Privacy Policy
Date Effective: 28th February 2025
Last Revised: 28th February 2025
Owner and Data Controller
Business Direct Online Ltd t/a Easy Domains (Company No. 09215025). Registered address: 1 St. Georges Court, St. Georges Park, Kirkham, Lancashire, PR4 2EF
This policy (together with our terms and conditions and any other documents referred hereinafter) sets out the basis on which we will process personal data we collect from you, or that you provide to us, as a result of your use of our website or services. Easy Domains identifies as both a Controller and a Processor of your personal data.
Easy Domains cares about your privacy. For this reason, we only collect and use personal data which is required for us to provide our products, services and customer support. Your personal data includes:
- Title
- Full Name
- Address
- Phone Number
- Email Address
- Business Details
If you have any questions about the personal data that we require, please contact us by using the contact information at the end of this document.
1) What information do we collect?
We collect the information outlined below so that we can effectively provide our products and services. The following personal data is collected when you:
1.1) Purchase a product/service from our team over the phone (point of sale). This includes: company name, email address, phone number, current website, first and last name, address, debit/credit card information).
1.2) Request support from our customer support team (name, email address, phone number).
1.3) Fill out contact forms or request newsletters (name, email address, phone number, enquiries). We collect and store this information for the sole purpose of maintaining our spam filters and improving the deliverability of customer enquiries. We use compliant third-party services to help filter spam and handle email delivery.
1.4) Apply for a job (name, email address, home address, phone number, previous employment information, previous academic studies- if provided). Your personal information is destroyed within 28 days of the position being filled or the application cutoff date, whichever is sooner.
We also collect extra information when delivering our services to you to ensure optimal performance. This information is broken down into separate sections, as outlined in this document.
Each processing activity outlined in this section is conducted under one or more lawful bases for processing under GDPR (Article 6). These include contractual necessity (to provide services), legal obligations (to comply with UK law), consent (where required for marketing), and legitimate interest (for customer support and fraud prevention).
2) Account related information
2.1) We collect information regarding your services including purchases, product renewal and expiry dates, information requests, customer service requests and details explaining what you asked for and how we responded.
3) IP Address, Analytics and Cookies
3.1) We use an internal analytics system which collects information about your device, such as IP address, operating system, browser type, browsing behaviour, links clicked and device type. Our internal analytics are stored and kept in the UK.
3.2) We also collect various other information via Google Analytics and Hotjar Heatmaps & Recordings. This allows us to provide a better experience on our websites and improve our services. We collect some of this information by placing small text files on your device, known as cookies.
For more information about how we use cookies, please read our Cookie Policy.
4) Data about Usage of Services
4.1) We automatically collect data when you use or interact with any of our websites or service. This includes all information outlined in Section 3 as well as metadata, log files, location information and the date and time this interaction was completed.
This information also includes specific data about the links you visit (including those of third-parties) contained within our services.
5) Supplemented Data
5.1) We use third-party services and publicly available databases to retrieve data. We then combine this data with information you have already provided so that we can update and expand upon the accuracy of our records.
5.2) If you provide us with personal information about other individuals, or if other individuals give us your information, we will only use it for the specific reason it was provided.
6) Other Service Providers
We use a range of third-party service providers to help deliver an optimal service. Some of these providers may collect or process personal data on our behalf, including but not limited to:
6.1) Google AdWords conversion tracking (Google LLC)
Google AdWords conversion tracking connects data from the Google Ads network
with actions on our site.
Personal Data: Cookies and usage data.
Place of processing: United States -
Privacy Policy.
6.2) Google Fonts (Google LLC)
Google Fonts is a web typography service that allows us to embed font content
on our pages.
Personal Data: Usage data and other data as specified by Google's policy.
Place of processing: United States -
Privacy Policy.
6.3) Google reCAPTCHA (Google LLC)
Google reCAPTCHA is a spam protection service that verifies user interactions
are human (not bots). Its use is subject to Google's privacy policy and terms.
Personal Data: Cookies and usage data.
Place of processing: United States -
Privacy Policy.
6.4) Bing Ads (Microsoft Corporation)
Bing Ads is an advertising and analytics service provided by Microsoft.
Personal Data: Cookies and usage data.
Place of processing: United States -
Privacy Policy;
Opt Out.
6.5) Hotjar (Hotjar Ltd.)
Hotjar provides session recording and heat mapping to help us improve user
experience. Hotjar respects “Do Not Track” browser settings.
Personal Data: Cookies, usage data, and other data as per Hotjar's policy.
Place of processing: European Union (Ireland) -
Privacy Policy;
Opt Out.
6.6) Postmark (ActiveCampaign, Inc.)
Postmark is an email delivery service we use to send transactional and
notification emails (for example, account emails and support replies).
Personal Data: Email addresses of recipients, email content, and delivery
metadata (timestamps, IP addresses).
