SCS Hosts Customer Privacy Notice
This privacy notice tells you what to expect us to do with your personal information.
- Contact details
- What information we collect, use, and why
- Lawful bases and data protection rights
- Where we get personal information from
- How long we keep information
- Who we share information with
- Sharing information outside the UK
- How to complain
1. Contact Details
Telephone: 020 4577 0410
Email: hello@scshosts.net
2. What Information We Collect, Use, and Why
To provide and improve products and services for clients
- Names and contact details
- Addresses
- Payment details (including card or bank information for transfers and direct debits)
- Transaction data (including details about payments to and from you and details of products and services you have purchased)
- Usage data (including information about how you interact with and use our website, products and services)
- Information relating to compliments or complaints
- Account access information
- Website user information
For the operation of client or customer accounts
- Names and contact details
- Addresses
- Purchase or service history
- Account information, including registration details
- Information used for security purposes
- Marketing preferences
- Technical data, including information about browser and operating systems
For the prevention, detection, investigation or prosecution of crimes
- Names and contact information
- Client accounts and records
- Call recordings
- Financial information (for fraud prevention or detection)
- Location data
For information updates or marketing purposes
- Names and contact details
- Addresses
- Marketing preferences
- Purchase or account history
- Website and app user journey information
- IP addresses
To comply with legal requirements
- Name
- Contact information
- Client account information
- Any other personal information required to comply with legal obligations
For dealing with queries, complaints or claims
- Names and contact details
- Addresses
- Payment details
- Account information
- Purchase or service history
- Call recordings
- Customer or client accounts and records
- Financial transaction information
- Correspondence
3. Lawful Bases and Data Protection Rights
Under UK data protection law, we must have a lawful basis for collecting and using your personal information. You can find out more about lawful bases and your rights on the ICO website.
Which lawful basis we rely on may affect your rights.
- Right of access: you can ask us for copies of your personal information and related details.
- Right to rectification: you can ask us to correct inaccurate or incomplete personal information.
- Right to erasure: you can ask us to delete your personal information in certain circumstances.
- Right to restriction of processing: you can ask us to limit how we use your personal information.
- Right to object to processing: you can object to processing in certain circumstances.
- Right to data portability: you can ask us to transfer personal information you provided to another organisation, or to you.
- Right to withdraw consent: where consent is the lawful basis, you can withdraw consent at any time.
If you make a request, we must respond without undue delay and in any event within one month.
To make a data protection rights request, please contact us using the contact details at the top of this notice.
4. Our Lawful Bases for Collection and Use
Provide and improve products and services for clients
- Consent
- Contract
- Legal obligation
- Legitimate interests
Legitimate interests: We process personal information to operate secure client and customer accounts, prevent fraud, and protect the integrity of domain registration and hosting services. This includes verifying identity details, maintaining account records, monitoring account activity, and retaining transaction and technical information (including IP address data and authentication logs) to detect and prevent fraud, abuse, and breaches of registry or acceptable use policies. We limit data collection to what is proportionate and necessary for account administration, billing, fraud prevention, and security monitoring, and apply appropriate safeguards.
Operation of client or customer accounts
- Consent
- Contract
- Legal obligation
- Legitimate interests
Legitimate interests: We process personal information to operate secure client and customer accounts, prevent fraud, and protect service integrity. This includes account verification, activity monitoring, and proportionate retention of transaction and technical data for security and lawful service operation.
Prevention, detection, investigation or prosecution of crimes
- Consent
- Contract
- Legal obligation
- Legitimate interests
Legitimate interests: We process personal information to detect and prevent fraud, abuse, and unlawful activity, and to protect customers and service integrity.
Information updates or marketing
- Consent
- Legitimate interests
Legitimate interests: We may send information about similar services to existing customers where permitted by law, with clear opt-out options in each communication.
Comply with legal requirements
- Legal obligation
Deal with queries, complaints or claims
- Contract
- Legal obligation
- Legitimate interests
Legitimate interests: We process personal information to investigate and resolve issues fairly, maintain records, prevent fraudulent claims, and protect our legal position where necessary.
5. Where We Get Personal Information From
- Directly from you
6. How Long We Keep Information
For details of how long we keep personal information, see our Data Retention Schedule.
7. Who We Share Information With
Data processors
Payment processing provider (financial services sector, United Kingdom and international operations)
This processor handles customer payments on our behalf, including card transactions, fraud screening, and payment authentication. We do not store full card details.
Accredited domain registrar (internet infrastructure sector, UK/EU/international)
This processor handles domain registration data on our behalf to register, renew, and manage domain names, including required registrant details for relevant registries.
8. Sharing Information Outside the UK
Where necessary, we may transfer personal information outside the UK. When doing so, we comply with UK GDPR and apply appropriate safeguards.
Organisation name: Stripe Payments Europe Ltd (and affiliated entities)
Category: Payment processing and financial services provider
Country: United States and other jurisdictions where Stripe operates
Safeguard: Addendum to the EU Standard Contractual Clauses (SCCs)
Organisation name: Accredited domain registrar and registry infrastructure providers
Category: Domain registration and internet infrastructure services
Country: European Union member states
Safeguard: Adequacy Regulations / UK data bridge where applicable
9. How to Complain
If you have concerns about our use of your personal data, please complain to us first using the contact details above.
If you remain unhappy, you can complain to the Information Commissioner's Office (ICO).