Updated on: December 28, 2020

Summary

We take data collection and data security serious at SonicWP.

For your convenience only, we have summarised the key points of our policy here (including those listed in our Data Processing Addendum). This summary does not constitute a legally binding policy. We encourage you to consult the full policy in the sections below.

We collect only the data that we need to provide our services to you. From the client, we collect, process and store personal data like billing address, payment info, and contact details, for the purposes of legal contracts, collecting payments and other administrative functions. This data is held beyond your Agreement with us – for legal and tax purposes.

From the End Users of your websites, i.e. the visitors to your site, we collect data like their IP address, geolocation, URLs on your website that they load, for the purposes of providing you with analytical reports, but also for identifying and blocking spam and malicious users. This data is held for 3 months, and then anonymised and held only for as long as you are a client with us.

SonicWP does not sell either of these types of data to anyone. We do however have to ‘share’ the data with some third-parties. For example, to collect your monthly payment, we have to share your details with our payment processor, who in turn collects payment from your bank account. Another example is for spam detection, we share the IP address of visitors to your website with spam-detection providers, who tell us if that IP address is known to be a spammer.

Where SonicWP uses third-parties, we ensure that our agreement with them ensures that they in way process or store data that we share with them for any purpose other than what we want them to do.

1. Introduction

SonicWP (hereinafter, “SonicWP,” “we,” “us,” or “our”) provides managed WordPress hosting services, software, and support through our website, and other related applications, services, and personnel (collectively, the “Services”).  IF YOU ARE PURCHASING OR USING OUR SERVICES IN ANY WAY, PLEASE READ OUR TERMS OF SERVICE FOR DETAILED INFORMATION ABOUT YOUR LEGAL OBLIGATIONS. 

This Privacy Policy (the “Policy”) provides information on how we collect, process, and share the personal data (also referred to as personal information) of individuals who are external to our organisation, including but not limited to our clients, potential clients, affiliates, website visitors, and service providers and their respective representatives (referred to in this Policy as “you” or “your”). 

For the avoidance of doubt, this Privacy Policy does not apply to data collected by our clients who use our Services to create and manage their own websites. If data is collected and processed by our client or its website, the client controls such data. Please contact the owner or operator of the applicable website directly for information about its privacy policies and how it processes personal data.

This Policy is a part of the Terms of Service, Data Processing Addendum, and other relevant policies and agreements located on SonicWP’s website at https://www.sonicwp.com/legal/ (collectively, the “Agreement”).  

After reading this Policy, if you have additional questions or would like further information, please contact us at [email protected].

2. Personal Data We Collect and How We Use It

As further explained below, we collect and process personal data only for lawful reasons, such as when the processing is necessary to perform our Services, like the Terms of Service, and our legitimate business interests, such as improving, personalising, marketing, and developing the Services and promoting safety and security.

3. Information You Provide to Us

Account and Payment Data: If you set up a SonicWP account through our Services or otherwise engage with SonicWP, you provide basic contact and/or account setup information, such as your name, email, address, company information, username, password, and payment information. Please note that we do not store your payment information, but the third-party payment processors we engage may retain your payment information in accordance with their own privacy policies and terms.

Website Comments and Posts: When you leave a comment, forum post, or contribute an article on our website, you have the option to provide a profile picture (or “Gravatar”), display name, website (URL), and other content or information at your option. Please note that any information you post to our public website will be publicly available.

Inquiries and Other Data: When you contact us through our live chat, online contact form, support portal on our website or through email or any other communication mechanism, you typically provide your name, email, the subject matter of your inquiry, and any other information you choose to provide at your option. This also applies to other support channels, including and not limited to Google Hangout, Skype, Slack and Whatsapp.

No Sensitive Information: Please do not provide any highly sensitive personal data when using the Services or communicating with us – such as social security numbers, health or medical information, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or data concerning a person’s sex life or sexual orientation. We do not intentionally process highly sensitive personal data and reserve the right to reject or delete it.

4. How We Use Data Provided by You

Provide, Improve, and Maintain the Services: We use the data you provide to set up your account, provide the Services, receive or make payments, and communicate with you about your account and the Services.   

Market the Services: We may use your information to market and promote our Services.  You may opt-out of marketing communications at anytime by contacting us at [email protected] or clicking the “Unsubscribe” button in the applicable communication. Unsubscribing from marketing communications will not stop us from sending you important communications about your account with us.

Protect You and the Services: We use the information we collect to promote the safety and security of the Services, our clients, and other parties. For example, we may use your information to authenticate users, facilitate secure payments, protect against spam, fraud, and abuse, respond to a legal request or claim, conduct audits, or enforce our Terms of Service or other terms and policies that may be in effect.

5. Information We Collect Automatically

We collect certain information via cookies and similar automated means when you use the Services, some of which may be personal data. Cookies and similar technologies do not gather your unique personal data, like name, date of birth, gender, or email. Rather, the information collected by cookies and other automated means is generally about your devices and your activities on your devices, such as search history, IP address, browser used, operating system and settings, access times, opens, clicks, and downloads of our email, and referring URL. If you are using a mobile device, we may also collect data that identifies your device, settings, and frequency of usage. This data may be collected by or shared with our third-party analytics, advertising, and anti-spam partners.

We also collect data from the visitors to websites hosted with us by our Clients. This data is collected for the purposes of analytical reports presented to the Client by SonicWP, and for anti-spam, security and usability research purposes. SonicWP does not in any way store or sell this data for its own gains. Individually identifiable data (Browser fingerprint, IP address and Geolocation) is usually stored for 3 months, while the anonymised aggregate data, for analytical reports, is stored for the duration that the Client remains with SonicWP.

