Welcome to sam scott art. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how your personal data is collected, used, and disclosed when you use our website (the "Service"). By accessing or using the Service, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Personal Information

We may collect certain personally identifiable information ("Personal Information") that you voluntarily provide to us when you interact with the Service. This may include, but is not limited to, your name, email address, postal address, phone number, and other similar information.

1.2 Usage Data

We may also collect information that your browser or device sends whenever you visit the Service ("Usage Data"). This may include your IP address, browser type, browser version, pages of the Service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.

2. Use of Information

We use the collected data for various purposes, including:

• Providing and maintaining the Service.
• Notifying you about changes to our Service.
• Responding to your requests or inquiries.
• Sending promotional and marketing materials, where you have given your consent.
• Understanding and analyzing how you use the Service.
• Monitoring usage and technical aspects of the Service's performance.
• Detecting, preventing, and addressing technical issues or security breaches.

3. Legal Basis for Data Processing

We will only process your Personal Information if we have a lawful basis for doing so. This may include the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, the performance of a task carried out in the public interest or in the exercise of official authority, and legitimate interests pursued by us or a third party.

4. Sharing Your Information

We may share your Personal Information with third parties in various situations, such as:

• Service providers who assist us in operating the Service.
• Business partners for promotional and marketing purposes (with your consent).
• Legal obligations and law enforcement authorities.

5. Your Rights

You have certain rights regarding your Personal Information, including the right to access, correct, update, or delete your data. You may also have the right to restrict or object to the processing of your data. If you would like to exercise any of these rights, please contact us at [contact email].

6. Security

We take the security of your data seriously and implement appropriate measures to protect it. However, please remember that no method of transmission over the Internet or electronic storage is completely secure.

7. Cookies

Cookies are small files containing a string of letters and numbers sent by a server to a web browser and stored on your computer. They help us distinguish you from other website users and the following cookies may be used, with your permission.

7.1 Essential cookies

These cookies are necessary to enable the website to function efficiently and to allow the user to successfully navigate the website's pages.

7.2 Performance and analysis cookies

These cookies detail the number of users who visit the website and how they interact with it. These cookies help us to make improvements to the site and provide a better user experience.

7.3 Preference cookies

Preference cookies enable us to remember the choices a user makes, such as the language or region selected.

Please note, our service providers may use other cookies which may be placed on your computer when you visit sam scott art. Their cookie policy can be viewed at https://www.ionos.co.uk/cookies.

You can block or disable some or all cookies by changing the settings on your browser. Blocking all cookies including essential cookies may impede the performance of the website.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at sam@samscottart.co.uk.

data processing agreement

 1&1 IONOS Limited

Preamble

This Agreement specifies the data protection obligations of the contractual parties arising from the defined processing activities in which personal data belonging to Controller is processed by 1&1 in compliance with the General Data Protection Regulations (“GDPR”).

 “Controller” shall have the same meaning as set out in article 4 (7) of the GDPR.

 “Personal data” shall have the same meaning as set out in article 4 (1) of the GDPR.

 “Processing” shall have the same meaning as set out in article 4 (2) of the GDPR.

 “Processor” shall have the same meaning as set out in article 4 (8) of the GDPR.

 Products: Dedicated Server, Dedicated Hosting, Cloud Server, Virtaul Private Server (VPS), Dynamic Cloud Server, Virtual Server, Managed Cloud, Private Cloud, Cloud Backup

Web Hosting, WordPress Hosting, MyWebsite Now, MyWebsite Creator, MyWebsite Essential, MyWebsite, MyWesbite eCommerce, MyWebsite Now eCommerce, Social Buy Button, Shoplement, eShop, Website Design Service

Email Marketing, HiDrive Cloud Storage, Managed Nextcloud, Mail Basic, Mail Business, Hosted Microsoft Exchange, Email Archiving, MyBackup

1. Duration of the Processing on Behalf of the Controller

The term of this Agreement shall continue for the duration of the provision of the services.

2. Area of Application and Responsibility

2.1. In the provision of the services, Controller may choose to hold Controller’s customer personal data (“personal data”) at Controller’s own risk, on the platforms and data centres of 1&1. The only processing activities that may be performed by 1&1 are the storage of such personal data and any backups in order to provide continuity of service and disaster recovery. Such backups are merely for the aforementioned purpose and shall not be available to Controller.

2.2. Controller shall be solely responsible for compliance with the legal provisions of applicable data protection laws, in relation to such personal data, in particular the lawfulness of the data processing (“Controller” as defined under the GDPR).

