1. Our Commitment
SSL VPS LTD is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy outlines how we handle personal data.
2. Data Controller
SSL VPS LTD is the data controller for personal data processed through our services.
Address: 297 Coventry Beake Ave, CV6 3BA, United Kingdom
Data Protection Officer: dpo@sslvps.com
3. Categories of Data
We process the following categories of personal data:
- Identity data: Name, age, government ID (where required)
- Contact data: Email address, phone number, postal address
- Financial data: Payment card details (processed by our payment provider)
- Technical data: IP address, browser type, operating system
- Usage data: Pages visited, features used, support interactions
4. Lawful Basis and Retention
| Purpose | Legal Basis | Retention Period |
|---|---|---|
| Account management | Contract | Duration of service + 30 days |
| Domain registration | Contract | Duration of domain + 7 years |
| Payment processing | Contract / Legal Obligation | 7 years |
| Service communications | Contract | Duration of service |
| Marketing emails | Consent | Until withdrawal of consent |
| Fraud prevention | Legitimate Interest | 3 years |
| Server logs | Legitimate Interest | 90 days |
| Support tickets | Contract | 2 years |
5. Individual Rights
Under UK GDPR, you have the following rights:
Right of Access
You can request a copy of all personal data we hold about you. We will respond within one month of receiving your verified request.
Right to Rectification
You can request correction of inaccurate or incomplete personal data.
Right to Erasure
You can request deletion of your personal data where there is no compelling reason for continued processing. Note: some data may be retained to comply with legal obligations.
Right to Restriction
You can request that we restrict processing of your data in certain circumstances.
Right to Data Portability
You can request your data in a structured, commonly used, and machine-readable format (JSON or CSV).
Right to Object
You can object to processing based on legitimate interests, including direct marketing.
Automated Decisions
We do not use automated decision-making or profiling that produces legal or similarly significant effects.
6. Exercising Your Rights
To exercise any of these rights, email dpo@sslvps.com. We will respond within one month. We may ask you to verify your identity before processing your request.
7. Cookies and Tracking
For information about cookies and tracking technologies, please see our Cookie Policy.
8. Security Measures
We implement appropriate technical and organisational measures to protect your data, including:
- Encryption of data in transit (TLS) and at rest
- Access controls and authentication
- Regular security audits and penetration testing
- Staff training on data protection
9. Data Breach Notification
In the event of a personal data breach, we will:
- Notify the ICO within 72 hours
- Notify affected individuals without undue delay where the breach poses a high risk
10. International Transfers
Where we transfer data outside the UK, we rely on:
- UK adequacy decisions for recognised jurisdictions
- Standard Contractual Clauses (SCCs) where required
- Transfer Impact Assessments for high-risk transfers
11. Complaints
If you are not satisfied with our handling of your data, you have the right to lodge a complaint with the Information Commissioner's Office:
Website: ico.org.uk
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
12. Contact
For any GDPR-related queries, contact our Data Protection Officer:
Email: dpo@sslvps.com
Phone/WhatsApp: +44 7713904202
