Terms and Conditions

This Privacy and Cookies Policy (together with our Terms and Conditions and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read this Privacy and Cookies Policy carefully to understand our views and practices regarding your personal data and how we will treat it.

We will only use your personal data in the manner set out in this Privacy and Cookies Policy. We will only use your personal data in a way that is fair to you. We will only collect personal data where it is necessary for us to do so and where it is relevant to our dealings with you. We will only keep your personal data for as long as it is relevant to the purpose for which it was collected or for as long as we are required to keep it by law.

For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is DevonWebs Design & Hosting, a sole trading entity in England and Wales.

Information we may collect from you
We may collect and process the following data about you:

Your title, name, date of birth, address, email address, telephone numbers, username, password, business name (if applicable) and such other contact details as we require. This includes information provided at the time of registering to use the Website.
Information that you provide by filling in forms on the Website. This includes information provided at the time of subscribing to our services or requesting further services. We may also ask you for information when you report a problem with the Website.
If you contact us, we may keep a record of that correspondence.
You should only submit to us or the Website information which is accurate and not misleading. You should keep that information up-to-date and let us know if any of that information changes by emailing us at admin@devonwebs.co.uk. By submitting your or anyone else’s data to us or the Website, you must ensure that you have full authority and consent to supply us with that data on their behalf and you warrant to us that you have that authority.

IP addresses
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies
The Website uses cookies. Cookies are small text files which identify your computer to our server as a unique user when you visit certain pages on the Website and they are stored by your Internet browser on your computer’s hard drive. Cookies can be used to recognise your Internet Protocol address, saving you time while you are on the Website.

We only use cookies for your convenience in using the Website and not for obtaining or using any other information about you (for example targeted advertising). Your browser can be set to not accept cookies, but this would restrict your use of the Website.

If you want to find out more information about cookies, go to http://www.allaboutcookies.org or to find out about removing them from your browser, go to http://www.allaboutcookies.org/manage-cookies/index.html.

Please note that we collect data from the Website about use of the Website using a web analysis tool which uses cookies that are (able to be) used to generate pseudonyms for a user’s profile. This means that use cookies (which may be stored on your computer after you leave the Website) can store information about your visit.

Please also note that our suppliers and partners may also use cookies, over which we have no control.

Where we store your personal data
All information you provide to us is stored on our secure servers. We use industry standard security and firewalls on our servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Security
When you make any payment to us through the Website, you must make that payment to us using PayPal or Stripe. We do not collect any payment information from you. When submitting your payment information to PayPal or Stripe, please note that PayPal and Stripe each have their own privacy policies and that we do not accept any responsibility or liability for those privacy policies. Please check those privacy policies before you submit any personal data to PayPal.

Your card details are not stored on our own servers, but remotely with our payment gateway for your security. Recurring use of cards is permitted using ‘tokenisation’.

We do not store credit card details nor do we share customer financial details with any 3rd parties.

Uses made of the information
We use information held about you in the following ways:

To ensure that content from the Website is presented in the most effective manner for you and for your computer.
To provide you with billing information in relation to the services that we may provide to you.
To manage the Website, detect fraud or Website abuses, send you information relevant to the Website and in case we have any queries.
To carry out our obligations arising from any contracts entered into between you and us.
To notify you about changes to our services.
To allow you to register for an account on the Website, which may include sending an email to you to confirm your details.
To give you a new password if you have forgotten it.
We also need to use your contact details and other information for any aspect of the Website (including, without limitation, providing customer support, preventing or investigating prohibited activity, enforcing the Terms of Use and verifying information).

We may transfer our databases containing your personal information if we sell our business or part of it to an actual or potential purchaser.

We may also disclose your details as described elsewhere in this Privacy and Cookies Policy.

Other than as set out in this Privacy and Cookies Policy, we shall NOT sell or disclose your personal data to third parties without obtaining your prior consent unless this is necessary for the purposes set out in this Privacy and Cookies Policy or unless we are required to do so by law.

Other websites
The Website may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.

Consent
By submitting data to us and using the Website, you consent to our use of your data and of anyone you represent in the manner set out in this Privacy and Cookies Policy (as amended from time to time, as described below) and you are responsible for ensuring that you have authority to consent on behalf of anyone about whom you submit data to us.

Please note that you can revoke any consent you have given us under this policy at any time by contacting us on admin@devonwebs.co.uk, and referencing this Privacy and Cookies Policy in the email subject line, using the body of the email to say what consent you are revoking.

Changes to our Privacy and Cookies Policy
Any changes we may make to this Privacy and Cookies Policy in the future will be posted on the Website and, where appropriate, notified to you by e-mail. Each time you enter the Website, you agree that the Privacy and Cookies Policy current at that time shall apply to all information held by you.