3. Obligations of the Provider

3.1. To the extent that 1&1 shall be considered a processor of Controller’s customer personal data.

3.2. Any additional processing of personal data shall only be in accordance with instruction from Controller, unless an exception applies as defined in the GDPR. 1&1 shall promptly inform Controller if it believes that an instruction of Controller violates applicable laws. In such cases, 1&1 reserves the right to refuse Controller’s instructions.

3.3. 1&1 shall implement technical and organisational measures to protect Controller’s customer data and to ensure the confidentiality, integrity, availability and capacity of the systems and services. 1&1 shall be obliged, in accordance with the GDPR, to implement a procedure for regularly reviewing the technical and organisational measures designed to ensure the security of the processing.

3.4. 1&1 reserves the right to alter the agreed security measures, provided that any such amendment ensures that the agreed level of protection shall not me materially diminished.

3.5. 1&1 agrees to reasonably assist Controller in respect of any requests and claims in accordance with the GDPR.

3.6. 1&1 shall ensure that employees, subcontractors and affiliates who may be involved in the processing of Controller’s data shall act in accordance with this Agreement.

3.7. 1&1 shall inform Controller promptly if 1&1 becomes aware of any breaches which affect Controller’s personal data.

3.8. 1&1 shall, once notified in writing, inform Controller of any request for disclosure of personal data by authorities, unless expressly prohibited under applicable laws.

3.9. Controller may contact the Data Protection Officer by sending an email to privacynotice@1and1.co.uk.

3.10. At termination of services, all customer data, personal or otherwise, shall be deleted (including the pseudonymisation of data) within an appropriate time, in accordance with applicable laws.

3.11. In the event of a claim against Controller regarding any of the rights defined under the GDPR, 1&1 shall provide reasonable assistance to the Controller to avert any such claim.

4. Obligations of Controller

4.1. Controller shall inform 1&1 of any issues with respect to data protection laws promptly.

4.2. Controller acknowledges that 1&1 shall ensure reasonable security and organisational measures to protect their personal data. Controller shall also agree to undertake similar security measures to ensure the protection of their personal data hosted on the 1&1 platforms and data centres.

4.3. In the event of a claim against Controller regarding any of the rights defined under the GDPR, this Agreement shall apply accordingly.

4.4. Controller acknowledges and agrees that 1&1 has no knowledge of the retained personal data or how such personal data shall be utilised and therefore, no awareness of how such personal data shall be processed, other than as stated in clause 2.1 above.

4.5. It is Controller’s duty to ensure that appropriate backups are retained in relation to the personal data described in this Agreement.

5. Requests from Data Subjects

In the event 1&1 receives a request for correction, deletion or information, 1&1 shall refer such requests to Controller, provided that Controller may be identified. 1&1 shall provide reasonable assistance to Controller. 1&1 shall not be liable in the event the request not be answered at all, not be answered correctly or not answered promptly by Controller.

6. Subcontractors (Additional Processors)

6.1. 1&1 may require subcontractors for maintenance, management of the data centre structure, telecommunication services and for provision of the services.

6.2. A list of subcontractor companies currently in use, including place of business, shall be available to Controller in the Control Panel.

6.3. In the event 1&1 uses subcontractors, it is 1&1’s responsibility to transfer its data protection obligations from this Agreement to the subcontractor. 1&1 retains full responsibility for the subcontractors in respect of this Agreement.

7. Notification Obligations, Amendments and Jurisdiction

7.1. In the event the personal data of Controller is located within the 1&1 data centres and suffers the risk of seizure by insolvency proceedings, law enforcement of any other such event, 1&1 shall notify Controller promptly, if permissible by law. 1&1 shall promptly inform all entities involved in the matter that the ownership and control of the data lies exclusively with Controller, as defined in the GDPR.

7.2. Changes or additions to this Agreement may be amended at any time.

7.3. Should any conflicts arise, the provisions of this Agreement shall take precedence over the provisions of any other agreement or terms. Should any clause of this Agreement be found invalid, this shall not affect the validity of the rest of this Agreement.

7.4. The laws of England and Wales shall apply.

7.5. This Agreement supersedes all previous agreements or terms in relation to this subject.

8. Liability and Compensation for Damage

Controller and 1&1 may be liable for claims in accordance with the provisions of the GDPR.

9. Miscellaneous

This Agreement shall be in conjunction with 1&1’s General Terms and Conditions