Who we are
We are committed to respecting and protecting your privacy and the confidentiality of any personal data provided to us.
- "I", "our", "us", or "we" refer to the business, ShaneMcC ltd
- "The service" or "The website" refers to MyDNSHost
- "You", "the user" refer to the person(s) using this website.
What data we collect, what we use it for, who has access to it.
When you sign up for the service, we collect data required to provide the service:
- Your name (or a pseudonym) for display purposes.
- Your email address for login purposes and for contacting you specifically in regards to your account and the service (such as for security alerts, service notifications, invoicing etc). This is also used (pseudo-anonymised) to display an avatar alongside your name using Gravatar and will be made available along with your name to other users of the service who you share domains with (for the purposes of seeing/controlling who has access to the domains).
Whilst using the service we may also collect:
- Website Analytics data. Information about your computer and your visits to and use of this website (including but not limited to your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation). This data is primarily used for assisting with technical issues when using the service, for security purposes such as preventing or investigating malicious attacks against the service, to allow us to see how the service is being used and to guide future development and improvements to the service. The majority of this data is collected by our own logging systems however some of this data may be collected by and/or shared with an analytics partner (Google Analytics). Some of this data (for example, IP Addresses) may also be visible to third-parties when requesting resources used by this site (for example, avatars from Gravatar or static content hosted on CDN services)
- Audit Logging. Some actions taken whilst using the service are explicitly logged for future audit purposes to identify when and why certain changes/actions were made and by whom.
- Payment-related data. The service is currently free to use, however in future we may offer paid-for services, or allow users to donate towards the running cost of the service. In order to handle this we will need to collect and share some personal data with our payment processors (Stripe, Paypal and Starling Bank) to process the payment, and then we will need to store some data related to this payment in order to correctly provide the paid-for service and for accounting purposes. We will not be collecting or storing the actual payment data, this will be handled by our payment processors.
- Any other information that you choose to provide to us when using the service (such as device names for Two-Factor-Authentication codes etc)
The data collected here may be disclosed to any of our staff, employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary.
We will never provide your personal information to any third parties for the purpose of direct marketing.
How is my data stored?
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Wherever possible data streams will be transmitted in an encrypted format.
How long will the data be stored for?
Different data is stored for different lengths of time depending on the purpose for which we have collected it.
- Your email address, name and data specifically related to your account on the service will be stored for as long as you have an active account with the service. Once an account is deleted, the primary copy of this data is immediately removed along with it.
- Website Analytics Data will be stored de-anonymised for an initial period for security reasons and then stored in an anonymised form for longer-term trend-tracking etc.
- Audit Log Data is stored for as long as is required to provide an audit trail of events related to a specific part of the service. For example, if the log is only related to a single account, it will be deleted or anonymised when the account is deleted.
- Payment meta-data (such as, the fact we took a payment, a payment reference, the time/date/value of the payment, the name of the payee, the reason for payment etc) will be stored for as long as legally required for accounting and anti-fraud purposes and will not be deleted when the associated account is removed. This data may also be kept by our payment processors.
In addition to our live data, we also maintain backups of all the data related to the service, and these may be stored for up to 18 months. These backups are to allow the swift and prompt restoration of service should it be required. Data stored in these backups will be accurate as of the time the backup was taken, and every effort will be made to ensure that any changes or removal of data requested will be reflected after any restores are made.
Other data provided to us
The domain and record data you provide to us whilst using the service is not considered private data and does not fall under this policy and will be published openly in the global DNS system accessible to anyone. It is the responsibility of the user of the service to ensure that they have all the required permissions to publish any data that may require it and that all published data is accurate.
We make use of a session-cookie (that only lasts for the current browsing session) to know if you have logged into the site or not, and if so to know who you are.
We also store some longer-term cookies when you perform specific actions that necessitate them - such as logging in and choosing to remember a device for future log ins.
We may make use of tracking cookies for some of the analytics purposes outlined previously, where this is the case you will be required to opt-in before these cookies are stored, and you can opt-out of this at any time.
EU GDPR (General Data Protection Regulation)
Basis for collection
In some circumstances we may explicitly collect data by consent for additional purposes not specifically required to provide and run the service.
Under the GDPR you are granted certain rights in regards to your data, you can read more about your rights in detail here.
Most personal data collected by the service can be accessed/updated directly using the service, however if you are having trouble or are unable to access/update the data for whatever reason or have any questions/complaints please get in touch.
We handle subject access requests in accordance with the GDPR, and in addition to this as we are a UK-Based company you have the right to complain to the ICO if you feel there is a problem with the way we are processing or handling your data.
We are registered with the ICO under the Data Protection Register, our registration number is: A8354400.
We are not currently engaged in any email marketing, however should this change then this will be performed on an opt-in basis only and this policy will be updated to reflect this.
2018-06-04: Added "Key definitions" section, Added "Other data provided to us" section, Added ICO Registration number