Lawsyst Privacy Policy

Lawsyst is a registered trademark name of ITSec Limited, a private limited company registered in England And Wales. Company Number 4047064.

ITSec Limited (‘We and Us”) are committed to protecting and respecting Your privacy.

This Policy (together with our terms and conditions and any other documents referred to on it) sets out the basis on which any personal data We collect from “You”, or that You provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding Your personal data and how We will treat it. By visiting www.lawsyst.co.uk You are accepting and consenting to the practices described in this Policy.

For the purpose of the General Data Protection Regulation (“GDPR”), the data controller is ITSec Limited of 89A London Road, Leicester, LE2 0PF. The information and data You provide in connection with the registration of the various services of ITSec (the “Services”), will be processed in accordance with the provisions of the GDPR.

We will comply with the GDPR. The GDPR states that the personal data We hold about You must be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that We have clearly explained to You and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes We have told You about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes We have told You about.
  • Kept securely.

INFORMATION WE COLLECT FROM YOU

We will collect and process the following data about You:

  • Information You give us. When making a purchase with ITSec, We will collect Your contact information, which includes, name, address, email address, and phone number, as well as payment information.
     

    The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

  • We may also collect information from the cardholder of another member of Your household.
     

    The legal basis for this processing is consent, namely providing you with the Services you have requested.

  • Information we collect about You. With regard to each of Your visits to our site We will automatically collect the following information:
  • technical information, including the Internet protocol (IP) address used to connect Your computer to the Internet, Your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • information about Your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products You viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse- overs), methods used to browse away from the page, and any phone number used to call our customer service number.
     

    The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

  • If You contact us, We keep a record of that correspondence, for the purposes of communicating with you and record-keeping.
     

    The legal basis for this processing is our legitimate interests, namely being able to contact you and keep our records up to date.

  • If You contact us, We keep a record of that correspondence, for the purposes of communicating with you and record-keeping.
     

    The legal basis for this processing is our legitimate interests, namely being able to contact you and keep our records up to date.

  • Other information to help us provide You with improved services;
     

    The legal basis for this processing is our legitimate interests, namely our interest in the proper administration of our website and business and improving the services We provide to You.

This data will be collectively referred to as “Personal Data”.

ITSec will only process Personal Data where it is strictly necessary to provide the Services.

USES MADE OF THE INFORMATION

We use information held about You in the following ways:

  • To help Us identify You and the accounts You hold with Us;
  • To provide customer care;
  • To enable Us to review, develop and improve Our services and website;
  • To carry out our obligations arising from any contracts entered into between You and Us and to provide You with the information, products and services that You request from Us;
  • To carry out marketing and statistical analysis;
  • to provide You with information about other goods and services We offer that are similar to those that You have already purchased or enquired about;
  • We will only contact You about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to You. If You would like to change Your communication preferences to opt in or out of receiving specific communications, You can manage this in Your Online Control Panel.
  • To display targeted, or interest based, offers to You based on those products already purchased;
  • To notify You about changes to our service; and
  • To ensure that content from our site is presented in the most effective manner for You and for Your computer.

OTHER PROCESSING ACTIVITIES

In addition to the specific purposes for which We may process your Personal Data set out above, We may also process any of Your Personal Data where such processing is necessary for compliance with a legal obligation to which We are subject, or in order to protect Your vital interests or the vital interests of another natural person.

Please do not supply any other person’s personal data to Us, unless We prompt You to do so.

INFORMATION WE RECEIVE FROM OTHER SOURCES

ITSec works alongside third parties (including business partners, service providers and fraud protection services) and We may receive information from them about You. We will combine this information with information You give to us and information We collect about You. We will use this information and the combined information for the purposes set out above (depending on the types of information We receive).

DISCLOSURE OF YOUR INFORMATION

You agree that We have the right to share Your Personal Data with:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
  • Selected third parties including:
  • business partners, suppliers and sub-contractors for the performance of any contract We enter into with them or You;
  • advertisers and advertising networks that require the data to select and serve relevant adverts to You on other websites. Our third party partners may use technologies such as cookies to gather information about Your activities on this Site and other websites in order to provide You with advertising based upon Your browsing activities and interests, and to measure advertising effectiveness. If You wish to opt out of interest based advertising click here. Please note You will continue to receive generic adverts;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site;
  • The requisite Registry for the domain name you have purchased (where applicable). The directory of all TLDs is available online here: https://www.iana.org/domains/root/db
  • We will disclose Your Personal Data to third parties:
  • In the event that We sell or buy any business or assets, in which case We will disclose Your Personal Data to the prospective seller or buyer of such business or assets.
  • If ITSec Limited or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.
  • If We are under a duty to disclose or share Your Personal Data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions (https://lawsyst.co.uk/terms-conditions/) and other agreements; or to protect the rights, property, or safety of ITSec, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • We will also share your information to the extent necessary to comply with ICANN or any ccTLD rules, regulations and policies when you register a domain name with us.

