Privacy Policy

We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and
share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event
you have a complaint.

This privacy notice applies to anyone who uses the websites and/or portals of, or who buys or uses any of the services or products provided by
Cloud Geeks Ltd.

By using any of our services or visiting our websites you agree to use of your information as set out in this privacy notice. This privacy notice
forms part of and should be read in conjunction with the terms and conditions on our website and the terms and conditions which apply to your
contract for the provision services and/or the supply of goods or products.

Who we are

Cloud Geeks collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General
Data Protection Regulation which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018. We
are responsible as ‘controller’ of that personal information for the purposes of those laws.

The personal information we collect and use
Collection of Data

When you place an order with us for any of our goods or services we will need certain information to process your order. This may be information
such as your name, private or business email address, postal address, site addresses, telephone or mobile numbers, date of birth, financial or
bank account/card information to help us identify you and provide you with the services or products. We may ask for further information that
relates to the service that you are ordering.
When you contact us to discuss your account, we may ask for certain information to confirm your identity, check our records and answer your
questions quickly and accurately.
If you complete a survey or enter into any competitions we may ask for information about you which we will make clear at the time and for the
purpose we will being using the information.
• We will automatically collect information: when you use our services, such as broadband usage or when you make a call the number,
destination and length of your call, which we need to help the services and for billing purposes;
• when you visit our websites, portals or use our online or mobile applications, we may collect and process information about your
usage of these by using “cookies” and other similar technologies (see “cookies” section below) to help us make improvements to the
websites and to the services we make available.

We may receive personal information from third parties, such as companies contracted by us to provide services to you, other
telecommunications operators, marketing organisations and credit reference agencies (see “credit checks” below).

Where you have been referred to Cloud Geeks by a partner or dealer that works with Cloud Geeks, we will have collected information about you from that
third-party partner or dealer. We will also collect information about you following the introduction and/or referral.

How we use your personal information

We use your personal information for example to:
• verify your identity when you use our services or contact us;
• process your enquiries, orders or contracts and to provide you with services;
• carry out credit checks and to manage your account(s);
• monitor, record, store and use any telephone, e-mail or other electronic communications with you for training purposes, so that we
  can check any instructions given to us and to improve the quality of our customer service, and in order to meet our legal and
  regulatory obligations;
• provide you with information about other services, offers or products from Cloud Geeks;

• to tell you about changes to our websites, services or terms and conditions;
• carry out any marketing analysis, profiling or create statistical or testing information to help us personalise the services we offer you
  and to understand what our customers want;
• analyse our services with the aim of improving them;
• recover any monies you may owe to us pursuant to a contract with Cloud Geeks;
• prevent or detect a crime, fraud or misuse of, or damage to our network, and to investigate where we believe any of these have
   occurred; and
• monitor network traffic from time to time for the purposes of backup and problem solving, for example our automated system may
  monitor email subjects to help with spam and malware detection.

Who we share your personal information with

We routinely share information with organisations outside of Cloud Geeks:
• involved in the running or managing of your accounts or providing services to you for us (e.g. customer support, carriers, or a courier company
if you have asked us to send something to you);
• to help us improve the services we are providing;
• for marketing purposes in respect of products and services offered by Cloud Geeks;
• as part of the process of selling one or more of our businesses;
• as part of current or future legal proceedings;
• in response to properly made requests from law enforcement agencies for the prevention, investigation and detection of a crime, for the purpose
  of safeguarding national security or when the law requires us to, such as in response to a court order or other lawful demand or powers contained
  in legislation; or
• in response to properly made requests from regulatory bodies such as the Information Commissioners Office, Ofcom and CISAS, for example
  where you contact Ofcom or CISAS asking them to investigate a complaint in respect of the provision of our services to you, they may request
  information from us to enable them to investigate and make a decision in respect of this matter. We will need to provide them with the relevant
  information we hold relating to your account.

How long your personal information will be kept

We retain personal data we collect for as long as necessary for the purposes for which the personal data was collected or where we have an
ongoing legitimate business need to do so (for example, to provide you with goods or services, to ensure that transactions can be processed,
settled, refunded, charged back or to indemnify fraud), or to comply with applicable legal, tax or regulatory requirements. Even if you close
your account, we will retain certain information to meet our obligations.

When we have no ongoing legitimate business need to process your personal data, we will either securely destroy, erase, delete or anonymise
it, or if this is not possible (for example because your personal data has been stored in backup archives), then we will securely store your personal
data and isolate it from any further processing until deletion is possible.