6. How We Use Data That Is Collected Automatically

SonicWP and its service providers use the automatically collected data described above to provide, advertise, and improve the Services, including to keep track of your preferences and profile information, customize services and content, measure the effectiveness of promotions and digital communications, place our advertisements on other websites, estimate your general location and time zone, protect against malicious activity and spam, and to secure your accounts.   

Visitors to our website have options to control or limit how we or our partners use cookies and similar technologies. For more information, please see www.allaboutcookies.org/cookies.

7. Information We Receive from Third Parties

From time to time, we may collect personal information from third parties such as public websites, social networks, and marketing partners. This information may include names, contact information, email, professional or employment information, and other information which is publicly available.

We may use information collected from third parties for our own promotional or marketing purposes, such as sending prospective clients emails about our Services.

You may opt-out of marketing communications at any time by contacting us at [email protected] or following the “Unsubscribe” instructions included in the applicable communication.

8. How We Share Your Information

SonicWP does not sell, rent, or lease your personal data to third parties.  We only share your personal data with the following types of service providers for the sole purpose of providing, improving, promoting, and securing the Services:

  • IT/cloud service providers to store and secure your personal data
  • Email and communications processors so we can communicate with you about the Services
  • Payment processors to collect your fees and process payments
  • Contractors to provide, market, and improve the Services and answer your questions
  • Analytics, tracking, and measurement partners to help us improve the Services
  • Advertising partners to place our ads on other websites you visit and manage our web advertising campaigns
  • Marketing partners to send you marketing and promotional communications about our Services

We also may share your information as required by law, to investigate potential illegal activities or violations of our Terms of Service or other agreements, to protect the security of our Services and users, or as a result of a merger, acquisition, or assignment with a third party.

9. Controlling Your Account and Your Rights

To submit a question or concern about how to control, modify, or delete your account or data, contact us at [email protected]. Depending on your location, you may have certain legal rights regarding your personal data, including:

  • You may request access to your personal data and obtain information about our processing of your personal data, with whom we share your personal data, and your rights.
  • You may request that we restrict our processing of your personal data.
  • You may object to our processing of your personal data.
  • Where we process personal data based on your consent, you may withdraw your consent.
  • You may correct personal data that is inaccurate or incomplete.
  • You may request that we delete your personal data or provide a copy of it to you. 

We may request proof of your identity before acting upon any request. 

To submit a question or concern about your rights, please contact us at [email protected]. If you live in the EEA, UK, or Switzerland, and you are unsatisfied with our response, you have the right to lodge a complaint regarding your personal data with an applicable supervisory authority.

10. How We Protect and Store Your Information

We maintain reasonable administrative, technical, and organisational safeguards designed to protect against loss, misuse, or unauthorised access, disclosure, alteration, or destruction of the personal data that we collect from you. We restrict access to personal data collected about you to our employees, contractors, and certain third-party service providers as discussed above.

Please note, however, that no website or storage mechanism can guarantee 100% security. 

Generally, we store your personal data for as long as required to provide the Services to you, and when you cancel your account, we take reasonable steps to delete your personal data within a reasonable period of time.  Sometimes, we may retain your information for a period of time after account cancellation to allow you to efficiently reinstate your Services account, if you so choose. 

We may retain certain personal data after you cancel your account to the extent necessary to comply with our legal and regulatory obligations, for the purpose of fraud monitoring, detection and prevention, and for our tax, accounting, and financial reporting obligations. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law. 

11. Children

Our Services are intended for adults 18 years of age or older. We do not knowingly collect personal data from children under 16.

If we learn that we have collected any personal information from a child under 16, we will take reasonable steps to delete such information. Parents or guardians who believe that their child has submitted personal information to us and would like to have it deleted should contact us at [email protected].

12. International Transfers

The personal data we collect within your country may be transferred outside of your country to SonicWP or its third-party contractors or service providers (mentioned above) for the purposes described in this Privacy Policy. As required by law, we rely on Standard Contractual Clauses (SCCs), adequacy decisions, appropriate safeguards, or derogations when we transfer personal data across international borders.

As we are a UK-based entity, your data is protected in-line with British data protection laws, which to an extent tracks the EU’s GDPR legislation. Please note that the UK government has not restricted or placed conditions on data transfers from the UK to the EEA or countries deemed by the European Commission to have adequate levels of data protection, after the UK’s exit from the EU, and deems SCCs appropriate mechanisms for governing data transfers outside of the UK and EEA.

Please consult our Data Processing Addendum as well as SCCs covering data protection, which form part of your agreement with us.

13. Links to Other Websites

We may provide links to other websites as a service to you or in order to provide you additional venues in which you can leverage or share the opportunities of the Services. Please be aware that we do not control and are not responsible for their information collection, use, and disclosure practices. 

Please review and understand their privacy practices and policies, if any, before providing any personal data to them or using any of their services. We are not responsible for the content or information of these third-party sites, any products or services that may be offered through them, or any other use of the sites.

14. Changes to Our Privacy Policy

If we modify this Privacy Policy, we will post the updated version via our Services. It is your responsibility to periodically review this Policy, and you are bound by any changes to it by using our Services or continuing to affiliate with us after such changes have been posted.

15. Contact

Should you require to contact or write to us in relation to our policies, please email [email protected] or send us a letter at the address provided here.