For purposes of this policy, the term "visitor" includes visitors to our website who are not yet customers, those who become customers, as well as those who do not become customers; whether you upload information to our website, download it, or are merely visiting our website. You can choose not to provide certain information when using our website but then you might not be able to take advantage of many of its features.
What do we collect and where?
The personal information we collect may include: your name, contact information, financial information, IP addresses, Live Chat Messages, Telephone conversations, product and service selections and orders or other things that identify you individually. Generally, we may collect personal information in the following manners:
- You may provide your personal information to us via chat, email or other written correspondence, telephone calls, web based forms, or other means;
- Purchases of services on our website; and
- Via third party providers.
You may visit our Website in any of the following ways:
- By using your browser to navigate to www.cronosinternet.co.uk;
- By viewing an advertisement displayed on a third party website that is served content by our web server;
- By viewing an email that is served content by our web server;
When you visit our website, our server logs your IP address (unique network address), the time and duration of your visit, and the time and duration of the pages on our website you view. If you arrive at our website by clicking a paid advertisement (including a paid search engine result) or a link in an email, then we will capture information that tracks your visit from that link. If you arrive at our website by clicking a non-paid source, such as link in a non-paid search engine result or an unsponsored link on another website, we may capture information that tracks your visit from that source, to the extent we are able to do so. We may also capture information about your computer system, such as your browser type and operating system.
We will likely place a cookie on your hard drive during the web visit. A cookie is a unique alphanumeric identifier that we use to help us identify the number of unique visitors to our website, whether or not those visitors are repeat visitors, and the source of the visits. Cookies cannot be executed as code or used to deliver a virus. Other servers cannot read them and personal information cannot be gathered from them. They are simply an identifier shared between you and us to allow us to improve the services we offer to you through our Website.
We will not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.
Our services are directed towards users in their business capacity and are not designed for or directed to children under the age of 18, and we will not intentionally collect or maintain information about anyone under the age of 18.
Where We Keep Your Data - Security
The security of your personal data is a very major concern for us. We have legal obligations to keep it safe and handle it with care and the penalties for not doing so are very high.
We store your personal data securely in two geographically separated locations in the UK so that it cannot be lost in the event of a catastrophic failure in our data centres or systems.
What do we use this information for?
We may use personal information to process service requests, handle orders, deliver products and services, process payments (and for your safety, this includes verifying credit card details and fraud screening checks), communicate with you about orders, provide access to secure areas of the website, recommend merchandise and services that might be of interest to you, to personalise your visit to our website, and to enable us to review, develop and continually improve the products services and offers we provide online. We also use this information to prevent or detect fraud or abuses of our website and to enable third parties to carry out technical, logistical or other functions on our behalf.
We use visitor information to send information about our company to visitors and to get in touch with them when necessary. We also use the information we collect to improve the content of our websites and as training aides for our employees. Visitors are given the choice at the point when we request their information.
We do not directly ask visitors to enter credit card or account information in order to process orders for services placed with Cronos. Financial information is collected and processed by a payment provider, encrypted for its protection prior to its transmission over the internet. Credit card numbers are used only for processing payments and are not used for any other purposes. When we use third party service providers for credit card processing services and fraud screening we will enter into a written agreement with such third party ensuring appropriate security and confidentiality measures are in place to safeguard your personal data.
We use web visit information to measure interest in and develop our web pages and marketing plans, customise the content you view on your web visits based on your activity on past visits, and administer our website.
We use the visitors’ IP address to help diagnose problems with our servers, and to administer our websites.
GDPR Specific Processing
The permitted Legal Bases for processing are set out in article 6 of the GDPR. At least one of these must apply whenever we process your personal data:
Consent: you have given clear consent for us to process your personal data for a specific purpose (for example, marketing)
Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
Here is a list of the ways that we may use your personal information, and which of the Legal Bases outlined above we rely on to do so.
Cronos Hosting: To supply you with Cloud-based services (Contract)
Customer Services: To provide you with customer services and technical support via phone, email or LiveChat (Legitimate Interest)
Service Notifications: Informing you of regulatory changes, service changes, maintenance periods etc (Legitimate Interest)
Marketing Informing: you of new products, services and offers (Consent)
Website Analytics: To obtain statistics on the usage of our website (Legitimate Interest)
Who We Share Your Information With And Why
Cronos works with a number of trusted suppliers to provide the high quality services you expect from us. In all cases our suppliers have been carefully vetted and only the minumum personal data is shared in order to fulfil your orders or provide the services you have requested.
Your data may be shared with the following categories of third parties:
Payment processors - to enable you to make payments for our products and services.
Supply Chain Providers - eg Domain Name, SSL and Software providers when you order these types of products and services through us.
Website analytics - We use Analytics to supply statistics on the usage of our website.
We also have a legal obligation to share data in response to properly made requests from Law enforcement agencies - for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires us to, such as in response to a court order or other lawful demand or powers contained in legislation.
How Long Do We Keep Your Personal Data?
We keep your data while you have an account with us, and sometimes for a longer period, depending on whether there are legal or regulatory reasons for doing so.
Contact details, account details and payment history must be retained for seven years.
Transfers To Third Countries
At Cronos your data is stored in our secure data centres which are located in the United Kingdom. Your information will not be transferred to a third country (defined under the GDPR as a country outside of the European Economic Area).
Right to access your personal information
You have the following rights under the GDPR:
The right to be informed. Individuals have the right to be informed about the collection and use of their personal data. This privacy notice fulfils that requirement.
The right of access. All of the information we have about you can be requested from our Support team on firstname.lastname@example.org.
The right to rectification. If you find an error in your data that you cannot rectify yourself, please contact our Support team on email@example.com.
The right to erasure. In certain circumstances, you have the right to request that we delete personal data held on you. This does not apply if we have a legal reason for retaining it.
The right to restrict processing. In certain circumstances, you have the right to ask us to 'restrict processing of data'. This means we would need to secure your data but not otherwise use it. In practice this would involve suspending your account and therefore your access to our services.
The right to data portability. You have a right to obtain some of the personal data we hold on you in a 'structured machine-readable' format. This information is available in clear text if requested.
The right to object. You have the right to opt-out of any communications that we may wish to send you. You can change your preferences at any time by contacting us.
Rights related to automated decision-making including profiling. Cronos does not apply any automated decision-making or profiling to any of your personal data.
If you have any questions about how Cronos uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact our Support team on firstname.lastname@example.org.
You have the right to lodge a complaint with the Information Commisioner's Office. Further information, including contact details, is available at https://ico.org.uk
The GDPR makes a distinction between organisations that process personal data for their own purposes, known as 'Data Controllers', and organisations that process personal data on behalf of other organisations, known as 'Data Processors'.
Cronos is a Data Controller, registered in England under registration no. ZA073495, with a registration address of