Legal · Privacy

Privacy Policy.

How CSN-UK collects, stores and uses your personal data — and the rights you have over it.

Last reviewed: April 2026 · Effective from: [DATE — TO CONFIRM]

Template draft. This page is a structured starting point — please review the wording with legal counsel before publishing. Sections marked […] need confirming or completing.

Who we are

CSN-UK ("we", "our", "us") is a trading name of [Registered company name], a company registered in [England and Wales] with company number [XXXXXXXX]. Our registered address is [address].

For privacy queries you can reach us via the support ticket system at secure.csn-uk.net/submitticket.php.

What personal data we collect

To provide our hosting services we collect and process the following categories of personal data:

  • Account data — name, billing address, email address, phone number (optional), and the credentials you set for our client area.
  • Billing data — payment card details (processed by our PCI-DSS compliant payment provider; we do not store full card numbers), billing history, VAT details where applicable.
  • Service data — domains hosted, products purchased, support tickets, usage statistics necessary to operate the service.
  • Technical data — IP address, browser/user-agent, server log entries, cookies (see Cookie Policy).
  • Communications — emails or messages you send us, transcripts of any live-chat sessions.

Why we collect it

We process your personal data on the following lawful bases under UK GDPR:

  • Performance of a contract — to provide hosting services you have ordered from us.
  • Legal obligation — to comply with tax, accounting and law-enforcement requirements.
  • Legitimate interests — to secure our network, prevent abuse, and improve our services.
  • Consent — where you opt in to marketing communications (you can withdraw consent at any time).

How long we keep it

We retain personal data only for as long as necessary for the purposes set out above. Specifically:

  • Account & billing records — up to [6 years] after the closure of your account, in line with HMRC requirements.
  • Server logs — typically [30 days], longer where required for security investigations.
  • Support tickets — up to [3 years] after closure of the ticket.
  • Marketing data — until you withdraw consent or after [24 months] of inactivity.

Who we share it with

We do not sell your personal data. We share it only with:

  • Service providers who operate parts of our infrastructure on our behalf — including our payment processor, our domain registrar, and our data-centre provider. All are bound by data-processing agreements compliant with UK GDPR.
  • UK regulators or law-enforcement where required by law or court order.

International transfers

Your personal data is stored within the United Kingdom. Where any sub-processor is located outside the UK, we ensure transfers are covered by appropriate safeguards such as the UK International Data Transfer Agreement.

Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you (subject access request).
  • Correct inaccurate or incomplete data.
  • Erase data (right to be forgotten), subject to our legal retention requirements.
  • Restrict or object to processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, contact us via the support ticket system.

Security

We use encryption in transit (HTTPS / TLS) and at rest where appropriate, restricted access to administrative systems, and routine security reviews to protect personal data against unauthorised access, loss or alteration.

Changes to this policy

We may update this policy from time to time. The "Last reviewed" date at the top reflects the most recent change. Material changes will be notified to active customers by email.

Contact

Questions about this policy? Open a ticket at secure.csn-uk.net/submitticket.php.