Place of processing: United States -
Privacy Policy.
6.7) cPanel (cPanel, LLC)
cPanel is the software platform for our web hosting and email services. It
manages your hosting account and email mailboxes on our servers.
Personal Data: Account data (such as username, password), website content, and
emails stored on our servers. cPanel may use cookies for login sessions (e.g.
webmail access).
Place of processing: United Kingdom (server location) and United States (for
software licensing) -
Privacy Policy.
6.8) Zendesk (Zendesk, Inc.)
Zendesk is a customer support platform we use for our helpdesk and knowledge
base. When you submit a support ticket or use our support portal, Zendesk
processes your request.
Personal Data: Contact information (name, email) and the content of your
support enquiries; may utilize cookies and usage data for the support portal’s
functionality.
Place of processing: United States -
Privacy Policy.
6.10) Cloudflare (Cloudflare, Inc.)
Cloudflare is a traffic optimization and distribution service. All traffic to
our website passes through Cloudflare's network for security and performance.
Personal Data: Cookies and various data (e.g. IP addresses and browser
details) as needed for content delivery and security.
Place of processing: United States -
Privacy Policy.
7) What do we use your personal data for?
7.1 Collected information
We believe in both minimising the data we collect and limiting its use and purpose. We collect various information relating to your purchases, use and/or interactions with our Services. We use this information to:
- Comply with legal and regulatory obligations, requirements and guidance;
- Detect and prevent fraud and abuse of our services and systems;
- Manage and audit our business operations including accounting;
- Improve and optimise the performance of the products and services you have with us;
- Improve the performance of internal data handling and processing;
- Diagnose problems and identify any security risks, errors or enhancements needed to the perform our services;
- Document our communications with you and our staff;
- Provide market research, analysis and developing statistics;
- Provide direct marketing communications and related profiling to help us to offer you relevant products and service, including whether or not to provide you with specific products and services. We'll send marketing to you by email and occasionally contact you by phone. Offers may relate to any of our products and services;
- Suggest personalised content and services to you, such as tailoring our products and services, our customer experience and deciding which offers or promotions to show you on our digital channels;
- Develop new products and services and to review and improve current products and services;
- Send you product/service renewal reminders when applicable.
Often, much of the data collected is aggregated or statistical data about how individuals use our Services, and is not linked to any personal data, but to the extent it is itself personal data, or is linked or linkable to personal data, we treat it accordingly.
7.2) Sharing with trusted third-parties
We do not sell, rent, or share personal information with third-parties for their direct marketing purposes without explicit consent. We may share your personal data with third-parties for performance of the services you have purchased such as:
Processing credit/debit card payments
We only share your personal data as necessary for any third-party to provide the services as requested or as needed on our behalf.
Domain Transfers
We may share your personal data with authorised third-parties when a transfer in or transfer out request is required. This personal data can include (but not limited to): name, company name, email address and/or phone number.
7.3) Communicating with you
We may contact you directly or via third-party service providers regarding products or services that you have requested or purchased from us. We may also contact you with promotional offers for additional services if prior consent is given, or if based upon legitimate interests for both parties. You don't need to provide consent as a condition to purchase our goods or services. Our methods of contact may include:
- Telephone
- Post
- Live Chat (User initiated)
You may also update your subscription preferences concerning communications from us by signing into your account at www.easysites.uk.
7.4) Transfer of personal data abroad
We are based and operate solely in the United Kingdom, and all of our servers and staff are based in the United Kingdom. To communicate with you effectively and to provide our products, services and related support, it may be necessary for your data to be transferred outside of the European Union. For instance, if you use our services from a country outside of the European Union, your communications with us may result in the transfer of your data across international borders. Personal data may also be transferred abroad where applicable, as outlined in Section 6.
7.5) Third-party websites
Our website and our mobile applications contain links to third-party websites. We are not responsible for the privacy practices or the content of third-party websites. Please read the privacy policy of any website you visit.
8) Registrar
If you purchase a domain name from Easy Domains, ICANN, Nominet and the registry operators overseeing domain names require us to publish registrant data directly to them. Registrant data includes domain name, registrant name and contact information, and domain nameserver information. This information may then be published onto publicly accessible databases and accessed through the WHOIS protocol.
For your protection and privacy from unsolicited calls and emails, we currently submit a protected phone number and email address by default. You can update the registrant details at any time through your account and you are responsible for the accuracy of this information.
8.1) Domain Registration and WHOIS
When you register or transfer a domain name through Easy Domains, we collect the personal information required by the relevant domain registry. This typically includes the registrant's name, contact address, email address, and phone number (and organization name if applicable).
Use and Sharing: We use this information to submit your domain registration to the governing registry (for example, we share .UK domain registrant details with Nominet, and other TLD details with the respective registry operator). This is necessary to provide you with the domain registration service and to comply with ICANN/Nominet regulations. We only share the required data and do so securely.
