A Prompt Ltd will not pass your details to any 3rd parties for marketing purposes without your prior approval. Any details you give us will be stored by aprompt for the use of aprompt services only. Only aprompt employees will communicate with you regarding your website and associated services while you are a customer of A Prompt Ltd. If you would like your contact details changed or removed from our records, please email your request to: firstname.lastname@example.org and they will be deleted and not used except for historical accounting purposes. Should your data be breached or accessed unlawfully we will inform you that a breach has occurred. Only administrators that have been trained on the importance of GDPR have access to customer data.
Data for which A Prompt Ltd is the Data Controller
Purpose and consent for collection
A Prompt Ltd, also referred to as A Prompt or Us, collects, stores, processes or transmits this data in order to provide Services to Customers.
We use information about you, also referred to as the Customer or the Subject, in the following ways:
- To process orders that you have submitted to us
- To provide you with products and services
- To comply with our contractual obligations, we have with you
- To help us identify you and any accounts you hold with us
- To enable us to review, develop and improve the website and services
- To provide customer care, including responding to your requests if you contact us with a query
- To administer accounts and keep track of billing and payments
- To detect fraud and to make sure what you have told us is correct
- To notify you about changes to our website and services
- To inform you of service and price changes
A Prompt will collect a range of information about the Subject, either via an enquiry form on our website or emails, telephone or in person. This information includes:
- Job title
- Address of employment
- Employee names, contact details and job titles where relevant
- Phone numbers
- Email addresses
We will not collect sensitive data without your explicit consent.
A Prompt will not collect data relating to minors as defined under UK law. Minors as defined by UK law are not permitted to use A Prompt Services or interact with Us as a corporate entity.
A Prompt may from time to time contact the Customer via email regarding service related matters such as billing, account management and maintenance, change in laws or requirements for SEO, browser compatibility and W3C and WAI compliance.
We will keep your personal information for as long as you are a customer of A Prompt Ltd.
After you stop being a customer, we may keep your data for up to 10 years for the following reasons:
- To respond to any questions from you or requirements by you
- To comply with the legal requirements
Data transfers and the use of Data Sub Processors
A Prompt will not share Subject data with a third party not directly associated with the provision of services without their explicit consent. A Prompt will also not transfer Subject data to a third party country outside of the UK or EEA that is not compliant with the applicable data protection laws via adequacy agreement, Binding Corporate Rules or other legally appropriate means as defined by the Information Commissioners Office without their explicit consent.
A Prompt makes use of a number of third party organisations for the purposes of delivery of Services to the Customer. Whilst the following list is not intended to be exhaustive, A Prompt typically only transfers the personal data relating to our customers, where required for the activities set out below, to the following third parties or Data Processors:
- Fasthosts – Domain name registration (for domain name registrations your data (Registrant) may be sent to the domain registrar outside of the EEA)
- SSL Certificate Issuers
- Xero – Our Internal Accounting
- Your Mailing List Provider – Provision of bulk emailing services
A Prompt will update this list from time to time as our systems and operations evolve and inform you accordingly where appropriate.
By interacting with A Prompt as defined in this policy, the Subject provides their consent for this transfer and use of our Data Processors and Data Sub-Processors, and for transfer to any other appropriate third party Data Processor for the purposes of delivery of the Services and customer relationship management activities. No data transfer will be undertaken that is outside of the strict scope of the Purposes stated in this policy, or that will materially degrade the security of the Subject’s data or the Data Subject’s rights and in any event the security provisions will be compliant with the applicable Data Protection Laws. Such Data Processors and Sub Processors will be contractually bound to process only in accordance with our instructions and to maintain technical and organisational controls in compliance with our security policy and the requirements of the GDPR.
Commitment to confidentiality and security of processing
A Prompt will use appropriate technical and organisational security measures within our sphere of responsibility to ensure an appropriate level of confidentiality, integrity and, where A Prompt is the Data Controller, availability of Subject data and to ensure its availability in the event of a business continuity incident.
Get in touch
You have the right to ask us not to process your personal data for marketing purposes by emailing email@example.com at any time with your request. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by informing us at any time. You can also exercise the right at any time, or discuss any other data protection matters with us, by contacting us at firstname.lastname@example.org or write to A Prompt Limited, Brinkworth House, Brinkworth, Chippenham, Wiltshire SN15 5DF, UK for the attention of the Data Protection Officer.
You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.
Our website and any communication to you may, from time to time, contain links to websites containing helpful and relevant information for you. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we therefore don’t accept any responsibility or liability for their data or privacy policies. Please check their policies before you submit any personal data - if appropriate - to these websites.
Under Data Protection Laws, you can make certain choices in relation to how your personal data is processed. These include whether your personal data is disclosed to third parties, and preferences regarding the frequency, subject matter, and/or format of communications. Anyone wishing to discuss matters relating to data protection, such as a concern over accuracy of collected data, please email email@example.com or write to A Prompt Limited, Brinkworth House, Brinkworth, Chippenham, Wiltshire SN15 5DF, for the attention of the Data Protection Officer. Should there be a concern regarding a possible security incident or data breach, please email firstname.lastname@example.org
A Prompt undertakes a range of processing such as the provision of hosting services via a third party to the Customer. The Customer is the Data Controller for all Customer Hosted Data supplied to A Prompt under the Services and has complied with its obligations under the applicable Data Protection Laws, including but not limited to obtaining the required consents (“Data Protection Consents”); or
- ensured that all necessary Data Protection Consents have been obtained or other lawful grounds for Processing have been correctly established;
- has complied with its obligations as Data Processor under the applicable Data Protection Laws
A Prompt maintains no visibility of and has no intention to access or manipulate Customer Hosted Data, even in the case where A Prompt maintains technical access for the purposes of management of the infrastructure of the Customer Hosted Solution. This is due to the Customer’s position as the Primary System Administrator. A Prompt interacts with the Customer Hosted Solution at an infrastructure level only, not at the level of Customer Hosted Data or the Customer Hosted Applications. Further, any processing by A Prompt of Customer Hosted Data (which may comprise Processing of Personal Data) is determined by the Customer insofar as it is the Customer that ultimately determines what the Services will be and, therefore, what data processing occurs.
Please be aware that any video, image, or other content posted, uploaded or otherwise made available by you onto your website, whether published content or not, is not subject to our Privacy Notice. We merely process such data on your behalf, subject to our Terms and Conditions and you are responsible for any applicable legal requirements in respect of your content.
Please also read the Customer data processing addendum of our hosting partners for information on the extent of their responsibility for the physical protection of Customer Data.
View our Terms of service