1. Who are we?
1.1. We are Creed Hosting (“we”, “us” or “our”), a company registered in England and India registered office at Malhotra Residency, Prahlad Nagar, Ahmedabad, Gujarat, India
1.2. We own and operate https://www.creedhosting.com/ (the “Website”), through which you can access functionality and information in respect of the services we provide to you from time to time (“Services”) under our Terms and Conditions.
1.3. For the purpose of the Data Protection Act 1998 and the General Data Protection Regulation (or any other subsequent enactment of it in the United Kingdom & India) (together, “Data Protection Laws”), we are:
1.3.1. a data controller in respect of any personal data that you share with us, or that we collect, through the Website (including personal data you provide to us, or that we collect, during your registration for, and subscription to, the Services we provide) or otherwise in your communications with us; and
1.3.2. a data processor in respect of personal data that you share with us as part of your use of the Services that we provide, and in respect of which you are the data controller; our and your respective obligations in relation to that personal data are set out in our Terms and Conditions, and additional information is set out in paragraph 4 below.
You can contact us at the above address, or through our support ticketing system.
4. Processing under our Terms and Conditions
For the purposes of Data Protection Laws and paragraph 1.3.2 above only, we process “Personal Data ” (as defined in our Terms and Conditions) in accordance with the follow scope, nature and purposes:
Nature and purpose of the processing of personal data
In order that we can provide our Services to you in accordance with our Terms and Conditions.
Subject matter of the processing of personal data
For our provision of Services to you as our customer, as set out in our Terms and Conditions.
Duration of the processing of personal data
The term of our contract with you in accordance with our Terms and Conditions, until we delete that data in accordance with that contract.
Categories of personal data being shared between you and us
Data relating to individuals provided to us by you (or at your direction) during our provision of the Services.
Types of data subject in respect of whom we process personal data
The data subjects in respect of whom you use our Services and data is sent (or provided) to us through those Services, by you or at your direction.
5. Fair processing
6.1. We are the data controller for any information you give to us during a job enquiry or application process.
6.2. We will only collect the information that we need for recruitment purposes as part of the job application process, such as your name, address, email address, phone number, employment history, salary history and referees (together, “Recruitment Data”). We will retain Recruitment Data for as long as is necessary, and in any event for no longer than two years, and, if we employ you, for the duration of your employment with us and for a period after your employment ends, in accordance with our internal policies of which you will be informed if you join us.
6.3. We will use Recruitment Data only for the purpose of dealing with your enquiry or application, or to fulfil our legal and/or regulatory obligations. This might include contacting you to keep your application moving, and assessing your suitability for the particular role we have available.
6.4. We will not share Recruitment Data with any third parties for marketing purposes, and we will not transfer it outside of the European Economic Area.
6.5. You do not have to provide personal data to us when we ask for it, but it may impact your application if you do not give us all of the information we need to assess your suitability for the role we have available.
6.6. If we make you a conditional offer of employment, we will ask you for further information, such as proof of your qualifications and identity, and information about your health. If we then make you a final offer of employment, we will ask you for details of your bank account (so we can pay your salary), emergency contact details, and details of any pension scheme of which you are a member.
7. Making sure the personal data we hold is accurate and up-to-date
7.1. You should only submit to us or the Website information which is accurate and not misleading.
7.2. By submitting your or anyone else’s data to us or the Website, you must ensure that you have full authority and consent to supply us with that data on their behalf and you warrant to us that you have that authority.
8. IP addresses
8.1. We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
8.2. We use this data to ensure that content from the Website is presented in the most effective manner for you and for your computer. We hold this data for two years.
10. Where we store your personal data
10.1. All information you provide to us is stored on our secure servers. We use industry standard security and firewalls on our servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
10.2. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
10.3. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
11.1. When you make any payment to us through the Website, you must make that payment to us using PayPal or Worldpay. We do not collect any payment information from you. When submitting your payment information to PayPal or Worldpay, please note that PayPal and Worldpay each have their own privacy policies and that we do not accept any responsibility or liability for those privacy policies. Please check those privacy policies before you submit any personal data to PayPal or Worldpay; those privacy policies can be found at:
- PayPal: https://www.paypal.com
- Worldpay: https://www.worldpay.com
11.2. We hold all personal data securely, whether the personal data is in physical or electronic format. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
11.3. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
12. Sharing personal data with third parties
12.1. We may transfer our databases containing your personal information if we sell our business or part of it to an actual or potential purchaser. This is in our legitimate interest.
12.2. In providing our Services or otherwise running our business, we use third parties which assist us in operating our business, and which process certain personal data on our behalf. We share personal data with those third parties only to the extent it is necessary for us to provide the Services, and where it is in our legitimate interest to do so. We have contracts with those third parties in which they are obligated to process personal data in compliance with Data Protection Laws. All third parties are based in European Economic Area (EEA). See our Terms and Conditions for information about third parties that we use in providing our Services.
13. Other websites
The Website may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
14. Your rights under Data Protection Laws
14.1. If you would like to:
14.1.1. correct or update the personal data that we hold about you
14.1.2. ask that we delete your personal data;
14.1.3. get a copy of the personal data that we hold about you;
14.1.4. access the personal data we hold about you;
14.1.5. restrict the uses for which we use your personal data;
14.1.6. transfer the personal data we hold about you to a third-party data controller;
14.1.7. object to our processing of your personal data for particular purposes; or
14.1.8. withdraw your consent to our use of your personal data (where relevant);
Please contact us promptly through our support ticketing system or by post sent to our registered address. When contacting us, please include your name, email address and customer reference so that we can be sure that it is you that is contacting us and not somebody else.
14.2. Usually, you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
14.3. You can unsubscribe from receiving marketing communications from us by contacting us through our support ticketing system or by post sent to our registered address.
14.4. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
14.5. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You can make a complaint to a supervisory authority in respect of our processing of personal data at any time. In the UK, the Information Commissioner’s Office (also known as the ICO) is the supervisory authority; see how to contact the ICO for more information. However, we would appreciate the opportunity to deal with your concerns before you contact the ICO, so please contact us in the first instance.