Privacy Policy
Version 1.0 - Last Updated: 31st July 2024
As an online technology service provider, using personal information is the foundation for what we do and this privacy policy sets out how we collect, use and share your information. It also tells you your rights, and explains how to exercise them.
In some cases, we need to make changes to our privacy policy to make sure it’s up to date. We’ll let you know of any major changes.
What we mean by ‘we’
When we use words like ‘Carbon’, ‘we’, ‘us’ or ‘our’, we mean Carbon Host. When we mention our ‘Group’ or ‘Flyte’, we mean the company that manages Carbon Host, and any businesses affiliated with, owned or managed by Flyte.
Flyte is a controller of your data, in all of the circumstances explained in this policy, unless we’ve identified another organisation or company as a controller. You can find ways to contact Carbon Host, and Flyte, in the “Getting in touch with us” section at the bottom of this privacy policy.
What we mean by ‘you’
When we use words like ‘you’ or ‘your’, we’re talking about the individual or organisation whose information we are collecting, using or disclosing. This may be because you:
- Are currently, or have been, a customer with Carbon Host
- Are looking to buy our products or services, or we think you may be interested
- Visit any of our or our group’s websites
- Have a working relationship with us (such as being employed by a supplier, regulatory body or a media/press outlet)
- Have taken part in a competition or survey ran by us or one of our group
Carbon Host’s relationship with Flyte
Carbon Host operates as a trading name of Flyte Labs LTD. This means that Carbon Host is part of a group of companies and businesses, who can offer you a variety of products and services, and in some cases, benefits.
To efficiently conduct business operations and maintain our relationship with you, we may share your data within our group of businesses.
Because Carbon Host is a trading name, this means that Flyte decides on how your personal information is collected, used, and stored.
When we mention Flyte, we are referring to Flyte Labs LTD, registered under company number 14161156, with its Head Office located at 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ.
What this policy doesn’t cover
This policy doesn’t cover your information being used by:
- Any companies or businesses who aren’t associated with us, or our group, but advertise or sell our products and services through websites and platforms which use information collected by cookies and similar technologies such as Twitter, or Discord.
- Any companies or businesses who aren’t associated with us, or our group, but whose services or products you access via us, such as third-party service authentication, or clicking on links on our website that redirect you to a website that we don’t operate or manage.
- Some of our group’s websites or services. Whilst we aim to streamline the Privacy Policy across our group’s, sometimes this isn’t possible.
If the usage of your information isn’t covered in this policy, then you will need to go to those organisations’ privacy policies for more information on how they use your data.
Information we collect, and how we use it
Any, and all, of the information we collect about you is used for genuine and/or lawful purposes, or with your consent. We use your information for the following:
- To help us create, and develop our products, services and promotional offers
- To talk to you about the products and/or services that us, or our group offer through different marketing channels or any benefits you have by being a customer with us, or our group
- To manage your account with us, or to finalise contractual agreements
- To ensure we perform our obligations and provide the best possible service
- To continue developing, managing and maintaining our business and group
How we collect the information we use
There are various ways we collect your information, and we’ll always be honest and upfront about these methods.