DOMAIN REGISTRATION DATA IN THE PUBLIC WHOIS

In order to provide you with certain domain extensions, We are required to send your Personal Data to the Registry responsible for that domain extension. The details of the Registry providing specific extensions can be found at https://www.iana.org/domains/root/db. The Registry or Registrar which We contract with to register the domains may publish your Personal Data in the online directory known as the Whois, unless you have previously purchased a domain privacy service from us.

For domains ending in .com .net and .jobs where the Registrar listed on the Whois is our company partner Registrar: GoDaddy.com, their privacy policy will apply. You give your consent to register your domain with them under the terms of their business.

For all Nominet domain registrations (.co.uk, .uk, org.uk, .me.uk) your Personal Data will not be published to the public Whois from 22 May 2018. For all IEDR domain registrations (.ie) your Personal Data will not be published to the public Whois from 11 May 2018.

Should the publishing of your Personal Data to the public Whois by our partner Registrar(s), be enforced by ICANN, or should Nominet or IEDR’s policy about the publishing of Personal Data to the public Whois change, We will advise you by updating this Privacy Policy.

WHERE WE STORE YOUR PERSONAL DATA

All information You provide to Us is stored on our secure servers inside the European Economic Area (‘EEA’). It will also be processed by staff operating inside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of Your order, the processing of Your payment details and the provision of support services. By submitting Your Personal Data, You agree to this transfer, storing or processing. ITSec Limited will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this privacy policy. Where We have given You (or where You have chosen) a password which enables You to access certain parts of our site, You are responsible for keeping this password confidential. We ask You not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect Your Personal Data, We cannot guarantee the security of Your data transmitted to our site; any transmission is at Your own risk. Once We have received Your information, We will use strict procedures and security features to try to prevent unauthorised access.

Customer’s customer data for Lawsyst product is kept within the UK data centres.

TRANSFERS OF YOUR PERSONAL DATA OUTSIDE THE EEA

Your Personal Data may be transferred outside of the EEA in order to carry out the services We provide to you.

The lawful basis for this processing will either be: (a) on the basis of your informed consent; or (b) necessary for the performance, fulfilment and administration of a contract/order: (i) between you and ITSec; or, (ii) where, at your request, We act on your behalf to provide your Personal Data to a third party in order to enter into a contract with them (for example where We provide your contact details to a domain name registry outside of the EEA to assist you in the registration of a local country code domain name).

All transfers of Your Personal Data outside of the EEA will be protected by appropriate safeguards. Where Your Personal Data is transferred outside of the EEA, We will ensure that either (a) The European Commission has made an “adequacy decision” with respect to the data protection laws of the country to which it is transferred, or (b) We have entered into a suitable data processing agreement with the third party situated in that country to ensure the adequate protection of your data in compliance with the GDPR.

PRIVACY SHIELD

To the extent that the EU-U.S. Privacy Shield remains in effect and enforceable under applicable EU laws, ITSec shall adhere to the framework and principles of the EU-U.S. Privacy Shield with regards to its processing of Your Personal Data.

CHILDREN

Our websites and services are not directed at individuals under the age of thirteen (13). We will not intentionally collect or maintain information about these individuals. If you believe that We may have collected Personal Data from someone under the age of 13, please let us know by emailing privacy.protection@Lawsyst.co.uk. We will then take appropriate measures to investigate and, if appropriate, delete that information.

HOW LONG WE STORE YOUR PERSONAL DATA

We will retain your information for as long as needed to provide you with the Services or as long as needed to fulfil the purpose for which the Personal Data was originally collected. We may also be required to retain certain information by law and/or for legitimate business purposes (for example, VAT records).

YOUR RIGHTS

You may instruct Us to provide You with any Personal Data We hold about you, provided Your request is not found to be unfounded or excessive, in which case a charge may apply.

We may withhold personal information that you request to the extent permitted by law.

You may instruct us at any time not to process your personal information for marketing purposes. The rights you have under the GDPR are:

  • the right to access;
     

    You have the right to ask us to confirm whether or not We process your Personal Data and, to have access to the Personal Data, and any additional information. That additional information includes the purposes for which We process your data, the categories of Personal Data We hold and the recipients of that Personal Data. You may request a copy of your Personal Data. The first copy will be provided free of charge, but We may charge a reasonable fee for additional copies.