Contact
Questions, comments and requests regarding this Privacy and Cookies Policy are welcomed and should be addressed to admin@devonwebs.co.uk.

This Privacy Policy was most recently updated on 24th April 2018.

If you are a registered customer and have access to our Client Area (https://my.devonwebs.uk) then the fastest way to get in touch is by logging in and browsing to ‘Open Ticket’ – from here, you will be able to open a ticket to the department most suitable for your enquiry.

If you would like to contact us but do not have access to the client area (either because you are not yet a customer, or because you are locked out for any reason) then you can contact us via any of the following methods…

General Enquiries:
support@devonwebs.uk

Report Abuse / Abuse Response:
abuse@devonwebs.uk

Complaints:
complaints@devonwebs.uk

Emails will be responded to within 24 hours.

For any of the above – you may also contact us by phone on 01271 320963

Please note that complaints should be provided in writing to complaints@devonwebs.uk – a confirmation of receipt will be provided in 1 working day.

Escalating Complaints:

If you are unhappy with the outcome of your complaint, you may ask for this to be reviewed or to receive a second opinion. This will be then reviewed by another senior member of the team.

Domain Name / Registrar Complaints:

Please use complaints@devonwebs.uk contact us for any domain name related queries you may have, including complaints and instances of domain name abuse, you should expect to receive a response within 1 working day.

You are also able to make a formal complaint about a registrar to Nominet (the .uk registry) here: http://www.nominet.uk/resources/complaints

To report junk email or abuse issues please email abuse@devonwebs.uk.

This acceptable use policy governs your use of the services we provide (“Hosting Services”). Your use of the Hosting Services means that you accept, and agree to abide by, all the policies in this acceptable use policy, which supplement our terms and conditions. DevonWebs may modify this Acceptable Use Policy at any time without notice.

You must not allow a third party to access or use the Hosting Services. If you have purchased one of our reseller hosting packages, you can allow a third party (a “Third Party”) to access or use the Hosting Services. If you do so, they will also be regulated by this acceptable use policy. As such, you will monitor the use of the Hosting Services by a Third Party and you will procure that they abide by this acceptable use policy. A breach of this acceptable use policy by a Third Party will be deemed to be a breach of this acceptable use policy by you.

The Hosting Services are provided by DevonWebs.

A. RESOURCE USAGE
1. The Shared Hosting Services comprise the provision of web space on our servers to enable you to upload pages and files for the purpose of publishing websites.
2. The Shared Hosting Services allow you ‘unlimited’ server space for normal routine “non-file-distribution” web usage. For websites that allow downloading of video, audio or other files we reserve the right to impose a bandwidth limit of fifty (50) gigabytes per calendar month.
3. Non-file-distribution usage will remain unaffected by any limit imposed on downloading of video, audio or other files.
4. In your use of the Shared Hosting Services (other than where you are using your own virtual private server), you may not:
a. use more than 10% of our platform’s processing capacity. There are numerous activities that could cause such problems, including (but not limited to) CGI scripts and intensive FTP, PHP or HTTP operations
b. run stand-alone, unattended server-side processes or any daemons; including (but not limited to) IRCd
c. run any type of web spider or indexer
d. run any software that interfaces with an Internet Relay Chat network
e. run any bit torrent application, tracker, or client. You may link to legal torrent files off-site, but may not host or store them on our servers
f. participate in any file-sharing/peer-to-peer activities
g. run any gaming servers
h. run entries or other scheduled tasks other than by configuring them through our control panel
i. give away web space under a domain (including Resellers giving away free websites)
j. operate a proxy website or service
k. as a remote file host for other websites
l. operate self-hosted file sync or similar “cloud storage” based services including (but not limited to) OwnCloud, Pydio and Sparkleshare.
5. You must not use the Hosting Services as an offsite backup facility. Therefore, all files uploaded to our servers as part of your usage of the Hosting Services must be visible and accessible to the outside world (web-visible) unless they are needed to operate the website of which they form part; We reserve the right to delete files or directories that are not web-visible without giving notice to you.
6. All pages of website stored on our servers as part of the Hosting Services will be available to search engines unless you take action to prevent this. If you wish to optimise your web pages for search engines you agree to use coding and techniques which comply fully with the guidelines issued by Google, Bing, Yahoo and other large search engines.
7. MySQL Databases are limited to 1024 megabytes in size, when they reach this size we will notify you.
8. If you are a Reseller and deactivate a resold web hosting account we will delete it after 50 days.
B. PROHIBITED USES
1. You may use the Hosting Services only for lawful purposes. You may not use the Hosting Services:
a. in any way that breaches any applicable local, national or international law or regulation
b. in any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect
c. for the purpose of harming or attempting to harm minors in any way
d. to send, knowingly receive, upload, download, use or re-use any material which does not comply with our content standards (see below)
e. to transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (also known as SPAM – see below)
to knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware
C. CONTENT STANDARDS
1. These content standards apply to any and all material that you allow to be hosted through the Hosting Services and to any interactive services associated with it.
2. You must comply with the spirit of the following standards. The standards apply to each part of any Material as well as to its whole.
3. Material must:
a. be accurate (where they state facts)
b. be genuinely held (where they state opinions)
c. comply with applicable law in the UK and in any country from which they are posted
d. not be unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
4. Material must not:

