Privacy Policy
Last updated: 3 November 2025
At SingleSync, we are committed to protecting your privacy and complying with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This Privacy Policy explains how we collect, use, store, and protect your personal data.
Table of Contents
- 1. Who We Are
- 2. What Data We Collect
- 3. How We Use Your Data
- 4. Legal Basis for Processing
- 5. Data Sharing
- 6. International Data Transfers
- 7. Data Retention
- 8. Your Rights Under GDPR
- 9. Cookies and Tracking
- 10. hCaptcha
- 11. Automated Decision-Making
- 12. Children's Privacy
- 13. Data Security
- 14. Data Breach Notification
- 15. Your Role as Data Controller
- 16. Supervisory Authority
- 17. Changes to This Policy
- 18. Contact Us
1. Who We Are
SingleSync is a sole trader registered in Ireland, providing web hosting, domain registration, and IT consulting services. We are the data controller for the personal data you provide to us.
Registered address:
77 Lower Camden Street
Saint Kevin's
Dublin 2
Ireland
D02XE80
2. What Data We Collect
We may collect the following types of personal data when you use our services:
(a) Account and Contact Information:
- Full name
- Email address
- Telephone number
- Postal address
- Company name and VAT registration number (for business customers)
(b) Financial Information:
- Payment method details (processed by third-party payment processors; we do not store full credit card numbers)
- Billing address
- Transaction history and invoices
(c) Technical and Account Data:
- Account username and encrypted password
- IP addresses used to access your account
- Domain names registered or transferred to us
- Hosting control panel login records
- Email account configurations
(d) Website and Application Data:
- Website files, databases, and content you upload to your hosting account
- Email messages sent and received through our email servers
- Backup copies of your hosted data (retained for 3 days)
(e) Communications:
- Support ticket communications
- Email correspondence with our support team
- Chat logs (if applicable)
- Phone call records (for quality and training purposes)
(f) Usage Data:
- Server resource usage (CPU, memory, bandwidth)
- Access logs and error logs
- Service usage patterns
3. How We Use Your Data
We use your personal data for the following purposes:
- Service Provision: To provide web hosting, email hosting, domain registration, and related services as specified in our Terms of Service
- Account Management: To create, maintain, and manage your hosting account
- Billing and Payments: To process payments, send invoices, and manage your subscription
- Customer Support: To respond to your inquiries, troubleshoot technical issues, and provide assistance
- Service Improvements: To monitor and improve our services, infrastructure, and customer experience
- Security: To detect, prevent, and respond to security incidents, abuse, fraud, and violations of our Acceptable Use Policy
- Legal Compliance: To comply with legal obligations, including tax reporting, data protection laws, and lawful requests from authorities
- Communications: To send service-related notifications, renewal reminders, and important account updates (we do not send marketing emails unless you opt in)
4. Legal Basis for Processing
We process your personal data based on one or more of the following legal bases under GDPR Article 6:
- Contract Performance (Article 6(1)(b)): Processing is necessary to fulfill our contract with you and provide the hosting services you requested
- Legal Obligation (Article 6(1)(c)): Processing is necessary to comply with legal requirements, such as tax laws, data retention obligations, and responses to lawful requests from authorities
- Legitimate Interests (Article 6(1)(f)): Processing is necessary for our legitimate business interests, such as fraud prevention, network security, service improvement, and direct marketing (where we have balanced this against your rights and freedoms)
- Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing activities (you may withdraw consent at any time)
5. Data Sharing
We do not sell your personal data. We may share your data with the following third parties only as necessary to provide our services:
- Infrastructure Providers: Our hosting infrastructure and server providers who host your data on our behalf
- Payment Processors: Third-party payment services (such as Stripe, PayPal) that process your payment information securely
- Domain Registrars: ICANN-accredited registrars for domain registration and WHOIS data publication (as required by ICANN policies)
- Security Services: Services like hCaptcha for spam and abuse prevention
- Email Services: Email infrastructure providers that facilitate email hosting services
- Legal and Regulatory Authorities: When required by law, court order, or to protect our rights and prevent fraud or abuse
- Professional Advisors: Accountants, lawyers, and auditors who assist with business operations (under confidentiality obligations)
All third-party service providers are carefully selected and required to protect your data in accordance with GDPR standards.
6. International Data Transfers
Some of our service providers (such as cloud infrastructure providers and payment processors) may transfer your data outside the European Economic Area (EEA). When this occurs, we ensure that appropriate safeguards are in place to protect your data, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by the European Commission confirming adequate protection in the destination country
- Other legally recognized transfer mechanisms under GDPR Chapter V
We remain responsible for ensuring your data is protected regardless of where it is processed.
