100% UK Based — Data Centres in London & Coventry Sovereign infrastructure. Your data stays in the UK.

Privacy Policy

Last updated: May 2026

This Privacy Policy explains how EDZNET (“we”, “us”, “our”) collects, uses, stores, and protects your personal information when you use our services or interact with us. Please read this policy carefully.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

EDZNET is a UK-based web hosting and cloud services provider operating data centres in London and Coventry, England. We are registered as a data controller with the Information Commissioner’s Office (ICO).

For data protection enquiries, contact our Data Protection Officer:

Data Protection Officer
EDZNET
United Kingdom
dpo@edznet.io

2. What Information We Collect

We collect and process the following categories of personal information:

2.1 Account and Service Information

  • Full name and company name (if applicable)
  • Billing and correspondence address
  • Telephone number and email address
  • Account login credentials (passwords are stored in hashed form)
  • Payment details (processed securely via PCI-DSS compliant payment processors; we do not store full card numbers)
  • Records of services ordered and service usage

2.2 Technical and Usage Information

  • IP addresses used to access our systems
  • Browser type, version, and operating system
  • Pages visited and actions taken within our client portal
  • Network traffic data for the purposes of security monitoring and abuse prevention
  • Support ticket and communication history

2.3 Information from Third Parties

We may receive information about you from fraud prevention agencies and credit reference agencies in order to verify your identity and protect against fraud before providing services.

3. How We Use Your Information

3.1 Service Provision

We use your personal information to provide the services you have purchased, including:

  • Provisioning and managing your hosting services
  • Sending service confirmations, invoices, renewal notices, and infrastructure updates
  • Providing access to our client portal
  • Processing payments and managing your account
  • Responding to support requests

3.2 Fraud Prevention and Security

We share information with fraud prevention agencies to protect against fraud and money laundering. If we identify a fraud risk, your information may be retained by us and those agencies for up to six years. False or inaccurate information may be shared with law enforcement.

We monitor network traffic to detect and prevent cyber-attacks, malware, and other security threats.

3.3 Debt Recovery

If your account becomes overdue, we may pass your contact and account details to a debt recovery agency. We will notify you before taking this step wherever possible.

3.4 Legal Obligations

We may disclose your personal information to comply with a legal obligation, court order, or lawful request from law enforcement or regulatory authorities, including under the Investigatory Powers Act 2016.

3.5 Legitimate Interests

We process some information on the basis of our legitimate interests, including improving our services, ensuring network security, and preventing abuse of our systems.

4. Data Retention

Data Type Retention Period
Invoices and billing records 6 years from invoice date (UK tax law requirement)
Account and contact details Duration of the customer relationship, plus 6 years after closure
Dispute and complaint records 6 years after resolution
Support communications 3 years after the last interaction
Network security logs Up to 12 months

5. Data Storage and Security

For the majority of our customers, all personal data is stored exclusively in our UK data centres in London and Coventry. We employ strict physical and technical security measures including:

  • Encrypted data storage and transmission (TLS/SSL)
  • Role-based access controls and multi-factor authentication
  • ISO-certified data centre facilities with 24/7 physical security
  • Regular security audits and penetration testing
  • Staff training on data protection obligations

5.1 International Data Transfers — South African Clients

Customers who have subscribed to services specifically provisioned for South African regions, or who have been notified in writing that their services are hosted outside the United Kingdom, should be aware that their personal data may be stored and processed in South Africa.

Where data is transferred outside the UK, EDZNET ensures that appropriate safeguards are in place as required by UK GDPR, which may include:

  • Adequacy decisions recognised by the UK Secretary of State;
  • Standard contractual clauses approved for use under UK GDPR (International Data Transfer Agreements, “IDTAs”); or
  • Other lawful transfer mechanisms as permitted by applicable data protection law.

South African clients may have additional rights under the Protection of Personal Information Act 4 of 2013 (POPIA). To the extent that POPIA applies to our processing of your data, we are committed to complying with its requirements. For further information or to exercise your rights under POPIA, contact our Data Protection Officer at dpo@edznet.io.

If you are unsure whether your service is subject to UK or South African data residency, please contact us before ordering.

6. Your Rights

Under UK GDPR you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where there is no compelling reason to continue processing.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact dpo@edznet.io. We will respond within one calendar month. There is no charge for most requests.

7. Cookies

We use cookies and similar technologies on our website and client portal. Please see our Cookie Policy for full details of the cookies we use and how to manage your preferences.

8. Third Parties and Data Processors

We use carefully selected third-party processors to assist in delivering our services. All processors are contractually bound to process data only on our instructions and in compliance with UK GDPR. We do not sell your personal data to third parties.

8.1 hCaptcha

We use hCaptcha (provided by Intuition Machines, Inc., a Delaware US corporation) on our forms to protect against automated abuse, spam, and fraudulent submissions. When you interact with an hCaptcha widget, information such as your IP address, browser type, and interaction patterns may be collected and processed by hCaptcha to assess whether you are human.

This processing is necessary for our legitimate interest in securing our systems. hCaptcha's processing of this data is governed by their own privacy policy and terms of service, available at hcaptcha.com/privacy.

9. Complaints

If you believe we have mishandled your personal data, please contact our Data Protection Officer in the first instance at dpo@edznet.io. We will investigate and respond promptly.

If you remain unsatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
ico.org.uk

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered customers of material changes by email. The current version will always be available on this page with the “last updated” date shown above.