-
Directly from you
- Most information that we collect and store is provided to us, or our group, by you. This information is provided to us when:
- You’re browsing our sites, or finding out more about what we offer, and have thought about becoming a customer with us
- You’ve taken out one or more of our products or services, or have entered a contractual agreement with us
- You have set up and managed an account with us
- You have contacted us directly - this is through any method of communication with our team, which are all monitored, recorded and stored. We use these communications for training and quality purposes, but to also maintain our operational needs and regulatory compliance
- You’ve visited our website, or any of our services
- You participate in a competition or promotional offer that we are running
- Most information that we collect and store is provided to us, or our group, by you. This information is provided to us when:
-
Indirectly from others
- Some information we collect and store may be from another person or entity. When we obtain personal information from a source other than us, or our group, we perform due diligence and checks beforehand to ensure we’re receiving and using your information in line with our data protection obligations. We currently obtain information from the following sources:
- Other companies we work with to market and sell ours, or our group’s products and services
- An existing customer of our site, or one of our groups, who wishes to refer you
- People, or entities, who you’ve authorised to have access to your products or services
- Fraud prevention agencies
- Address verification services
- Payment services
- Third-party accounts such as a solutions provider, or an agency who collect client or prospect data, and pass it on to us, or our group
- Some information we collect and store may be from another person or entity. When we obtain personal information from a source other than us, or our group, we perform due diligence and checks beforehand to ensure we’re receiving and using your information in line with our data protection obligations. We currently obtain information from the following sources:
-
From your use of the products and services our business, or group provides
- You create information when you use our products and services. This information is generated in various ways. These ways are listed below:
- Visiting our websites will use cookies and similar technologies to gather information about your visit. The majority of the cookies we use are vital for our website to function, and some remember details about you to make sure you can use our websites seamlessly. Some data from these cookies and similar technologies help us to create new content, personalise offers for you and in some cases, help us advertise our products
- Using our products and services will also provide us with traffic and behavioural data, and these can relate to:
- Your use of our services
- Billing and financial transaction data
- Information about how you interact with our cloud platforms, including data creation, storage, and management
- Data related to the performance of our services, including usage statistics and system performance to optimise and enhance your experience
- Payment, billing, and financial transaction data to ensure accurate billing and transparency
- Security-related information such as login credentials, access logs, and activity monitoring to maintain the safety and integrity of our platforms
- Details about your current service setup and connected hardware to facilitate service upgrades and maintenance
- Information about your interactions with our support team, including support requests and resolutions to ensure exceptional service
- You create information when you use our products and services. This information is generated in various ways. These ways are listed below:
Who we share your information with
We’ll need to share the data we hold about you with other entities, but we only do this if there is a regulatory obligation to do so, or where there’s a legitimate need to share this information. When sharing your information, we perform various checks and due diligence to ensure suitable measures are in place to keep your information secure.
- Suppliers to us, or our group
- We use various suppliers to ensure we can keep things running smoothly:
- IT service companies
- Payment service providers
- Customer service providers
- Other companies in our group who provide services to us, or where they provide services on our behalf
- We use various suppliers to ensure we can keep things running smoothly:
- Data that is shared for other purposes
- We share your information with other entities, that do not supply services to us, where there is a legitimate reason to do so:
- Fraud prevention agencies
- Organisations undergoing acquisition, restructure or merger with us, or a business in our group
- Enforcement authorities and Courts
- Entities you ask us to share your information with
- Other companies in our group
- We share your information with other entities, that do not supply services to us, where there is a legitimate reason to do so:
How long we keep hold of your information
Whilst we collect and store your data safely, we ensure to only keep it for as long as we need it. If we no longer need your information, we’ll securely destroy, or anonymise it. We take into account the following factors when deciding on the time period that we store information for:
- Any legal obligations requiring us to keep information for a set period of time
- Whether the purpose(s) we have for requiring your information are still valid
- Unless you ask us not to, we store standard information such as your full name and contact details for up to two years after discontinuing your product or service with us
- Potential, or active, disputes or regulatory/legal proceedings
- Guidance issued by the Information Commissioner’s Office
The rights you have on your information, and how to exercise them
Whilst GDPR legislation only applies to customers in the United Kingdom, and those in the European Union, we believe that all customers should be able to control their personal data - so even if you are outside of the United Kingdom, or European Union, you can get in touch to manage your preferences.
-
Manage your consent
- Where we are using information for purposes other than marketing, where we can offer consent, you have the right to withdraw your consent at any time by contacting using the details in the “Getting in touch with us” section below. Withdrawing consent does not invalidate the use of information we have collected prior to the withdrawal request, and remains valid.