a. contain any material which is defamatory of any person
b. contain any material which is obscene, offensive, hateful or inflammatory
c. contain any material that is pornographic
d. promote violence
e. promote discrimination based on race, sex, religion, nationality, disability, sexual orientation or age
f. infringe any copyright, database right or trade mark of any other person
g. be likely to deceive any person
h. be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence
i. promote any illegal activity
j. be threatening, abuse or invade another’s privacy, or cause annoyance, inconvenience or needless anxiety
k. be likely to harass, upset, embarrass, alarm or annoy any other person
l. be used to impersonate any person, or to misrepresent your identity or affiliation with any person
m. give the impression that they emanate from us, if this is not the case
n. advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse
D. ZERO TOLERANCE SPAM POLICY
1. We take a zero tolerance stance against the sending of unsolicited email, bulk emailing and spam. We may terminate the account of any user who send out spam with or without notice
2. Websites advertised as spam may not be hosted on our servers. This provision includes, but is not limited to, spam sent via fax, phone, postal mail, email, instant messaging or newsgroups. Any user account which results in our IP space being blacklisted will be immediately suspended and/or terminated.
3. DevonWebs reserves the right to require changes or disable as necessary any website, account, database or component that does not comply with our policy
4. DevonWebs reserves the right to charge the holder of the account used to send any unsolicited email, a clean-up fee or any charges incurred for blacklist removal at our sole discretion
E. RESELLING
You agree not to:
a. re-sell or offer for the use of third parties any part of our Hosting Services unless a specific Reseller product has been purchased,
b. not to access without authority, interfere with, damage or disrupt

i. any part of the Hosting Services
ii. any equipment or network used to provide the Hosting Services
iii. any software used in the provision of the Hosting Services
iv. any equipment or network or software owned or used by any third party
c. If you deactivate a resold Hosting Service for 50 consecutive days we will automatically delete this Hosting Service.
d. You are responsible for the good housekeeping of your Reseller Service. You agree to delete files and Hosting Services that are no longer required
e. DevonWebs and Staff are not to held liable for any data stored within our servers including but not limited too data loss
F. SUSPENSION AND TERMINATION
1. We will determine, in our discretion, whether there has been a breach of this acceptable use policy through your use of the Hosting Services. When a breach of this policy has occurred, we may take such action as we deem appropriate.
2. Failure to comply with this acceptable use policy constitutes a material breach of the our terms and conditions of sale upon which you are permitted to use the Hosting Services, and may result in our taking all or any of the following actions:
a. immediate, temporary or permanent withdrawal of your right to use the Hosting Services
b. immediate, temporary or permanent removal of any Material (as defined in paragraph 5.1) uploaded to our servers
c. issue of a warning to you
d. issue of legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach
e. further legal action against you
f. disclosure of such information to law enforcement authorities as we reasonably feel is necessary
G. CHANGES TO OUR ACCEPTABLE USE POLICY
1. We may revise this acceptable use policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you.

VPS Fair Usage
Use of Traffic (Bandwidth).

Your account monthly traffic may be limited in accordance with the VPS Type. The additional bandwidth is paid and applied on a monthly basis. The fee is non-refundable. If the monthly traffic limit is reached before the end of the month Your account will be suspended until the beginning of the next month.

Disk Space Usage.

Your account disk space is limited in accordance with the VPS Type. Up to 4 GB from the disc space is allocated to the VPS system files and this space cannot be used for storing Your content.

Additional Services.

The initial and renewal fees for each VPS include the number of IPs in accordance with VPS type. Additional IPs can be added to a VPS. In such a case DevonWebs will charge the appropriate fee for the dedicated IP. The fee is applied and should be paid on a per month basis. The fee is non-refundable.

You can order Additional RAM as extra features to Your VPS account(s). DevonWebs will charge the appropriate fee for the additional RAM, depending on the amount of RAM ordered. The fee is applied and paid on a monthly basis. The fee is non-refundable. Renewal fee is due for the Additional RAM each month after the initial order, until the upgrade or the VPS account itself is cancelled. You are solely responsible to make the renewal payments in a timely manner. In case no renewal payment is received, DevonWebs will remove the additional RAM or will suspend the whole VPS account until receiving additional RAM renewal payment.

