Here at Make Hay (registered company address: 22A Main Road, Gedling, Nottingham NG4 3HP. Company number: 5223822) we respect the privacy of our customers and website users and are committed to safeguarding their personal information. It is also vital that we keep secure our own operational data and systems. This policy outlines how we do this.
The types of information we collect
We may collect the following types of personal data from customers and users:
- First name, last name, e-mail address, postal address and telephone/mobile number.
- Contact information for financial transaction and payments. Although we do take financial transactions, we do not have access to, process or store customers’ credit/debit card details. This is carried out via secure, third party payment processors. We do keep a record of customers’ purchase history and any other transactions with us for financial purposes.
- Any other information customers and users send to us when signing up to use our services(s), undertake a contract with us or make an enquiry with us.
This type of information is provided directly by our customers or users to allow us to provide the services as outlined in our terms and conditions. Without this data we are not able to provide services or fulfil contracts requested by the customer/user.
Analytics and tracking data
Some information may be collected automatically when users visit our website(s) or access our e-newsletters. This type of information may include IP address, geographical location, links clicked, website navigation, browsing device, browsing software and referral source. More details about website analytics can be found in the ‘Analytics and statistics’ section below.
None of the cookies on this website are used to personally identify its visitors (e.g. name and address). They do not collect or store personal or sensitive data about individual visitors and are necessary for the functionality and security of the website. Our website cookies do collect details about your IP address which is necessary to protect against fraud. If you do not wish to receive cookies then you can switch them off and delete them in your browser. Different browsers perform this function in different ways. You can find out how to do it in your browser by searching its 'Help' facility. You can change your cookie settings at any time. This website explains how to control cookies. Please note: If cookies are disabled then features on this website will be disrupted and some functions may not work fully or at all.
We keep data processing and storage to a minimum and as required for each purpose.
How information is processed
Make Hay as Data Controllers
Make Hay as Data Processors
Provision of our e-newsletter (Make Mail) and website hosting (Green Hosting) services mean that we act as Data Processors to our customers. Information we process on behalf of our customers is stored securely and may include, but is not limited to, contact details, usage statistics and any other information customers store at their Green Hosting account. In this case our customers are Data Controllers and are responsible for any information they store and use via our services.
This information may be processed by Make Hay Ethical E-Media Ltd and external party data processors (such as mail service providers, hosting providers, domain registrars, back-up services and helpdesk software service providers) as appointed, if necessary.
Information is used and processed in the following ways:-
Contacting the customer/user
- Fulfilling support requests and responding to customer queries.
- Responding to other enquiries about our services and providing quotes.
- To send general communications about our services.
- To inform of matters relating to customers’ accounts (e.g security information or support) and available services related to their contract with us.
- To send any communications customers/users have specifically requested.
- Where communications are sent via our e-newsletter system, users may unsubscribe using the link in the newsletter.
Providing a service
- Supplying the services customers have purchased from us and fulfilling requests for support.
- Registering domains on behalf of our customers with a third party domain registrar.
- Sending invoices and statements to customers as well as refunds if necessary.
- Manage repeat billing.
- Maintain and keep our accounts as required by law.
Backing up of information stored at our operating office and hosting server to a secure third party location and using encryption.
Analytics and statistics
The statistical information we collect via our e-newsletter system (timings, geographical location, and links clicked) helps us to monitor and improve our communications with our customers.
Where information is processed
The information is processed at the Make Hay Ethical E-Media Ltd operating office and in any other places where parties involved with information processing are located. External parties may be global companies and in those cases the data may not necessarily be processed within the UK.
Information is kept for the amount of time needed to provide services to our customers or other users or for any other timescales as required by law (e.g. financial data).
Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and up to date. Please inform us of any changes to your personal data during your relationship with us.
Third party websites, social media platforms and apps
Our websites may link to third parties. We are not responsible for their practices or privacy policies.
Third party social media platforms and apps may collect types of data such as cookies and web traffic data. Please see their privacy policies for full details.
Measures taken to keep information secure
Here at Make Hay Ethical E-media Ltd we take extensive measures to keep information secure including, but not limited to:-
- All Make Hay, Make Mail and Green Hosting accounts are password protected. Customers must implement their own measures to keep their accounts and passwords secure.
- Keeping passwords for our own activities as well as customers’ accounts secure.
- Using unique, securely generated passwords of a minimum of 12 characters.
- Using multi-factor authentication for online services.
- Using secured connections for our own websites (SSL)
- Employing encrypted, password protected back ups of our own websites and web hosting management software.
- Using secure third party services which employ measures such as password protected accounts, firewalls, anti-virus/malware detection/protection and encrypted storage and connections.
- Using of anti-virus software, firewalls and VPN.
- Password protected computers and devices.
- Lock / log off computers when away from desks.
- Making daily offsite back-ups of our operational data, which can be restored quickly in the event of a cyber incident, in order to ensure minimal service disruption.
- Keeping tight control of who has access to our data and which devices are used. There is no public access to our premises or our devices / computers. Only Make Hay Ethical E-Media employees have access to our systems and data.
- Changing usernames and passwords from default to unique, securely generated password
- Ensuring any unused software or apps are completely removed from devices and related data deleted.
- Ensuring any unused hard disks completely formatted and destroyed
- Employ devices locking after failed attempt logins
- Using only software on computers and devices that is supported by suppliers that produce regular security fixes and updates. Automatic updates are enabled and / or updates are made within 14 days of release.
- Employing a prompt and established process should we believe an account or password has been compromised.
- Use password breach notification tools.
- Use anti-malware software to scan web pages we visit and warn against accessing suspicious or malicious websites.
- Disposal of confidential paper waste by shredding.
- Being aware and vigilant of potential attacks/hacks (opening e-mails/websites).
- Locking away any hard copies of information when not being used.
- Ensuring visitors to our premises are not able to access information.
- Positioning screens away from windows where personal information could be seen.
Data transmission via the internet is inherently insecure. We cannot be responsible for or guarantee the security of any information sent via the internet.
Information sharing / Disclosure
We will never sell, rent, share or disclose customers’ or users’ information to third parties for marketing purposes.
User information and rights
Customers and users have the right to request details of the information we store about them. In this case a fee may be charged to prepare and supply the information and proof of identity will be requested.
Customers and users have the right to request that we amend or delete their information at any time. In many cases it is possible for customers to amend their own information via the e-newsletter system and/or web hosting client account.
If customers request that their details are deleted from our systems then we will no longer be able to provide services to them and will close their account with us.
Please contact us if you would like to amend or delete your information from our systems.
If you have any questions about the personal information we hold and how it is processed, please contact us.
Last updated February 2024