processing necessary to fulfill our services to you, including:
- Providing web development, design, and digital marketing services
- Processing your orders and payments
- Communicating about project progress
- Delivering completed projects
3.2 Legitimate Interests
Processing for our legitimate business interests:
- Improving our services
- Marketing our services to existing clients
- Ensuring website security
- Analyzing website performance
3.3 Consent
Where you have given explicit consent:
- Marketing communications to prospects
- Cookie placement (non-essential cookies)
- Special category data processing (if applicable)
3.4 Legal Obligations
Processing required by law:
- Tax and accounting records
- Legal claims and disputes
- Regulatory compliance
4. HOW WE USE YOUR INFORMATION
4.1 Service Delivery
- Provide and manage our services
- Process transactions and payments
- Communicate about projects
- Provide customer support
- Send service-related notifications
4.2 Business Operations
- Improve and optimize our services
- Develop new features and services
- Monitor and analyze usage patterns
- Detect and prevent fraud
- Ensure network and information security
4.3 Marketing and Communications
- Send promotional communications (with consent)
- Inform about new services
- Share industry insights and tips
- Respond to inquiries
4.4 Legal and Compliance
- Comply with legal obligations
- Resolve disputes
- Enforce our terms and agreements
- Protect our rights and property
5. DATA SHARING AND DISCLOSURE
5.1 We DO NOT Sell Your Data
We never sell, rent, or trade your personal information.
5.2 Service Providers
We share data with trusted third parties who assist our operations:
- Cloud Hosting: AWS, Google Cloud (data storage)
- Payment Processing: Stripe, PayPal (payment handling)
- Email Services: Professional email providers
- Analytics: Google Analytics (website insights)
- Project Management: Tools for service delivery
All service providers are bound by data protection agreements.
5.3 Legal Requirements
We may disclose information if required by:
- Court orders or legal proceedings
- Government or regulatory requests
- Protection of our legal rights
- Prevention of fraud or security threats
5.4 Business Transfers
If we merge, acquire, or sell business assets, personal data may be transferred. We will notify you before any transfer that results in a change to this Privacy Policy.
6. YOUR RIGHTS UNDER GDPR
6.1 Your Rights
Under UK GDPR, you have the following rights: Right to Access • Request copies of your personal data • Know how we process your data Right to Rectification • Correct inaccurate personal data • Complete incomplete data Right to Erasure ("Right to be Forgotten") • Request deletion of your personal data • Applies when data is no longer necessary Right to Restrict Processing • Limit how we use your data • Temporary suspension of processing Right to Data Portability • Receive your data in machine-readable format • Transfer data to another service Right to Object • Object to processing for direct marketing • Object to processing based on legitimate interests Rights Related to Automated Decision Making • Not be subject to solely automated decisions • Request human intervention
6.2 Exercising Your Rights
To exercise any of these rights:
- Email: [email protected]
- Include proof of identity
- Specify which right(s) you wish to exercise
- We will respond within 30 days
6.3 Right to Complain
You have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Phone: 0303 123 1113
- Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
7. DATA RETENTION
7.1 Retention Periods
We retain personal data for as long as necessary:
- Active Clients: Duration of services plus 6 years
- Project Files: 3 years after project completion
- Financial Records: 6 years (legal requirement)
- Marketing Data: Until consent withdrawn
- Website Analytics: 26 months
- Unsuccessful Inquiries: 1 year
7.2 Deletion Process
After retention period expires:
- Data securely deleted from active systems
- Backups purged within 90 days
- Confirmation available upon request
8. COOKIES
8.1 What Are Cookies
- Cookies are small text files stored on your device when you visit our website.
