This policy (together with any ancillary documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed.
Please read the following carefully to understand how we will treat and regard your personal data.
20i Ltd is a registered company in England & Wales (Company number 09775671). Our registered address is 20i Ltd, Hawthorn House, Southwell Road West, Mansfield, Nottinghamshire, NG21 0HJ
20i may be both a data controller and data processor of personal data. We have a designated Data Protection Officer who can be contacted at our registered address.
What information we collect
Any personal information that you provide by filling in forms on our website. This includes information provided at the time of registering an account, purchasing services from us or requesting further services. We may also ask you for information when you report a problem with our site or the services you have purchased.
If you contact us by letter or email, records of the correspondence may be kept.
Telephone conversations may be recorded for training purposes.
Details of transactions you carry out through our site and of the fulfilment and administration of your orders.
We also record technical data such as your operating system, browser type, referring / exit pages and URLs, number of clicks, domain names and pages viewed in our server logs. This information is used for marketing and security purposes.
In the circumstances where we are acting as a data processor, we shall only act on the instructions of our customer as the data controller. If you provide us with personal data about a third party (for example when registering a domain on their behalf), you warrant that you have obtained the express consent from the third party for the disclosure and use of their personal data.
How we use personal data
For the avoidance of doubt, 20i will never sell your personal data to third parties.
Automatic decision making
We may use the information provided by you to perform automatic decisions about the acceptance of orders you place. This helps us combat fraud and abuse and this information never leaves our network.
Where we store your personal data
The personal data that we collect from you will be stored on our servers inside the European Economic Area (“EEA”). Occasionally, we may have to transfer personal data outside of the EEA. For example, domain registration data needs to be sent to our domain registrar outside of the EEA. By submitting your personal data, you agree to this transfer, storing or processing of data outside the EEA. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the GDPR and our data protection policies.
We only retain your personal data for as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
20i infrastructure backups are kept for 12 months. Web Hosting data is kept for 30 days.
In the rare event backups containing personal information are restored post-deletion, 20i will make every reasonable effort to ensure data that has been forgotten is not inadvertently restored and ensure all traces of data are removed within a maximum period of 180 days unless additional retention obligations apply.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
Who we share your information with
By entering into this agreement, you agree to the processing of data by the third parties listed below. When we introduce any new, or change any existing third-party agreements, we will ensure this policy is updated at least 30 days before the new third party processes any data.
Credit/Debit Card Payments
MasterCard Payment Gateway Services
Direct Debit Payments
Internal communication of support issues/service incidents.
Google: including Adwords, Google Analytics, Youtube, Drive, Data Studio, Google My Business.
Site analytics, targeting and exclusion from PPC advertising, purchasing data. Reporting on anonymised data.
Facebook & Instagram
Targeting and exclusion from PPC advertising, purchasing data.
Targeting and exclusion from PPC advertising
Microsoft: Bing and Office 365
Site analytics, targeting and exclusion from PPC advertising, purchasing data.
Sending email and email analytics.
Testing of site optimisations (All personal data is anonymised).
Newsletter signup forms and other modals.
In the event of a data breach, the affected individuals will be contacted within the timescales specified in the GDPR, it will be reported to the Information Commissioner, and a full report - highlighting any risks - will be provided.
We may obtain information about your general Internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
Third party links
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Changes to this policy
How to contact us