VPS Servers are not included in r daily, or weekly backups. We strongly encourage you utilise a remote backup facility in the case of data-loss of corruption which may be irretrievable. DevonWebs cannot be held liable for the loss of data within a VPS.

VPS Management
As part of our VPS products, we may include ‘management’, which is available in the following tiers…

Unmanaged
No assistant in software/server management included

Managed
Our management offering is ideal for those who are able to handle the day to day operations of your server, but would require occassional assistance. Our managed VPS option may be included as standard with your VPS purchase, but support / assistance will be limited to 1 hours monthly. Additional management hours can be purchased, or may be billed at the standard rate of £15.00 per hour. The support team under a basic management plan will not access a server, and will provide only documentation or references to assist in terms of diagnosing any potentials issues within the server.

Fully Managed / Monitored

Our highest level of management allows us to provide full server administration with up to 3 hours of technical assistance / consultation monthly. We will also monitor your server pro-actively. Tasks will be carried out on request – urgent upgrades /patches will be carried out automatically.

Monitoring levels will vary according to the scale of a project – DevonWebs reserves the right to increase / decrease management costs in order to provide a bespoke support offering.

Storage and Security
At all times, You shall bear full risk of loss and damage to Your server and all of Your server content. You are entirely responsible for maintaining the confidentiality of Your password and account information. You acknowledge and agree that You are solely responsible for all acts, omissions and use under and charges incurred with Your account or password or in connection with the server or any of Your server content displayed, linked, transmitted through or stored on the server. You shall be solely responsible for undertaking measures to: (i) prevent any loss or damage to Your server content; (ii) maintain independent archival and backup copies of Your server content; (iii) ensure the security, confidentiality and integrity of Your server content transmitted through or stored on DevonWebs servers; and (iv) ensure the confidentiality of Your password. DevonWebs services are not intended to be used for data backup or archiving purposes. Using an account as an online storage space for archiving electronic files is prohibited and will result in termination of hosting services without prior notice. We reserve the right to delete Your archives if they affect Our overall server performance and DevonWebs shall have no liability to You or any other person for loss, damage or destruction of any of Your content. The services offered by DevonWebs are not intended to provide a PCI (Payment Card Industry) compliant environment and therefore should not be utilized as such without further compliance activity. DevonWebs shall have no liability to You or any other person for Your use of DevonWebs products and/or services in violation of these terms.

Abuse
If your VPS becomes under attack we can suspend and terminate your service with prior warning and no refunds.

Shared / Reseller / WordPress / Application Hosting:
Shared and re-seller hosting accounts will be activated instantly on receipt of payment. Once paid, our systems will automatically provision your account and will notify you of any relevant setup / information.

Due to our fraud prevention systems – any order may be placed in a ‘Pending’ state awaiting confirmation / acceptance by management. This may cause delays and will prevent automatic creation of the shared hosting accounts mentioned above.

Cloud / VPS / Dedicated and Other:
Services apart from those on our shared hosting environments will be provisioned manually within 12 hours following receipt of first payment.

Domains are provisioned through our registrar partners.  As such we cannot guarantee the availability of a particular domain, however any charges incurred in the registration of a domain which is subsequently found to be unavailable will be refunded in full.

When a domain is registered though us we are just the registrar and you are still the registered owner and still hold all the rights to your domain/s. You can move away from us anytime by raising a ticket or emailing support@devonwebs.uk.

Please note that the registrars may reject the registration of a domain if invalid information is provided at the time of order. All TLDs and ccTLDs have differing validation requirements which are also subject to change. As such we are not responsible for the validation of such data and it is your responsibility to check that a domain registration has been completed by the receipt of a ‘domain registration confirmation’ email. In the unlikely event a domain is rejected by the registrar, you will not receive such an email and we would need to be alerted to investigate this with the registrar directly and process the registration manually.

The objective of this SLA is to document the availability of the Service that DevonWebs  is to achieve. This does not constitute any additional liability to DevonWebs, but instead a self-assumed obligation towards the Client. Under the conditions below DevonWebs offers to pay the Client service credits if the availability defined below is not met.

DevonWebs shall guarantee the availability will be 99% in any calendar month, subject to exclusions as defined below. If DevonWebs fails to meet this guarantee a credit shall be available to the Client as defined below.