Retention periods for Customers/Marketing purposes: –
Account with current purchasing activity – Retained
Account with ceased purchasing activity – 7 years after activity ceased
Account with no purchasing activity – 2 years

Reasons we can collect and use your personal information

Our legal basis for collecting and using personal data will depend on the personal data concerned and the specific context in which we collect it.

However, we normally collect personal data from you where we need it to perform a contract with you, or where the processing is in our
legitimate interest and not overridden by your data protection interests or rights, or where we have your consent to do so. In some cases, we
may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or
those of another person.

If we collect and use your personal data in reliance upon our legitimate interests (or those of a third party) other than as described in this privacy
notice, we will make clear to you at the relevant time what those legitimate interests are.

Credit Checks

When you apply to buy products or services from us we may carry out a credit check. This means we may need to check certain records about
you which may include records at credit reference agencies or fraud prevention agencies.

Marketing Preferences

Where you have agreed to us contacting you either when you joined or via your preferences, we will contact you with details of products, services
and promotions which we believe you may be interested in. Such communications may contain tracking technology that tells us whether you
opened the communication and whether you followed the hyperlinks within the communication, in order to help us analyse the effectiveness of,
monitor, and improve our marketing campaigns. Such communications may contain tracking technology that tells us whether you opened the
communication and whether you followed the hyperlinks within the communication in order to help us analyse the effectiveness of, monitor and
improve our marketing campaigns.

If you change your mind and do not want us to send you marketing messages or information you can unsubscribe from any email updates by
clicking on the ‘unsubscribe’ button at the bottom of the email. In addition, you can contact us as detailed below.

Cookies

Our websites, portals and applications use cookies. Cookies collect information about your use of our website and any other portals or
applications including things like your connection speed, details of your operating system, the time and duration of your visit and your IP address.
The information collected by cookies enables us to understand the use of our sites and applications, including the number of visitors we have,
pages viewed per session, time exposed on pages etc. This in turn helps provide you with a better experience since we can evaluate the level of
interest in the content and tailor it accordingly. We will not attempt to identify you from your IP address unless required to as a matter of law
or regulation or in order to protect our, or our customers’, rights.


Most browsers automatically accept cookies. You can set your browser option so that you will not receive cookies and you can also delete existing
cookies from your browser. However, you may find that some parts of the website, portal or application may not function properly if you disable
cookies.

Transfer of your information out of the EEA

We will not transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or
which is set up under any agreement between two or more countries.

Your rights

Under the General Data Protection Regulation and the Data Protection Act 2018, you have a number of important rights:-

1. to be informed in relation to the fair processing of information and transparency over how we use your personal information
2. access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
3. require us to correct any mistakes in your information which we hold
4. require the erasure of personal information concerning you in certain situations
5. otherwise restrict our processing of your personal information in certain circumstances
6. receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable
    format and have the right to transmit those data to a third party in certain situations
7. object in certain situations to our continued processing of your personal information (or object at any time to processing of personal
    information concerning you for direct marketing)
8. object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information
Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, processed or accessed in an
unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your
information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected
data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud,
identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government
and leading businesses.

Changes to this privacy notice

We may change this privacy notice from time to time, when we do we will inform you via a notification on our website and/or by way of a notice
on invoices raised by us to you.

How to contact us
Please contact Compliance Team if you have any questions about this privacy notice or the information we hold about you. If you wish to contact
our Compliance Team, please send an email to compliance@cloudgeeks.co.uk or write to Cloud Geeks Ltd, 82A Singer Way, Woburn Road, Industrial Estate, Kempston, MK42 7PU

If you would like to unsubscribe from any email updates or marketing communications you can also click on the ‘unsubscribe’ button at the
bottom of the email. Alternatively, you can contact us by email marketing@cloudgeeks.co.uk. Cloud Geeks will endeavour to action such requests within
3 working days of receipt.

Should you wish to make a Subject Access Request please email compliance@cloudgeeks.co.uk or by post to:
Compliance Team, Cloud Geeks Ltd, 82A Singer Way, Woburn Road, Industrial Estate, Kempston, MK42 7PU together with:

• enough information to identify you;
• proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
• let us know the information to which your request relates, including any account or reference numbers, if you have them.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.
If you wish to make a complaint regarding the use of your information, in the first instance please contact our Data Protection Officer:-
Mike Ianiri, Head of Compliance, by writing to Cloud Geeks Ltd, 82A Singer Way, Woburn Road Industrial Estate, Kempston, MK42 7PU

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union
(or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The
supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123
1113 or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

The privacy policy will be regularly reviewed and update as necessary. The management team endorses this statement and is fully committed to
its implementation.