WHOIS Directory: In compliance with data protection laws and registry policies, your personal details are **not published** in public WHOIS databases without your consent. By default, registrant name and contact details are redacted or hidden from public view. (For instance, Nominet's .UK WHOIS no longer displays individuals' name or address by default.) Instead, the public WHOIS may show our registry/registrar contact information or a privacy service. You may choose to have your details made public **only** if you explicitly opt-in and the registry allows it.
Registry Compliance: Easy Domains adheres to all ICANN and Nominet data handling requirements regarding your domain data. This means we: (a) retain your domain registration details for the period mandated by ICANN policies and law, (b) provide your details to law enforcement or other parties with legitimate legal rights to access the data, if we are required to do so under official request or Nominet's data release policy and (c) ensure that any processing of your data by us or the registries is done in accordance with GDPR. Nominet and other registries may have their own privacy notices for how they handle registrant data - for example, Nominet's privacy policy can be found on their official site.
In accordance with ICANN and Nominet policies, we retain registrant data for a period of at least two years after a domain name has expired or been transferred away, as required for audit, fraud prevention, and dispute resolution purposes. If required by law or regulatory authorities, we may retain domain registration data beyond two years to comply with legal obligations or dispute resolution requirements.
9) How you can access, update or delete your data
You are responsible for providing Easy Domains with accurate and up-to-date personal information. You are also responsible to maintain and update the information to keep it accurate and up-to-date. You can access, update and delete your personal data by logging into your account on www.easysites.uk.
Requests to delete your personal data will be fulfilled to the extent that this information is no longer required for legitimate business purposes, contractual record keeping and/or compliance with regional and international legal requirements.
If you would like to port your information to another provider or discuss the update or deletion of your personal data, please contact our support team on support@easydomains.uk so that we can initiate this request for you.
10) How we secure, store and retain your data
We follow accepted standards to store and protect the personal data we collect, both during transmission and once received and stored, including the use of encryption where appropriate.
We take all reasonable steps to protect the websites we host and information we receive from our customer from loss, misuse or unauthorised access, disclosure, alteration and destruction. We've put in place appropriate physical, electronic and managerial procedures to safeguard and secure such information.
We retain personal data only for as long as necessary to fulfill the services you have requested. After that, data is retained only if required for legitimate legal or business purposes. These retention periods may include:
- mandated by law, contract, or similar obligations applicable to our business operations (e.g., financial records retained for 6 years under UK tax law).
- for preserving, resolving, defending, or enforcing our legal/contractual rights (e.g., domain registration records retained for at least 2 years post-expiry, as per ICANN and Nominet regulations).
- needed to maintain adequate and accurate business and financial records.
If you have any questions about how we secure, store or retain your data, please contact us on [email protected].
11) Billing Information
To process payments securely, we use third-party payment providers such as Braintree and PayPal. These providers process personal and payment information on our behalf to facilitate transactions. Your payment data is not stored on our servers but is securely transmitted to the payment processor in compliance with PCI-DSS security standards.
12) Age restrictions
This website and services are not intended for, nor designed to attract, individuals under the age of 18. Easy Domains does not knowingly collect personally identifiable information from any person under the age of 18. If you feel that Easy Domains has collected and/or received personal data from individuals under the age of 18, please contact us.
13) Notification of Changes
We take the trust and privacy of our clients and their users very seriously and do not believe that we will need to change the core principles outlined herein going forward. However, if we are required to modify this Policy to comply with general regulations and/or legal requirements, we will promptly provide notice of any material changes and post the revised Policy on this website along with the effective date of any necessary changes.
14) Your Rights
Under the EU General Data Protection Regulation, you have the following rights as a data subject:
- The right to be informed
- The right of access
- The right of rectification
- The right of erasure
- The right to restrict processing
- The right of data portability
- The right to object
- Rights in relation to automated decision making and profiling
For more details on your rights, visit the ICO GDPR Rights Guide.
If you require any additional information about your rights or how to exercise them, please contact us using the details below.
Contact us
If you have any questions, concerns or complaints regarding our Privacy Policy, you may contact us via one of the methods below.
By Mail
1 St. Georges Court, St. Georges Park, Kirkham, Lancashire, PR4 2EF
By Phone
By Email
Easy Domains is regulated by the Information Commissioner's Office (ICO), an independent authority which upholds information rights in the public interest and data privacy for individuals.
If you feel Easy Domains has inappropriately handled your data, we would recommend that you contact us on 01253 968004 or by email: [email protected] to ensure that all relevant legal guidelines have been followed.
Furthermore, if you wish to make a formal complaint about how Easy Domains has handled your data, you can contact ICO via one of the following methods:
By Mail
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
By Phone
0303 123 1113