The availability calculation shall exclude periods when outages arise from, or are otherwise indirectly caused by:

– Outage periods due to any cause other than faults by DevonWebs, including faults or negligence of the Client or problems associated with equipment connected on the Client’s side of DevonWebs delivery point,

– In case that the Client’s equipment should cause negative effects on the performance, quality and/or operation of the DevonWebs Network, DevonWebs will proceed to disconnect the link, for benefit of the rest of users of the DevonWebs Network. This disconnection won’t be cause of penalty under the SLA. DevonWebs will notify the Client as soon as possible about this issue in order for the Client to repair the problems.

– Outage periods reported by the Client in which no fault is observed or confirmed by DevonWebs

– Any fault period during which service is suspended under provision in this Agreement,

– The Client requesting DevonWebs to upgrade the capacity of the service, if this operation results in an outage.

– During Scheduled Maintenance affecting the Services as defined above.

– Performance degradations and service loss due to Denial Of Service attacks or other unlawful attacks generated inside the Client’s network or executed against users inside the Client’s network or the Client network infrastructure, will be excluded from SLA calculation as it is within the Client’s responsibility to put in place the relevant protection mechanisms inside its network to protect itself and its clients.

Neither Party will be obliged to carry out any obligation under this Agreement where performance of such obligation is prevented by the occurrence of a Force Majeure Event. No commitment from DevonWebs applies in case of Force Majeure.

Should the Client not have access to the Services as defined above, DevonWebs shall credit the client as follows:

(a) <99% and > 99.8% = 2% monthly credit

(b) 95% to 99.8% = 10% monthly credit

(c) 90% to 94.9% = 25% monthly credit

(d) 60% to 89.9% = 40% monthly credit

(e) < 60% = Pro-rata up to a maximum of 100% monthly credit

The credit applies to the contracted service. The Client shall not be entitled to any credits under this SLA if any payment of the price for the Services is overdue under the terms of this Agreement. The credit shall be made for the element of the Services that were not available, it will not be made for the whole service. (E.G. If a dedicated server and backup service are ordered, but the backup service is not available for a period of time, the credit will be calculated based on the price of the backup service, not the combined price of the dedicated server and backup service.) Any credit is subject to the Client notifying DevonWebs within 7 days in writing. This Client agrees the service credits due under this SLA are its sole remedy against DevonWebs for any non-availability of the Services.

Passed in 2016, the new General Data Protection Regulation (GDPR) is the most significant legislative change in European data protection laws since the EU Data Protection Directive (Directive 95/46/EC), introduced in 1995. The GDPR, which becomes enforceable on May 25, 2018, seeks to strengthen the security and protection of personal data in the EU and serve as a single piece of legislation for all of the EU. It will replace the EU Data Protection Directive and all the local laws relating to it.

We support the GDPR and will ensure all DevonWebs Hosting services comply with its provisions by May 25, 2018. Not only is the GDPR an important step in protecting the fundamental right of privacy for European citizens, it also raises the bar for data protection, security and compliance in the industry.

Data Processing Agreement

This Customer Data Processing Agreement reflects the requirements of the European Data Protection Regulation (“GDPR”) as it comes into effect on May 25, 2018. DevonWebs Design & Hosting´s products and services offered in the European Union are GDPR ready and this DPA provides you with the necessary documentation of this readiness.

This Data Processing Agreement (“DPA”) is an addendum to the Customer Terms of Service (“Agreement”) between DevonWebs Design & Hosting and the Customer. All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement. Customer enters into this DPA on behalf of itself and, to the extent required under Data Protection Laws, in the name and on behalf of its Authorized Affiliates (defined below).

The parties agree as follows:

1.Definitions

“Affiliate” means an entity that directly or indirectly Controls, is Controlled by or is under common Control with an entity.

“Authorized Affiliate” means any of Customer Affiliate(s) permitted to or otherwise receiving the benefit of the Services pursuant to the Agreement.

“Control” means an ownership, voting or similar interest representing fifty percent (50%) or more of the total interests then outstanding of the entity in question. The term “Controlled” shall be construed accordingly.

“Controller” means an entity that determines the purposes and means of the processing of Personal Data.

“Customer Data” means any data that DevonWebs Design & Hosting and/or its Affiliates processes on behalf of Customer in the course of providing the Services under the Agreement.

“Data Protection Laws” means all data protection and privacy laws and regulations applicable to the processing of Personal Data under the Agreement, including, where applicable, EU Data Protection Law.

“EU Data Protection Law” means (i) prior to May 25, 2018, Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data (“Directive”) and on and after May 25, 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); and (ii) Directive 2002/58/EC concerning the processing of Personal Data and the protection of privacy in the electronic communications sector and applicable national implementations of it (in each case, as may be amended, superseded or replaced).

“Personal Data” means any Customer Data relating to an identified or identifiable natural person to the extent that such information is protected as personal data under applicable Data Protection Law.

