1. Who we are
DigitalCloud Ops Ltd ("we", "us", "our") is the data controller for personal information processed via our website, consultancy services, and software products. We are registered in England & Wales under company number 12110785, with registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.
For any privacy-related question, contact us at office@digitalcloudops.com.
2. What data we collect
We collect the following categories of personal data:
2.1 Information you provide directly
- Account information — name, email address, password (hashed), company name where applicable.
- Communication data — the content of emails or messages you send us.
- Billing information — billing address, VAT number, and payment-method metadata. Full payment card details are processed directly by our payment provider (Stripe) and never stored on our systems.
- Customer Data — content you submit or store within our Products.
2.2 Information collected automatically
- Usage data — pages visited, features used, timestamps, approximate location derived from IP address.
- Device data — browser type, operating system, screen size, language.
- Log data — IP address, request URLs, response codes, and other server-side logs required for security and debugging.
3. How we use your data
We process personal data to:
- Provide and operate our Products and Services;
- Process payments and issue invoices;
- Respond to enquiries and provide customer support;
- Send service-related communications (transactional emails, security notices);
- Detect, prevent, and address fraud or abuse;
- Comply with legal obligations (accounting, tax, regulatory);
- Improve our Products through aggregate, non-identifying analytics.
4. Legal bases for processing
Under UK GDPR, we rely on the following legal bases:
- Contract — where processing is necessary to deliver the Services or Products you have requested.
- Legitimate interests — for security, fraud prevention, service improvement, and direct communications with existing clients about related services.
- Legal obligation — for accounting, tax, and regulatory record-keeping.
- Consent — for any optional analytics or marketing communications, which you may withdraw at any time.
5. Cookies & analytics
Our website uses a minimal set of essential cookies required for navigation and security. We may also use privacy-respecting analytics to understand aggregate usage patterns. We do not use third-party advertising cookies.
You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of certain features.
6. Sharing & subprocessors
We share personal data only with carefully selected service providers ("subprocessors") that help us operate the business. Each subprocessor is bound by a data-processing agreement and is permitted to process data only for the specified purpose. Current subprocessors include:
- Stripe Payments Europe Ltd — payment processing.
- Cloud infrastructure providers — Amazon Web Services (AWS) and Google Cloud Platform (GCP), used to host our Products.
- Email delivery — transactional email providers used for service notifications.
- Accounting — UK-based accountancy services for tax and bookkeeping.
We do not sell personal data to third parties. We disclose data to public authorities only where compelled by law.
7. International transfers
Some of our subprocessors are located outside the United Kingdom. Where personal data is transferred internationally, we ensure that appropriate safeguards are in place — typically through the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or an adequacy decision recognised by the UK Government.
8. Data retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Typical retention periods:
- Account data — for the duration of the account plus 90 days after deletion.
- Billing records — at least 6 years, as required under UK tax law.
- Server logs — typically 30 to 90 days.
- Marketing communications — until consent is withdrawn.
9. Your rights
Under UK GDPR, you have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete information.
- Erasure — request deletion of personal data, subject to legal retention obligations.
- Restriction — limit how we process your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — where processing relies on consent, withdraw it at any time.
To exercise any of these rights, email office@digitalcloudops.com. We will respond within one month.
10. Security
We implement technical and organisational measures appropriate to the risk, including encryption in transit (TLS), encryption at rest for sensitive data, access controls based on the principle of least privilege, regular security reviews, and audit logging.
Despite these measures, no system can be guaranteed to be perfectly secure. If we become aware of a personal data breach likely to result in a risk to your rights, we will notify you and the relevant supervisory authority as required by law.
11. Changes to this policy
We may update this policy from time to time. Material changes will be communicated by email to active customers and posted on this page with an updated "Last updated" date. Continued use of our Services after the effective date constitutes acceptance of the revised policy.
12. Contact & complaints
For any privacy-related question or to exercise your rights:
DigitalCloud Ops Ltd
Email: office@digitalcloudops.com
Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Company number: 12110785
If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or by calling the ICO helpline on 0303 123 1113.