facebook pixel code

Privacy Policy

Use of this Website & Cookies

Risk-free
14-Day Trial

ISO 27001
Certified

GDPR & HIPAA
Compliance

AES 256 Bit
Secure Encryption

Ransomware
Protection

Automatic
Scheduling

Free Support
Email & Phone

Privacy Policy for Deep Blue Backup

 

This Privacy Policy applies to the website www.deepbluebackup.co.uk, operated by Deep Blue Backup®, and governs the personal data of users who visit and interact with our website or use our services. As a UK-based provider of SaaS and device backup solutions since 2018, we are committed to protecting your privacy and personal data in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and the Privacy and Electronic Communications Regulations (PECR).

1. Data Controller

The data controller responsible for your personal data is:

Deep Blue Backup® Keith Taylor Dolphin House, Totnes, TQ9 6LX Email: enquiries@deepbluebackup.co.uk Data Protection Queries: dataprotection@deepbluebackup.co.uk Website: www.deepbluebackup.co.uk/contact

2. The Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name, job title, or company name.
  • Contact Data: Email address, telephone number, and postal address.
  • Usage Data: Information about how you use our website, including IP address, browser type, and page views.
  • Communication Data: Information you provide when contacting us via email, telephone, or website forms.
  • Backup Data: As a provider of backup services, we process data you store with us (which may include special category data, such as health or financial data, for clients in the care, insurance, or legal sectors). This data is treated as client-controlled data, and we act solely as a data processor for such information.

We do not knowingly collect personal data from individuals under 16 years of age, as our website and services are designed for business users.

3. How and Why We Use Your Data (Legal Basis for Processing)

We only process your personal data when we have a valid legal basis, as outlined below:

  • Contractual Necessity: To fulfil a contract with you, such as providing cloud backup services, restoring data, or responding to service requests. This includes processing Backup Data to deliver our services.
  • Legitimate Interests: To improve our products, services, and website functionality (e.g., analysing Usage Data to optimise performance or detect technical issues) or to prevent fraud. We ensure such processing is proportionate and respects your rights through regular data protection impact assessments.
  • Consent: For sending marketing communications or using non-essential cookies, we obtain your explicit consent, which you may withdraw at any time.
  • Legal Compliance: To comply with legal obligations, such as retaining records for tax or accounting purposes.

For special category data processed as part of our backup services (e.g., health or financial data), we rely on your explicit consent or the necessity to fulfil contractual obligations, in compliance with UK GDPR Article 9.

4. How We Use Cookies

Our website uses cookies to enhance your user experience. Cookies are small text files placed on your device. We use:

  • Essential Cookies: Necessary for website functionality, such as navigation and secure access.
  • Analytics Cookies: Tools like Google Analytics anonymously track how visitors use our website to improve its design and content. These cookies do not collect identifiable personal data.
  • Marketing & Functionality Cookies: Used to provide a tailored experience or deliver relevant communications, but only with your explicit consent.

A cookie consent banner is displayed when you visit our website, allowing you to accept or decline non-essential cookies. You can manage your preferences at any time via our cookie settings at www.deepbluebackup.co.uk/cookies. Most web browsers automatically accept cookies, but you can modify your browser settings to decline them if preferred.

5. Your Data Protection Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right to be informed: To know how we collect and use your personal data.
  • Right of access: To request a copy of the personal data we hold about you.
  • Right to rectification: To correct inaccurate or incomplete data.
  • Right to erasure: To request deletion of your personal data (subject to legal obligations).
  • Right to restrict processing: To limit how we use your personal data.
  • Right to data portability: To receive your data in a structured, machine-readable format.
  • Right to object: To object to processing for marketing or legitimate interest purposes.

To exercise these rights, please contact our Data Protection Officer at dataprotection@deepbluebackup.co.uk or via www.deepbluebackup.co.uk/contact. We will respond within one month. If you have concerns about our data practices, you may lodge a complaint with the UK’s Information Commissioner’s Office (ICO) at www.ico.org.uk.

6. Data Sharing & Third Parties

We do not sell, lease, or distribute your personal data to third parties unless we have your explicit permission or are required by law.

We may share your data with trusted third-party processors to deliver our services, including:

  • Cloud storage providers to store and replicate Backup Data.
  • Email marketing services (e.g., MailChimp) for sending communications.
  • IT service providers for technical support and maintenance.

All processors are bound by contracts ensuring UK GDPR compliance and secure data handling. As a data processor for Backup Data, we do not access or use this data except to provide the agreed backup and restoration services, and it is protected with AES-256-bit encryption.

International Data Transfers: Your data is primarily stored in the UK. If we transfer data to third-party processors outside the UK (e.g., MailChimp’s servers in the US), we ensure compliance with UK GDPR through approved safeguards, such as Standard Contractual Clauses or adequacy agreements.

7. Data Security and Retention

We protect your personal data with industry-standard measures, including:

  • AES-256-bit encryption for all Backup Data.
  • Secure Socket Layer (SSL) technology for data transmission.
  • Regular security audits and access controls to prevent unauthorised access, disclosure, or loss.

In the unlikely event of a data breach, we will notify affected users and the ICO within 72 hours, as required by UK GDPR.

We retain personal data only for as long as necessary:

  • Contractual Data: Retained for the duration of our service agreement plus six years to comply with tax and accounting obligations.
  • Marketing Data: Retained until you withdraw consent.
  • Usage Data: Retained for up to 12 months for analytics purposes.
  • Backup Data: Retained as per your service agreement and deleted upon termination, unless otherwise instructed.

8. Third-Party Links

Our website may include links to third-party sites, which are governed by their own privacy policies. We are not responsible for the data practices of these sites.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The updated version will be posted on our website, and we will take reasonable steps to notify you of material changes.

10. Contact

For questions, concerns, or to exercise your data protection rights, please contact: Data Protection Officer Email: dataprotection@deepbluebackup.co.uk Website: www.deepbluebackup.co.uk/contact

v.4.0 October 2025 – Deep Blue Backup®