“Privacy Shield” means the EU-US and Swiss-US Privacy Shield Frameworks, as administered by the U.S. Department of Commerce.


“Privacy Shield Principles” means the Privacy Shield Framework Principles (as supplemented by the Supplemental Principles) contained in Annex II to the European Commission Decision of 12 July 2016 pursuant to the Directive, details of which can be found at www.privacyshield.gov/eu-us-framework.

“Processor” means an entity that processes Personal Data on behalf of the Controller.

“Processing” has the meaning given to it in the GDPR and “process”, “processes” and “processed” shall be interpreted accordingly.

“Security Incident” means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data.

“Services” means any product or service provided by DevonWebs Design & Hosting to Customer pursuant to and as more particularly described in the Agreement.

“Sub-processor” means any Processor engaged by DevonWebs Design & Hosting or its Affiliates to assist in fulfilling its obligations with respect to providing the Services pursuant to the Agreement or this DPA. Sub-processors may include third parties or any DevonWebs Design & Hosting Affiliate

2.Scope and Applicability of this DPA

2.1 This DPA applies where and only to the extent that DevonWebs Design & Hosting processes Personal Data on behalf of the Customer in the course of providing the Services and such Personal Data is subject to Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom. The parties agree to comply with the terms and conditions in this DPA in connection with such Personal Data.

2.2 Role of the Parties. As between DevonWebs Design & Hosting and Customer, Customer is the Controller of Personal Data and DevonWebs Design & Hosting shall process Personal Data only as a Processor on behalf of Customer. Nothing in the Agreement or this DPA shall prevent DevonWebs Design & Hosting from using or sharing any data that DevonWebs Design & Hosting would otherwise collect and process independently of Customer’s use of the Services.

2.3 Customer Obligations. Customer agrees that (i) it shall comply with its obligations as a Controller under Data Protection Laws in respect of its processing of Personal Data and any processing instructions it issues to DevonWebs Design & Hosting; and (ii) it has provided notice and obtained (or shall obtain) all consents and rights necessary under Data Protection Laws for DevonWebs Design & Hosting to process Personal Data and provide the Services pursuant to the Agreement and this DPA.

2.4 DevonWebs Design & Hosting Processing of Personal Data. 

As a Processor, DevonWebs Design & Hosting shall process Personal Data only for the following purposes: (i) processing to perform the Services in accordance with the Agreement; (ii) processing to perform any steps necessary for the performance of the Agreement; and (iii) to comply with other reasonable instructions provided by Customer to the extent they are consistent with the terms of this Agreement and only in accordance with Customer’s documented lawful instructions. The parties agree that this DPA and the Agreement set out the Customer’s complete and final instructions to DevonWebs Design & Hosting in relation to the processing of Personal Data and processing outside the scope of these instructions (if any) shall require prior written agreement between Customer and DevonWebs Design & Hosting.

2.5 Nature of the Data. 

DevonWebs Design & Hosting handles Customer Data provided by Customer. Such Customer Data may contain special categories of data depending on how the Services are used by Customer. The Customer Data may be subject to the following process activities: (i) storage and other processing necessary to provide, maintain and improve the Services provided to Customer; (ii) to provide customer and technical support to Customer; and (iii) disclosures as required by law or otherwise set forth in the Agreement.

2.6 DevonWebs Design & Hosting Data. 

Notwithstanding anything to the contrary in the Agreement (including this DPA), Customer acknowledges that DevonWebs Design & Hosting shall have a right to use and disclose data relating to and/or obtained in connection with the operation, support and/or use of the Services for its legitimate business purposes, such as billing, account management, technical support, product development and sales and marketing. To the extent any such data is considered personal data under Data Protection Laws, DevonWebs Design & Hosting is the Controller of such data and accordingly shall process such data in compliance with Data Protection Laws.

3.Subprocessing

3.1 Authorized Sub-processors. 

Customer agrees that DevonWebs Design & Hosting may engage Sub-processors to process Personal Data on Customer’s behalf. The Sub-processors currently engaged by DevonWebs Design & Hosting and authorized by Customer are listed in Annex A.

3.2 Sub-processor Obligations.

DevonWebs Design & Hosting shall: (i) enter into a written agreement with the Sub-processor imposing data protection terms that require the Sub-processor to protect the Personal Data to the standard required by Data Protection Laws; and (ii) remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of the Sub-processor that cause DevonWebs Design & Hosting to breach any of its obligations under this DPA.

3.3 Changes to Sub-processors. 

DevonWebs Design & Hosting shall provide Customer reasonable advance notice (for which email shall suffice) if it adds or removes Sub-processors.