  • the right to rectification;
     

    If we hold any inaccurate Personal Data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete Personal Data about you completed.

  • the right to erasure;
     

    In certain circumstances you have the right to have Personal Data that We hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those Personal Data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the Personal Data have been unlawfully processed. However, there are certain general exclusions of the right to erasure, including where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for establishing, exercising or defending legal claims.

  • the right to restrict processing;
     

    In certain circumstances you have the right for the processing of your Personal Data to be restricted. This is the case where: you do not think that the Personal Data We hold about you is accurate; your data is being processed unlawfully, but you do not want your data to be erased; it is no longer necessary for us to hold your Personal Data for the purposes of our processing, but you still require that Personal Data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, We may continue to store your Personal Data. However, We will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

  • the right to object to processing;
     

    You can object to us processing your Personal Data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, We will stop processing your personal information unless We are able to: demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim.

  • the right to data portability;
     

    You have the right to request that your Personal Data be moved, copied or transferred from one database, storage or IT environment to another.

  • the right to complain to a supervisory authority;
     

    If You think that our processing of Your Personal Data infringes data protection laws, You can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of Your habitual residence, Your place of work or the place of the alleged infringement.

  • the right to withdraw consent;
     

    and To the extent that the legal basis We are relying on for processing Your Personal Data is consent, You are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

  • the right to object to direct marketing
     

    You can choose whether We process Your Personal Data for direct marketing purposes. If You do not want Us to process Your Personal Data for direct marketing purposes, We will not process Your Personal Data for this purpose. You can exercise Your right to prevent such processing by checking certain boxes on the forms We use to collect Your Personal Data in Your Online Control Panel.

  • If You wish to:
     

    Request access to, deletion of or correction of, Your Personal Data. Please contact Us to arrange this at privacy.protection@Lawsyst.co.uk . We must make You aware that due to regulations which control the use of the internet, Registries such as Nominet and ICANN may not delete Your information until a period of time has lapsed.

  • Request that Your Personal Data be transferred to another person. You can exercise this right by contacting us at privacy.protection@Lawsyst.co.uk and requesting that Your Personal Data be transferred; and
  • Complain to the Information Commissioners Office (ICO). The ICO website which contains the processes for raising a complaint can be found here: https://ico.org.uk/. We would ask that where possible You contact us at privacy.protection@Lawsyst.co.uk in the first instance so We can attempt to resolve any issues You may have.
     

    Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If You follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before You submit any Personal Data to these websites.

COOKIES

Our website uses cookies to distinguish You from other users of our website. This helps us to provide You with a good experience when You browse our website and also allows us to improve our site. For detailed information on the cookies We use and the purposes for which We use them see our Cookie Policy.

PERSONAL DATA MANAGED BY OUR CLIENTS

“Client” is the customer of ITSec Limited to whom We provide the various Services our business offers.

“Client Customer Data” is the Personal Data belonging the parties with whom our Client has a relationship. We have no direct relationship with the parties whose Client Customer Data is processed by our Clients.

If you are aware that your Personal Data has been provided to a Client of ours who has a Service with us, then please read this section of our Privacy Policy.

Our Clients use the Service to host, transmit or process data on our hosting platform and this, may include personal data of their own customers with whom they have a contractual relationship (Client Customer Data).

In this instance, it is our Clients and not Us who define the process and policies by which Client Customer Data is collected and processed. We do not collect, view or share Client Customer Data except as outlined in the agreement We have in place with our Client to supply the Services, or as required by legislation. Nothing contained in this Privacy Policy shall alter specific terms and conditions applicable to the Service agreement.

In line with the Service agreement, our Clients retain responsibility for setting standards and for managing security of all data they upload to our platform and that includes Client Customer Data. The security, including encryption of data prior to transmission to our network and confidentiality of their accounts and access to our platform, remains the responsibility of our Clients.

To find out how Client Customer Data is collected, stored and securely managed, and the process outlining how to gain access and/or to make changes, please refer to the Privacy Policy of the relevant ITSec Limited Client to whom you have provided your details or contact them directly. If you contact us with a request about your Client Customer Data (for example, you may no longer wish to be contacted by one of our Clients), We will pass on that request at the earliest opportunity.

We provide the Services directly to our Clients, and have no direct relationship with the parties whose Client Customer Data is processed by our Clients. Our customers take responsibility for all Client Customer Data that they process and for complying with relevant data protection legislation.

CHANGES TO OUR PRIVACY POLICY

Any changes We make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to You by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy.

CONTACT

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to Rob Davidson, GDPR Liaison Officer, ITSec Limited of 2nd Floor, 89A London Road, Leicester, LE2 0PF.