8.2 Types of Cookies We Use
Essential Cookies
- Required for website functionality
- Cannot be disabled
- Include session and security cookies
Analytics Cookies • Help us understand website usage • Google Analytics tracking • Can be disabled Marketing Cookies • Track advertising effectiveness • Retargeting purposes • Require consent
8.3 Managing Cookies
- Browser settings control cookies
- "Do Not Track" signals honored
- Cookie consent banner on first visit
9. DATA SECURITY
9.1 Security Measures
We implement appropriate technical and organizational measures:
- Encryption: SSL/TLS for data in transit
- Access Control: Role-based access restrictions
- Password Protection: Secure password requirements
- Regular Updates: Security patches and updates
- Monitoring: 24/7 security monitoring
- Backup: Regular encrypted backups
9.2 Data Breach Response
In case of a personal data breach:
- Notification within 72 hours to ICO (if required)
- Notification to affected individuals (if high risk)
- Documentation of breach and response
- Review and improvement of security measures
10. INTERNATIONAL TRANSFERS
10.1 Data Transfers
Your data may be transferred outside the UK/EEA for:
- Cloud storage services
- International service providers
- Global analytics platforms
10.2 Safeguards
We ensure appropriate safeguards:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions
- Binding Corporate Rules (where applicable)
- Your explicit consent (where required)
11. CHILDREN'S PRIVACY
11.1 Age Restrictions
- Our services are not directed to children under 16
- We do not knowingly collect data from children
- Parents may contact us to remove any data
11.2 Parental Rights
Parents/guardians can:
- Request access to child's data
- Request deletion of child's data
- Withdraw consent for processing
12. THIRD-PARTY LINKS
12.1 External Websites
Our website may contain links to third-party sites:
- We are not responsible for their privacy practices
- Review their privacy policies before providing data
- Links do not imply endorsement
12.2 Social Media
When you interact via social media:
- Platform's privacy policy applies
- We may receive basic profile information
- Direct messages treated as confidential
13. MARKETING COMMUNICATIONS
13.1 Email Marketing
- Explicit opt-in required for prospects
- Soft opt-in for existing clients
- Unsubscribe link in every email
- Preferences manageable in account settings
13.2 Types of Communications
- Service updates and newsletters
- Product announcements
- Industry insights and tips
- Event invitations
13.3 Opting Out
To stop marketing communications:
- Click unsubscribe in any email
- Email: [email protected]
- Update account preferences
14. DATA PROTECTION IMPACT ASSESSMENTS
14.1 When We Conduct DPIAs
We perform assessments for:
- New technologies or services
- Large-scale data processing
- High-risk processing activities
- Systematic monitoring
14.2 DPIA Process
- Identify need for DPIA
- Describe processing
- Assess necessity and proportionality
- Identify and assess risks
- Identify measures to mitigate risks
- Sign-off and record outcomes
15. YOUR CALIFORNIA PRIVACY RIGHTS
For California residents under CCPA:
- Right to know about personal information collected
- Right to delete personal information
- Right to opt-out of sale (we don't sell data)
- Right to non-discrimination
- Contact: [email protected]
16. CHANGES TO THIS POLICY
16.1 Updates
We may update this Privacy Policy:
- Material changes notified by email
- 30 days notice before changes take effect
- Previous versions available upon request
16.2 Last Modified
This policy was last modified on: January 2025
17. CONTACT US
17.1 Privacy Inquiries
For privacy-related questions: Email: [email protected] Phone: [Your Phone] Address: The CloudOps, United Kingdom
17.2 Data Protection Officer
Our DPO can be contacted at: Email: [email protected]
17.3 Supervisory Authority
UK Information Commissioner's Office (ICO) Website: ico.org.uk Phone: 0303 123 1113
18. GDPR COMPLIANCE CHECKLIST
We maintain GDPR compliance through:
- Privacy by Design principles
- Data Protection Officer designation
- Records of processing activities
- Privacy Impact Assessments
- Breach notification procedures
- Data subject rights procedures
- Third-party data agreements
- Staff training programs
- Regular compliance audits
- Documented policies and procedures
19. DEFINITIONS
- Personal Data: Any information relating to an identified or identifiable natural person
- Processing: Any operation performed on personal data
- Data Controller: Entity that determines purposes and means of processing
- Data Processor: Entity that processes data on behalf of the controller
- Consent: Freely given, specific, informed, and unambiguous indication of agreement
- Data Subject: Individual whose personal data is processed
END OF PRIVACY POLICY
By using our services, you acknowledge that you have read and understood this Privacy Policy.
This Privacy Policy is provided in English. Any translations are for convenience only.
© 2025 The CloudOps. All rights reserved.