3.4 Objection to Sub-processors. 

Customer may object in writing to DevonWebs Design & Hosting’s appointment of a new Sub-processor on reasonable grounds relating to data protection by notifying DevonWebs Design & Hosting promptly in writing within five (5) calendar days of receipt of DevonWebs Design & Hosting’s notice in accordance with Section 3.3. Such notice shall explain the reasonable grounds for the objection. In such event, the parties shall discuss such concerns in good faith with a view to achieving commercially reasonable resolution. If this is not possible, either party may terminate the applicable Services that cannot be provided by DevonWebs Design & Hosting without the use of the objected-to-new Sub-processor.

4.Security

4.1 Security Measures. 

DevonWebs Design & Hosting shall implement and maintain appropriate technical and organizational security measures to protect Personal Data from Security Incidents and to preserve the security and confidentiality of the Personal Data, in accordance with DevonWebs Design & Hosting’s security standards described in Annex B (“Security Measures”).

4.2 Confidentiality of Processing. 

DevonWebs Design & Hosting shall ensure that any person who is authorized by DevonWebs Design & Hosting to process Personal Data (including its staff, agents and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).

4.3 Security Incident Response. 

Upon becoming aware of a Security Incident, DevonWebs Design & Hosting shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.

4.4 Updates to Security Measures. 

Customer acknowledges that the Security Measures are subject to technical progress and development and that DevonWebs Design & Hosting may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services purchased by the Customer.

5.Security Reports and Audits

5.1 DevonWebs Design & Hosting shall maintain records of its security standards. Upon Customer’s written request, DevonWebs Design & Hosting shall provide (on a confidential basis) copies of relevant external ISMS certifications, audit report summaries and/or other documentation reasonably required by Customer to verify DevonWebs Design & Hosting’s compliance with this DPA. DevonWebs Design & Hosting shall further provide written responses (on a confidential basis) to all reasonable requests for information made by Customer, including responses to information security and audit questionnaires, that Customer (acting reasonably) considers necessary to confirm DevonWebs Design & Hosting’s compliance with this DPA, provided that Customer shall not exercise this right more than once per year.

6.International Transfers

6.1 Processing Locations. 

DevonWebs Design & Hosting stores and processes EU Data (defined below) in data centers located inside and outside the European Union. All other Customer Data may be transferred and processed in the United States and anywhere in the world where Customer, its Affiliates and/or its Sub-processors maintain data processing operations. DevonWebs Design & Hosting shall implement appropriate safeguards to protect the Personal Data, wherever it is processed, in accordance with the requirements of Data Protection Laws. 

6.2 Transfer Mechanism: 

Notwithstanding Section 6.1, to the extent DevonWebs Design & Hosting processes or transfers (directly or via onward transfer) Personal Data under this DPA from the European Union, the European Economic Area and/or their member states and Switzerland (“EU Data”) in or to countries which do not ensure an adequate level of data protection within the meaning of applicable Data Protection Laws of the foregoing territories, the parties agree that DevonWebs Design & Hosting shall be deemed to provide appropriate safeguards for such data by virtue of having certified its compliance with the Privacy Shield and DevonWebs Design & Hosting shall process such data in compliance with the Privacy Shield Principles. Customer hereby authorises any transfer of EU Data to, or access to EU Data from, such destinations outside the EU subject to any of these measures having been taken.

7.Return or Deletion of Data

7.1 Upon deactivation of the Services, all Personal Data shall be deleted, save that this requirement shall not apply to the extent DevonWebs Design & Hosting is required by applicable law to retain some or all of the Personal Data, or to Personal Data it has archived on back-up systems, which such Personal Data DevonWebs Design & Hosting shall securely isolate and protect from any further processing, except to the extent required by applicable law.

8.Cooperation

8.1 To the extent that Customer is unable to independently access the relevant Personal Data within the Services, DevonWebs Design & Hosting shall (at Customer’s expense) taking into account the nature of the processing, provide reasonable cooperation to assist Customer by appropriate technical and organizational measures, in so far as is possible, to respond to any requests from individuals or applicable data protection authorities relating to the processing of Personal Data under the Agreement. In the event that any such request is made directly to DevonWebs Design & Hosting, DevonWebs Design & Hosting shall not respond to such communication directly without Customer’s prior authorization, unless legally compelled to do so. If DevonWebs Design & Hosting is required to respond to such a request, DevonWebs Design & Hosting shall promptly notify Customer and provide it with a copy of the request unless legally prohibited from doing so.

8.2 To the extent DevonWebs Design & Hosting is required under Data Protection Law, DevonWebs Design & Hosting shall (at Customer’s expense) provide reasonably requested information regarding DevonWebs Design & Hosting’s processing of Personal Data under the Agreement to enable the Customer to carry out data protection impact assessments or prior consultations with data protection authorities as required by law.

