Heart Internet Data Protection and Privacy Notice

Last Revised: 08/12/2023

To view our archived Notice, click here. 

This Data Protection and Privacy Notice (“Notice”) describes Heart Internet’s core data protection and privacy practices.  

As described below, 

  • website visitors can manage their data protection and privacy preferences directly through this notice by using ‘Manage your cookies’ below, 
  • customers can manage their Marketing and Advertising Preferences in their Contact Preferences page, and 

you can always reach us at privacy@heartinternet.uk or by mail at the addresses listed under ‘Contact Us’ at the end of this notice to exercise your rights. 


Data Covered by this Notice 

This notice covers personal data when we act as the data controller. 

  • Personal Data identifies or could be used to identify a specific person, and any data about that person. For example, your name, address, and payment details are Personal Data. 
  • We act as a controller when we process personal data for our own use. For example, we act as a controller when you provide your personal data to open an account. 

This notice does not apply when you process personal data for your own benefit. For example, when you send email for your business purposes that includes personal data, you are acting as the controller. When you act as the controller, we act as the processor and process Personal Data only in accordance with your instructions or as required by law. 

This notice also does not apply to third-party applications offered through our services or linked through our website. Please review the data protection or privacy notice of any third-party service or website before using it. 


Core Data Protection and Privacy Rights 

We recognize several core data protection and privacy rights: 

  • the right to know what personal data we hold about you 
  • the right to access, correct, or delete your personal data 
  • the right to transfer your personal data (data portability) 
  • the right to set your marketing and advertising preferences 

We promptly review requests to exercise data protection and privacy rights. If we need more information to process your request, we will contact you by email or, if we do not have an email address on file for you, by the same method you made your request. 

If we do not honor your request for legal or other reasons, we will explain why we did not honor your request, your right to appeal, and your right to file a complaint. 


Personal Data We Collect 

  1. Personal Data You Provide 
    We collect personal data when you set up an account, use our services, apply for a position, or contact us. Examples of personal data we may collect from you include your name, email address, phone number, physical address, and payment method. 
  2. Personal Data We Collect Automatically 
    We collect personal data automatically when you visit our websites, use our services, contact us, open our emails, or view our advertising. Examples of personal data we may collect include your device ID, your IP address, information about web pages and other websites you visit, and other similar details. 
  3. Personal Data from Other Sources 
    We may collect personal data about you from other sources. Examples of personal data obtained from other sources include publicly available data, social media information, and information lawfully gathered by third party data providers. 
  4. Personal Data We Generate 
    We process data in connection with our business and services to generate inferences and insights that may be linked to you or your account. 


Use of Personal Data 

We use personal data to operate our business and provide services. Examples of how we use personal data include: 

  • Managing accounts 
  • Processing purchase requests 
  • Registering domains you purchase 
  • Provisioning products and services you have requested or may be interested in using 
  • Providing customer support 
  • Securing, updating, and improving our services 
  • Detecting fraud and other illegal activity 
  • Customized marketing and personalized advertising of our services 
  • Contacting you by telephone, text or messaging applications to offer you services 
  • Website traffic measurement 
  • Other uses consistent with the purposes for which the PII was collected or that have been authorized by you 


No Sale of Personal Data 

We do not sell personal data. 


Disclosures to Others 

We disclose personal data: 

  • to processors and affiliated companies to operate our business and deliver services, including but not limited to providing security services, payment processing and customer support; conducting contests and surveys; and performing other activities related to our business and services. 
  • to business partners to offer some services, such as email and payment processing. 
  • to marketers and advertisers who create personalized marketing and advertising messages. 
  • to comply with law enforcement and other legal requests, protect our legal rights, prevent harm to us or others, and enforce our policies and contracts. 
  • if we sell some or all of our assets or merge with a third-party we may transfer relevant personal data to the buyer or new company. 



When you use services offered by Heart Internet, the data controller will be Heart Internet Limited. 


Legal Basis for Individual Processing Activities 

We use personal data primarily to provide you the services you request. We also use personal data to comply with our legal obligations and protect our legitimate interests, including providing you personalized services, communicating with you, improving our services, and detecting fraudulent and illegal activity. With your prior consent, we also may use your personal data to send you marketing materials and offers. 


Cookies, Web Beacons, and Other Tools 

We use three main types of “identifiers” on our website and in our services: cookies, web beacons, and scripts. 

  • Cookies are text files placed on your device when you visit our webpages or view messages from us. Some cookies are “session cookies” that expire at the end of your browser session, while others are “persistent cookies” that allow us to remember your preferences and settings over multiple visits and across other websites. . 
  • Web Beacons are image files placed in our web pages and emails. 
  • Scripts are small pieces of computer code that power customer service tools, deliver video, and provide interactive experiences. We also use scripts for measuring service use. 

We manage some identifiers directly. Other identifiers are managed by third parties. For example, we use Google Analytics to monitor site performance and visitor engagement.   

