URGENT: Stripe payments are under-review and may take 3 - 4 hours to clear.
Privacy Policy - Primrose Hosts

Privacy Policy

This Privacy Policy ("Policy") governs the collection, processing, storage, and protection of personal data by Primrose Hosts ("we", "us", "our") in connection with the provision of hosting services. By using our services, you expressly acknowledge and consent to the practices described herein. Primrose Hosts is not certified under GDPR and all users are informed of this upon registration.

Comprehensive Privacy Policy

1. Legal Basis for Processing

Primrose Hosts operates in accordance with the principles established under the UK Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR). Personal data is processed lawfully, fairly, and transparently, for the purposes necessary to deliver hosting services, billing, support, and legal compliance. Users explicitly acknowledge that while we adopt GDPR-aligned practices, Primrose Hosts is not formally certified under GDPR or any equivalent privacy certification framework, and that non-certification does not absolve users of any legal obligations regarding the use of our services.

2. Personal Data Collection

Primrose Hosts may collect, store, and process personal data including, but not limited to: full legal name, email address, billing information, payment information collected via third-party processors (e.g., Stripe), account credentials, IP addresses, technical and device information, service usage data, and communications with support. This collection is limited to data necessary for the performance of contractual obligations and for compliance with applicable legal obligations, in line with Articles 5 and 6 of GDPR.

3. Purpose of Processing Personal Data

Personal data is processed for the following specific purposes:

  • Provision and maintenance of hosting, server, and domain registration services.
  • Management of user accounts and authentication.
  • Processing payments, subscriptions, and refunds exclusively through third-party payment processors (Stripe), as Primrose Hosts does not directly process payments.
  • Provision of customer support and technical assistance.
  • Compliance with statutory and regulatory obligations under UK and EU law.
  • Fraud prevention, network and service security, and detection of unauthorised access or misuse.

4. Third-Party Payment Processing

All payments are processed through Stripe, Inc., a third-party payment processor. Primrose Hosts does not store or transmit raw card data, and is not responsible for the collection, processing, or security of financial data handled by Stripe. Users acknowledge that Stripe’s privacy and processing policies govern payment information and agree to be bound by those policies. Primrose Hosts shall not be held liable for any security breaches, data loss, or disputes arising from Stripe’s handling of payment information.

5. GDPR Practices and Limitations

Primrose Hosts adopts GDPR-aligned practices, including:

  • Minimising collection and storage of personal data to only what is strictly necessary.
  • Implementing reasonable technical and organizational measures to protect personal data from accidental or unlawful destruction, loss, alteration, or unauthorized disclosure.
  • Allowing users to access, rectify, or request deletion of their personal data, subject to retention obligations, security, and legal compliance.

Users acknowledge that Primrose Hosts is not formally certified under GDPR, and accept any associated risks. Primrose Hosts shall not be liable for claims, fines, or penalties arising from its non-certification, provided that reasonable data protection measures are maintained in accordance with this Policy.

6. Data Sharing and Disclosure

Primrose Hosts will not sell, lease, or otherwise provide personal data to third parties for commercial purposes. Data may only be shared under the following circumstances:

  • With service providers who assist in service delivery, including hosting infrastructure, technical support, and billing processing (Stripe), subject to strict contractual obligations ensuring confidentiality and security.
  • To comply with applicable law, statutory obligations, or regulatory requests, including court orders and lawful government requests.
  • To protect the legal rights, property, and safety of Primrose Hosts, its users, or the general public.

7. User Rights

In accordance with GDPR Articles 15–21 and the UK Data Protection Act 2018, users have the following rights:

  • Right to access personal data held by Primrose Hosts.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”), subject to legal and contractual retention obligations.
  • Right to restrict processing under specific circumstances.
  • Right to object to processing of personal data where applicable.
  • Right to data portability, where technically feasible and applicable.
  • All requests should be submitted via our support ticketing system. Primrose Hosts shall respond within reasonable timeframes as required under GDPR.

8. Data Retention

Personal data is retained only for as long as necessary to fulfil contractual obligations, comply with legal requirements, resolve disputes, enforce agreements, or conduct legitimate business activities. Upon termination of services, data may be securely deleted or anonymised, subject to statutory retention periods under the UK Data Protection Act 2018 and applicable financial regulations.

9. Security Measures

Primrose Hosts implements appropriate administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, accidental loss, or unlawful destruction. No system can guarantee complete security. Users acknowledge the residual risk of data transmission over the Internet or storage and agree that Primrose Hosts shall not be liable for such risks beyond reasonable measures.

10. Minors

Primrose Hosts does not knowingly collect personal data from individuals under the age of 16. By using our services, users warrant that they are at least 16 years old or have obtained parental or guardian consent where applicable. In case personal data of minors is inadvertently collected, Primrose Hosts shall take reasonable steps to promptly delete such data upon discovery.

11. Amendments to Privacy Policy

Primrose Hosts reserves the right to amend or update this Privacy Policy at any time. Updated policies shall be posted on our website with immediate effect. Continued use of services constitutes acceptance of the updated Privacy Policy. Users are encouraged to periodically review the Privacy Policy for changes.

12. Governing Law and Jurisdiction

This Policy is governed by the laws of England and Wales. Any dispute arising from or in connection with this Privacy Policy or Primrose Hosts’ services shall be subject to the exclusive jurisdiction of the courts of England and Wales. Nothing in this Policy affects statutory consumer rights under the Consumer Rights Act 2015 or other applicable legislation.

13. Contact Information

For questions regarding this Privacy Policy, your personal data, GDPR practices, or Stripe payment processing, please contact our support team. All requests will be handled in accordance with applicable law.