This is our data protection and privacy centre that contains all the information you need on what we do with your data. To avoid unnecessary duplication (and the risks of duplicate documents getting out of synchronisation), some of these policies apply to services sold from other websites (e.g. getwpo.com, getkeyy.com, easyupdatesmanager.com, metaslider.com). When so, that is indicated on that website, which links to here.
All of these policies are written to protect you, your data, and our ongoing ability to provide you and everybody else with sustainable services. Not everybody likes having lots of documents of this sort, but, they are largely mandated by the law (e.g. the EU GDPR law), and intended for everybody’s good. They are not because we are eager to find some smallprint to use to pounce upon our valued customers! You can read about our general approach in this blog post.
How we collect and process your data
- What data is gathered when UpdraftPlus is used, and how is that data processed?
- Tell me about my UpdraftPlus.Com account (including data protection and privacy issues)
- Please tell me how I can request that you delete the data that you hold on me, and what this involves (GDPR “right to erasure”, “right to be forgotten”)
- What data do we import into Mailchimp?
- Does using UpdraftPlus cause any cookies to be set for my website visitors? (Answer: no).
- What happens If a cart is abandoned?
- If you wish to have a formal, signed data processing agreement for use of UpdraftVault, UpdraftCentral Cloud or other services in which we act as a data processor (N.B. please check the above articles to see if this applies to you), then you should print off, sign and post this agreement to us: Processing agreement
Terms and conditions
- Terms, conditions and privacy information for support responses
- Terms and conditions for having an updraftplus.com account
- UpdraftPlus software licence
- Affiliate scheme terms and conditions
- Are there any special terms and conditions for use of UpdraftPlus Vault?
- Refund policy
Privacy policies relating to third parties
Data protection policies and agreements of/with relevant third parties
- N.B. We do not link to the policies of (and we do not have formal agreements with) third parties that we do not deal directly with. e.g. If you chose to use Dropbox for your backup, then we are not a conduit in between you and Dropbox; technically and legally, your site interacts directly with Dropbox. We only list policies here for which we are an actual intermediary for data.
- N.B. It’s normal to have lots of suppliers. Don’t get worried and think “gosh, my data goes to a lot of people”. The point of the General Data Protection Regulation is to ensure the opposite. The agreements all generally say something equivalent, as required by law, to “though data may be processed on our systems, we have no permission to do anything with it that was not required by the customer (whether through direct action or necessarily to provide the service they purchased)”. The agreements are part of the process of assurance that data is being handled according to best privacy practices. As required by law, we do not have any suppliers who cannot provide such assurances.
- Simba Hosting Ltd to XIBO Ltd (Xibo are a UK company who process data that we have gathered as part of our provision of support and other services)
- Stripe (our payment processor for card payments) – general policy on data transfers, and privacy shield policy.
- Amazon Web Services (used by us for technical resources for provision of our UpdraftVault product) adhere to the Cloud Infrastructure Services Providers in Europe Code of Conduct – https://aws.amazon.com/compliance/cispe/ – as part of their GDPR compliance. Also, see here.
- Digital Ocean (a supplier used by us for technical resources for provision of our UpdraftClone (temporary clone) product) comply with the EU-US “Privacy Shield” framework – see here. Here is a copy of our GDPR Data Processing Agreement with them.
- Linode (a supplier used by us for technical resources for various servers (not all of which process any customer data)) comply with the EU-US “Privacy Shield” framework – see here. Here is a copy of the Data Processing Agreement with them.