9.Miscellaneous

9.1 Except for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict.

9.2 This DPA is a part of and incorporated into the Agreement so references to “Agreement” in the Agreement shall include this DPA.

9.3 In no event shall any party limit its liability with respect to any individual’s data protection rights under this DPA or otherwise.

9.4 This DPA shall be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by Data Protection Laws.

DevonWebs Design & Hosting
Name: Samuel Rudd
Title: Owner

ICO Registered: ZB156902

Officer: Samuel Rudd

Annex A – List of DevonWebs Design & Hosting Sub-processors

Available upon request

Annex B – Security Measures

Available upon request

Provisioning and Suspension When you sign up to any services provided by DevonWebs Design and Hosting you are agreeing to pay us within 14 days of the invoice being generated, We will provide your service once we receive confirmation of successful payment. All invoices will be delivered by email from support@devonwebs.uk. DevonWebs reserves the rights to suspend any Service relating to overdue invoices within 3 days. If you have any issues with your payment date then please contact us and we can re-arrange the date for you.

Payment Method Storage If you have a Direct Debit we with hold the right to process payments that are over due for products that have not been cancelled. This includes but is not limited to any invoice that is overdue/unpaid. Your bank information is held at our processor (GoCardless)

Refunds Refunds are available for virtual private servers within 3 days from the signup date. Licenses and management services are not eligible for refunds, WHMCS Licenses require 30 Days notice for cancellation as you could still be charged for the license if you cancel before the renewal date. Raising a billing dispute or chargeback with our payment processors may result in instant service suspension or termination. Customers who knowingly breach terms of service relinquish their right for a refund. Any account that has deposited funds are agreeing to forfiet a refund of that money if they choose to stop purchasing products and services from us. Any credit left on the account will expire after 12 months unless regular top-ups are deposited.

PayPal subscriptions DevonWebs is not responsible for the cancellation of PayPal subscriptions following the cancellation of a service contract or an incorrectly setup payment profile. This is an action that must be carried out by the customer. Failure to do so may result in additional payments being taken. as such no refunds are available.

Direct Debit Payments Devonwebs is not responsible for the cancellation of Direct Debits following the cancellation of a service contract. This is an action that must be carried out by the customer after the service cancellation has been confirmed. Failure to do so may result in additional payments being taken no refunds are available

Design & Management When a design and management package is proposed once first payment is made you will be entered into a 12 month contract on the management platform. This is due to the setup costs being significantly lower than just a Design and go package.

Design Once a design is underway we do not offer any refunds due to the labour that goes into creating your bespoke website. We do offer a 30 day ammendment service for free from the launch of your website but no exchange of money is offered.

Non Payment If more than 3 days pass from the date on which any invoice for the hosting services is issued to you and we have not received payment in full, we will suspend your account and charge a 20% late fee (minimum £5), which means that your data, files and website will become in-active and cannot be accessed. If in the following 3 days you pay all amounts due, bringing your account up to date, we will take your account out of suspension and the data will be available again immediately. You must have an active method of payment upon your account reopening for your auto-renewal at all times, failure to do so can result in your account being suspended or canceled automatically.

If, however, 3 days pass from the date on which your account is suspended and you have not made payment in full, DevonWebs shall have the right to delete all data you have uploaded to the servers. To summarize, if you get 6 days behind in making payments, your data will be deleted. You hereby acknowledge that this is DevonWebs’s policy when it comes to data retention, and waive all rights in and to your data in these situations.

Invoices for renewals will be issued and charged up to 14 days in advance to ensure that we receive cleared funds for the continued hosting service and domain renewal.

We will make every attempt to retain daily backups for our shared & multi package hosting services. Currently, we do not backup our UNMANAGED VPS server product line. However, as with any data storage systems, backups can fail. We encourage you to perform your own backups on a periodic basis. 

Because the Services permit Users to electronically transmit or upload content directly to the User Web site, User shall be fully responsible for uploading all content to the User Web site and supplementing, modifying and updating the User Web site, including all back-ups.

• DevonWebs Design & Hosting shall not be responsible for any damages to the User Content, the User Web site or other damages or any malfunctions or service interruptions caused by any failure of the User Content or any aspect of the User Web site.
• User is solely responsible for making back-up copies of the User Web site and any and every User Content.
• DevonWebs Design & Hosting cannot guarantee that the contents of a Web site will never be deleted or corrupted, or that a back-up of a Web site will always be available. Users should always keep up-to-date copies of all such materials and content to a local computer and DevonWebs strongly suggest that Users regularly make additional copies to ensure the availability of such files, content or materials.

If you would like to automate your VPS Backups please order the addon product from the Client Area or Contact Sales