7. Data Retention
We retain your personal data only as long as necessary to provide services and comply with legal obligations:
- Active Accounts: Personal data is retained for the duration of your active hosting service
- Cancelled Accounts: Upon account cancellation or termination, all customer data, websites, email content, and backups are permanently deleted within seven (7) days. You are responsible for downloading any data you wish to retain before cancellation
- Financial Records: Invoices, payment records, and financial data are retained for six (6) years from the end of the relevant financial year to comply with Irish tax law and Revenue requirements
- Support Communications: Support tickets and correspondence may be retained for up to two (2) years for quality assurance and dispute resolution purposes
- Legal Retention: In exceptional cases, data may be retained longer if required by law, to establish or defend legal claims, or to comply with ongoing legal proceedings
8. Your Rights Under GDPR
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access (Article 15): You can request a copy of the personal data we hold about you
- Right to Rectification (Article 16): You can request correction of inaccurate or incomplete personal data
- Right to Erasure (Article 17): You can request deletion of your personal data in certain circumstances (the "right to be forgotten")
- Right to Restrict Processing (Article 18): You can request that we limit how we use your data in certain situations
- Right to Data Portability (Article 20): You can request your data in a structured, commonly used format and transfer it to another service provider
- Right to Object (Article 21): You can object to processing based on legitimate interests or for direct marketing purposes
- Right to Withdraw Consent (Article 7(3)): Where processing is based on consent, you can withdraw it at any time
- Right Not to Be Subject to Automated Decision-Making (Article 22): You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects
You can exercise these rights by contacting us using the information in the Contact section below. We will respond to your request within one (1) month, or inform you if we need additional time (up to two more months for complex requests).
9. Cookies and Tracking
Our main website does not set any cookies for tracking, analytics, or advertising purposes. We are committed to maintaining a cookie-free browsing experience wherever possible.
However, certain strictly necessary cookies may be used when interacting with specific security features such as hCaptcha. These temporary cookies are essential for verifying that a request comes from a human user and for preventing spam or abuse. They are not used for profiling or marketing and fall under the GDPR/ePrivacy exemptions for essential functionality.
When you log into your hosting control panel (cPanel), session cookies are used to maintain your authenticated session. These are essential for the service to function and are deleted when you close your browser or log out.
10. hCaptcha
We use hCaptcha to protect our website and services from spam, abuse, and automated attacks. hCaptcha analyzes interactions on our site to determine whether the user is human. This may involve the automatic collection of certain data (such as IP address, browser type, and usage patterns) which is transmitted to hCaptcha for verification purposes.
Use of hCaptcha is subject to the hCaptcha Privacy Policy and Terms of Service. By interacting with hCaptcha, you agree to hCaptcha's data processing as described in those policies.
11. Automated Decision-Making
We do not use your data for automated decision-making or profiling that would produce legal or similarly significant effects on you. Any decisions regarding service provision, account suspension, or termination involve human review.
12. Children's Privacy
Our services are not directed at children under the age of sixteen (16), and we do not knowingly collect personal data from children. If we become aware that we have collected data from a child without proper parental consent, we will take steps to delete it promptly. If you believe we have collected information from a child, please contact us immediately.
13. Data Security
We take appropriate technical and organizational measures to secure your data against unauthorized access, loss, theft, alteration, and disclosure. Our security measures include:
- Encryption: Data transmitted between your browser and our servers is encrypted using SSL/TLS protocols
- Access Controls: Strict access controls limit who can access customer data within our organization
- Password Protection: Account passwords are encrypted using industry-standard hashing algorithms
- Firewalls and Monitoring: Network firewalls and security monitoring systems protect against unauthorized access
- Regular Updates: Server software and security patches are applied regularly
- Backup Security: Automated backups are stored securely and are accessible only to authorized personnel
- Staff Training: Our team is trained in data protection principles and security best practices
While we implement strong security measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and should use strong, unique passwords.
14. Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the Irish Data Protection Commission within seventy-two (72) hours of becoming aware of the breach, as required by GDPR Article 33
- Notify affected customers without undue delay if the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34
- Provide information about the nature of the breach, the likely consequences, and the measures we are taking to address it
We maintain incident response procedures to detect, investigate, and respond to security incidents promptly.
15. Your Role as Data Controller
When you use our hosting services to operate a website or application that collects personal data from visitors or users, you act as the data controller for that data, and SingleSync acts as your data processor under GDPR Article 28.
As a data controller, you are responsible for:
- Ensuring your website has an appropriate privacy policy
- Obtaining necessary consents from individuals whose data you collect
- Complying with GDPR requirements for data collection, processing, and storage
- Responding to data subject access requests and other rights requests from your users
- Implementing appropriate security measures for data you process
- Notifying us if you receive legal requests related to data hosted on our servers
SingleSync processes your hosted data strictly according to your instructions and our Terms of Service. We implement appropriate technical and organizational measures to ensure the security of data you host with us. Upon request, we can provide a Data Processing Agreement (DPA) that sets out our respective obligations under GDPR Article 28.
16. Supervisory Authority
If you believe we have not handled your personal data in accordance with GDPR or you are unhappy with how we have responded to your request, you have the right to lodge a complaint with the relevant supervisory authority.
The supervisory authority for Ireland is:
Data Protection Commission (DPC)
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Website: https://www.dataprotection.ie
Email: info@dataprotection.ie
Phone: +353 (0)761 104 800 or Lo-Call 1890 252 231
However, we encourage you to contact us first so we can address your concerns directly.
17. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make material changes, we will notify you by:
- Updating the "Last updated" date at the top of this policy
- Sending an email notification to the address on your account
- Displaying a prominent notice on our website or in your hosting control panel
We encourage you to review this Privacy Policy periodically. Continued use of our services after changes are posted constitutes your acceptance of the updated policy.
18. Contact Us
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, you can contact us at:
Email: support@singlesync.ie
Contact Form: https://www.singlesync.ie/clients/contact.php
Postal Address:
SingleSync
77 Lower Camden Street
Saint Kevin's
Dublin 2
Ireland
D02XE80
We aim to respond to all inquiries within five (5) business days.