We use identifiers to provide customized services, measure website performance, provide customer support, and deliver personalized advertising. Examples of how we use identifiers include, but are not limited to: 

  • Setting your service preferences 
  • Managing your shopping cart 
  • Guarding against fraud 
  • Delivering relevant advertisements 
  • Measuring website use 
  • Conducting research to improve our services 


Identifier Management 

You can manage identifier settings by using ‘Manage your cookies’ above in this notice. Customers can manage their identifier settings for our website and our services through their customer account. We use optional and mandatory cookies and other identifiers.  

Optional cookies and other identifiers are used for support, website performance, and advertising.  We seek your consent before using optional cookies and identifiers. 

Mandatory cookies and other identifiers are used for account verification, service continuity, security, and other functions necessary to provide our website and services.  Your consent is not required for use of mandatory cookies. 

In addition to our ‘Manage your cookies’ options, many web browsers allow users to block cookies (directly or through plugins and extensions). Some cookies, however, are essential for our website and services to function. If you set your browser to block all cookies, you may not be able to use our services. 


"Do Not Track" and other Preference Signals 

Some web browsers provide a “Do Not Track” feature. There are no generally accepted standards for this feature and we do not respond to “Do Not Track” signals. 

We also do not recognize any universal opt-out mechanism, such as the Global Privacy Control, which is still under development. 


Marketing and Advertising Preferences 

You can manage your marketing and advertising preferences, including whether you wish to receive customized marketing and advertising: 

Through this notice by using ‘Manage your cookies’ above 

If you are a customer, through your Contact Preferences 



We store personal data on our own systems and with trusted service providers, including Amazon Web Services. 


International Transfers 

We transfer personal data internationally to operate our business and provide services. We comply with applicable law when making international transfers. 


Length of Retention 

We retain personal data for our business needs and to comply with law. If we no longer need personal data, we may either delete it or de-identify it so that it no longer identifies a specific person. Factors we consider when deciding when to delete or de-identify your personal data include: (1) if you still have an account, (2) if we are required to retain personal data to comply with law, or (3) if the personal data is needed for tax other business purposes. 



We use risk-based measures to protect personal data, including appropriate security controls and employee training. We also require that our service providers, business partners, and advertisers use appropriate risk-based controls to protect personal data. 


No Collection of PII about Children 

We do not knowingly collect personal data about anyone under 18 without permission from their legal guardian. Please contact us at privacy@heartinternet.uk if you believe we have collected information from a child without permission from their legal guardian. 


Legal Basis for Processing 

We process personal data with your consent, to fulfill our contract with you, based on our legitimate interest, or other lawful bases. The specific basis of processing depends on the services you are using, the data being processed, the place where the processing occurs, and the place where you live. If you have questions about our basis for processing your personal data, please contact us at privacy@heartinternet.uk


International Data Transfers 

Personal data you provide may be transferred from your country to the United States or to another country where we do business. We make these transfers when necessary to provide our services, to perform our contract with you, or when we have your consent to transfer your personal data to another country. 

We transfer personal data outside the UK, the EU/EEA, and Switzerland to countries that have been determined to offer an adequate level of data protection. 

For transfers from the UK to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum consistent with the requirements of the UK International Data Transfer Agreement issued by the UK Information Commissioner, Version B1.0. 

For transfers from the EU/EEA and Switzerland to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures. 

For transfers to the United States, certain of our subprocessors (including affiliated companies) have certified their compliance with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK-U.S. Data Bridge”), and/or the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.  Where available, we transfer Personal Data to these subprocessors pursuant to the applicable DPF framework or extension.    


EU Article 27 Representative 

Our EU Article 27 Representative is: 

Heart Internet Ltd
Unit 4-5
Tristram Centre
Brown Ln W
LS12 6BF



We will not discriminate against you for exercising your privacy rights. 


No Financial Incentives 

We do not provide any financial incentives for providing personal data to us. 


Policy Changes 

We may revise this notice by posting a revised statement at the same location as this notice or on another location on our website. If we change this notice, it will apply to personal data collected prior to adoption of the new statement only to the extent as the new statement does not reduce the rights of affected data subjects. 


Complaints to Data Protection Authorities 

In the UK, you have the right to lodge a complaint with the Information Commissioner's Office. 

In the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority. 

In Switzerland, you have the right to lodge a complaint with the Federal Data Protection Information Commissioner. 


Contact Us 

If you have any questions, you can contact at privacy@heartinternet.uk or by mail at: 

  • Heart Internet Ltd., Attn: Legal, Office of the Data Privacy Officer, Unit 4-5, Tristram Centre, Brown Ln W, Holbeck, Leeds, LS12 6BF

We respond to all questions or concerns within 30 days. 


Got a question? Our Support Database may have the answer.
Or log in to raise a ticket for support and access live chat
*Please note: you will need to accept cookies to see and use our live chat service