Privacy Policy

1. Who We Are

Techspace is a managed hosting service operated by FABS GROUP LTD, a private limited company registered in England & Wales under company number 16820215.

Registered office: 128 City Road, London, United Kingdom, EC1V 2NX.

We are the data controller for any personal data you provide to us or that we collect via our Techspace hosting services and website.

Data-protection contact: privacy@thefabsgroup.co.uk – please use this address for all data-protection enquiries.

2. The Data We Collect

2.1 Data you voluntarily give us

• Contact form submissions: name, email address, phone number (optional), selected plan, message content
• Hosting services: name, email, billing address, company details (if applicable), domain names, payment information
• Technical support: correspondence, troubleshooting data, server logs related to your service

2.2 Data we collect automatically

• Website analytics: anonymised IP address, browser type, device type, pages visited, time on site (via Google Analytics)
• Server logs: IP addresses, access times, bandwidth usage, error logs (for security and service optimization)
• Cookies: essential and analytical cookies (see §9)

3. Why We Use Your Data (Purposes)

• To provide, maintain, and improve your hosting services
• To respond to your enquiries and provide customer support
• To process payments and manage your account
• To send service-related notifications (downtime, security updates, billing)
• To monitor and improve server performance, security, and reliability
• To comply with legal obligations and prevent fraud
• To analyse usage trends and enhance user experience

4. Lawful Bases Under UK GDPR

• Contract performance: Article 6(1)(b) – processing necessary to provide hosting services you've purchased
• Legal obligation: Article 6(1)(c) – compliance with tax, accounting, and data retention laws
• Legitimate interest: Article 6(1)(f) – responding to enquiries, security monitoring, service improvement, fraud prevention

You may object to any Legitimate-Interest processing at any time (see §8).

5. Sharing & International Transfers

We do not sell or rent personal data. We share only:

• Service providers: payment processors (Stripe), hosting infrastructure, email services, analytics (Google Analytics) – all are UK-GDPR-compliant
• Legal requirements: law enforcement, regulatory authorities, or court orders
• Business transfers: in the event of a merger, acquisition, or sale of assets

Some processors may transfer data to the United States under approved Standard Contractual Clauses or adequacy decisions.

6. Data Retention

• Active hosting accounts: data retained for the duration of your service plus 7 years for tax and legal compliance
• Cancelled accounts: personal data deleted within 30 days unless legal retention required
• Backups: retained for 30-90 days depending on your plan, then securely deleted
• Contact form enquiries: 6 years for potential contractual claims
• Server logs: 90 days for security and troubleshooting
• Analytics data: 26 months (Google Analytics auto-deletion)

7. Your UK GDPR Rights

You have the right to:

1. Access the personal data we hold about you
2. Rectify inaccurate data
3. Erase your data ("right to be forgotten") – subject to legal retention requirements
4. Restrict processing in certain circumstances
5. Object to processing based on legitimate interest
6. Data portability – receive your data in a structured format
7. Withdraw consent at any time (where consent is the lawful basis)

Exercise any right by emailing privacy@thefabsgroup.co.uk. We will respond within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office: www.ico.org.uk or 0303 123 1113.

8. Security

We implement industry-standard security measures including:

• HTTPS/TLS 1.3 encryption for all data transmission
• ISO 27001-certified infrastructure
• Server-level firewalls and intrusion detection
• Regular security audits and updates
• Role-based access controls with multi-factor authentication
• Encrypted backups stored in geographically separate locations

While we take every reasonable precaution, no method of transmission over the internet is 100% secure.

9. Cookies

Essential cookies enable page navigation and account access. Analytical cookies help us count visits and understand usage patterns. We do not use marketing or tracking cookies.

You can manage or block cookies via your browser settings. Note that disabling essential cookies may affect site functionality.

10. Third-Party Services

Our hosting services may integrate with third-party tools (CDNs, DNS providers, SSL certificate authorities). We select partners with strong privacy practices but are not responsible for their policies. Please review their terms separately.

11. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect data from children. If we become aware of such collection, we will delete it promptly.

12. Policy Changes

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be posted on this page with an updated "Last updated" date. For active customers, we will provide email notification 30 days before changes take effect.

13. Governing Law

This policy and any dispute arising hereunder are governed by the laws of England & Wales.