Data Protection Statement & ICO Registration Notice

Effective Date: 4th April 2025
Last Updated: 4th April 2025

Our Commitment to Data Protection

At DPA Cloud Services Ltd, we are committed to upholding the highest standards of data privacy, confidentiality, and information security. We comply with all relevant UK data protection legislation, including:

  • The UK General Data Protection Regulation (UK GDPR)
  • The Data Protection Act 2018
  • The Privacy and Electronic Communications Regulations (PECR)

We process personal data lawfully, fairly, and transparently, ensuring that your data is handled with the respect and care it deserves.

Data Controller Details

For the purposes of UK data protection legislation, DPA Cloud Services Ltd is the Data Controller for any personal data we collect directly through our website, client onboarding, communications, or service provision.

DPA Cloud Services Ltd
Company Number: 16220378
Registered Office: Conway Industrial Estate, Skull House Lane, Appley Bridge, Wigan, WN6 9EU
[email protected]

ICO Registration

We are registered with the Information Commissioner’s Office (ICO), the UK’s independent authority on data protection.

  • ICO Registration Number: [Insert your ICO Reference]
  • Registration Status: Active
  • Registered As: DPA Cloud Services Ltd
  • Registration Type: Private Limited Company – IT, Hosting, and Software Services

View on ICO Register

Lawful Basis for Processing

We only process personal data when there is a clear lawful basis, such as:

  • Consent – when you opt in to communications or optional features
  • Contractual Necessity – to deliver services or fulfil obligations
  • Legal Obligation – for regulatory or statutory requirements
  • Legitimate Interest – for internal business use, provided it does not override your rights

Security Measures

We implement a layered security strategy to safeguard personal data, including:

  • Encryption in transit and at rest
  • Secure virtual infrastructure (no public-facing ports, VLAN segmentation)
  • Cloudflare Zero Trust and firewall-level protections
  • Access controls and user authentication policies
  • Audit trails, log monitoring, and breach detection
  • Daily encrypted backups and Disaster Recovery tiers

Full details of our security measures are available in our Privacy Policy and optional Security Statement.

Your Rights

Under the UK GDPR, you have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion or restriction of processing
  • Portability of your data
  • Objection to certain types of processing
  • Right to withdraw consent (where used)

To exercise any of your rights, please contact us at [email protected]

You also have the right to complain to the ICO:
https://ico.org.uk/make-a-complaint/

Third Parties & Data Processors

Where we work with third-party processors (e.g., email providers, hosting partners, or payment platforms), we ensure they are:

  • GDPR-compliant
  • Subject to a Data Processing Agreement (DPA)
  • Contractually obligated to follow strict data protection standards

Cross-Border Data Transfers

Where data is transferred outside the UK or EEA, we use:

  • UK Addendum to the Standard Contractual Clauses (SCCs)
  • Adequacy Decisions recognised by the UK government
  • Binding Corporate Rules or other approved mechanisms

Review & Updates

This Data Protection Statement is reviewed annually or whenever legal or operational changes occur.

Next scheduled review: April 2026
You will be notified of any significant updates via email or public notice on our website.

Contact Us

  • Email: [email protected]
  • Post: DPA Cloud Services Ltd, Conway Industrial Estate, Skull House Lane, Appley Bridge, Wigan, WN6 9EU
  • Phone: 01257 818345