-
Manage your marketing preferences
-
We’d love to keep in touch with you to make sure you don’t miss any upgrades, or offers available to you from us, or our group. We only send communications relevant to you and/or your products and services, and we’ll never overwhelm you.
-
You can manage your marketing preferences directly in your online account. If you don’t have any active products or services with us, you’ll need to contact us using the details in the “Getting in touch with us” section below.
-
You also have a legal right to object to your information being used for direct marketing, and not just marketing communications.
-
-
The right to be informed
- We’ll always provide you with clear and easily understood information about how we use your data, and the rights you have. All this information can be found right here in our Privacy Policy. If you have any questions, please contact us using the details in the “Getting in touch with us” section below.
-
The right to rectification
- If the information we have about you is incorrect, inaccurate or incomplete, please contact us using the details in the “Getting in touch with us” section below and we’ll work to get this rectified as soon as possible.
-
The right of access
-
If we’re processing your data, you can obtain access to this information, and certain other pieces of information about how we’re using your information.
-
You can request a copy of your information by contacting us using the details in the “Getting in touch with us” section below. Your first request will always be free, but any future requests may be subject to an administrative charge, which will be discussed with you beforehand.
-
-
The right to erasure
- In some circumstances, you can request the deletion or removal of your data where there is no reason for us to keep, or use, it. This is sometimes known as “The right to be forgotten”, and can be requested by contacting us using the details in the “Getting in touch with us” section below.
-
The right to restrict processing
-
In some circumstances, you can restrict further use of your information by us, or one of our group. When you have requested us to restrict processing, we can still store your personal information, but may not use it further.
-
To ensure we restrict future processing of your personal information, we keep a secure list of people who’ve requested this. This can be requested by contacting us using the details in the “Getting in touch with us” section below.
-
-
The right to data portability
- You have the right to obtain and reuse the personal information we hold on you for your own personal use across different services - for example, if you wish to move to a new service or product supplier. This will allow you to move, copy or transfer your relevant information easily between our systems, and theirs securely, without affecting its usability such as your name, and address.
-
Your rights in relation to automated decision making and profiling
-
Sometimes, we make automated decisions based on the information you’ve supplied to us, or that we have collected from other entities. This can assist us in making decisions that are fair, quick and correct, based on what we know about you.
-
We’re committed to ensuring that decisions are fair, and transparent when using technology that makes decisions, or builds a profile about you. This technology uses various forms of logic, such as analysing your preferences and how you use our products and services to make decisions more relevant for you, and allowing you to get more out of our products and services.
-
Because of this, you may regularly receive personalised communications from us such as offers and promotions, product recommendations, etc.
-
These decisions can sometimes affect the products and services that we, or our group may offer you. If a decision doesn’t quite seem right, we’ll ensure a manual review from one of our human teams.
-
In some circumstances, you have the right to object to our use of technologies that provide automated decision making but please note that this may affect our ability to provide you with a suitable level of customer service, and also our ability to provide you with some products, financing and services.
To read more about your rights to object to certain forms of processing, please check out the ‘Right to Object’ section below.
-
-
The right to object
- In some circumstances, you have the right to object to your data being used by us. This may include processing your data for direct marketing, and automated decision making. This can be requested by contacting us using the details in the “Getting in touch with us” section below.
Getting in touch with us
If you have any queries relating to your products or services, please contact our team via the Support function in your account, and we’ll be happy to help.
If you have any queries or concerns about this Privacy Policy, or wish to exercise your rights, please contact Carbon Host directly by emailing contact@carbon.host, who will direct your communication to Flyte for further review.
If you feel our response doesn't fully address your questions or concerns, or you believe our information processing doesn't align with data protection regulations, you can raise a complaint with the Information Commissioner's Office (ICO) here: https://ico.org.uk/global/contact-us/
If you have access to one of our products or services, but you are not the primary user, or an organisation administrator, we’ll need prior authorisation to discuss any account details with you. We’ll never divulge information to anyone, unless we know who they are, and the necessary security checks have been completed.