Privacy policy

Revised 23rd May 2018

This policy is provided by KLOC Digital Solutions Ltd, Unit 8, The Long Yard, Ermin Street, Shefford Woodlands, Hungerford RG17 7EH.

KLOC Digital Solutions Ltd (KLOC) believes in the importance of protecting personal information from misuse and is committed to upholding the principals of the GDPR legislation.

This policy set out details of KLOC’s privacy policy under the terms of the new GDPR legislation, effective from 25th May 2018.

Your rights as an individual with regard to the protection of your personal details are defined on the ICO website here.

Data controller

KLOC acts as a data controller (as defined by GDPR) for the purposes of handling the personal details of our website users, enquiries, customers and employees.

Website Users

Our website uses cookies in line with our cookie policy .

Like many website, we use Google Analytics to view statistical information about the usage of our site. This does not provide us with any personally identifiable information.

We don’t retain any other information for regular web users nor do we undertake any automated profiling of web users to affect the content that we provide.


If you are a potential customer of KLOC and provide your data in connection with an enquiry about using our services then we ask you to give Consent to hold your personal information, which gives us a lawful basis to store your details in our GDPR-Compliant CRM system. We are not able to service any enquiry unless we have this consent.

The information we request via our website and telephone is first name, last name, email address, telephone number and company name. If you also consent to our contacting you subsequently then, from time to time, we may contact you by post, email and telephone with information about offers, our activities and services.

You have the right to ask what personal information we are holding about you and to withdraw your consent for us to store and process your details.

Please contact us at with any questions or requests for deletion or update of any personal data.


If you are a customer of KLOC then our lawful basis for holding your details is our Legitimate Interest arising as a result of our contract with you, which requires us to hold and process certain personal information to carry out whatever services you have contracted us to deliver. As part of our business as usual processes we will hold your details in our CRM & Support systems, our job tracking and accounting systems (see below). We may contact you by post, telephone and email in connection with the work that we are doing for you.

You have the right to ask what personal information we are holding about you and to object to our processing of your data in this way, however, any objection may affect the service that we are able to offer you.

Please contact us at with any questions or requests for deletion or update of any personal data.


KLOC employee details are also held in our HR system on the basis of our employment Contract.

Sensitive Data

KLOC Digital Solutions Ltd will not collect data relating to minors as defined under UK law. Minors are not permitted to use the services of KLOC Digital Solutions including its website,

Data Retention

KLOC will retain personal information for as long as you are a customer of KLOC Digital Solutions Ltd.

After you cease to be a customer, we may keep your data for up to 10 years in order to:

  • To respond to any questions or complaints.
  • To comply with legal requirements.

Data processor

KLOC acts as a data processor (as defined in GDPR) for the purposes of the following services that we provide to our customers. Our Lawful basis for this type of activity is our Legitimate Interest arising from your contracting KLOC Digital Solutions Ltd to provide:

Web site & application hosting – KLOC provides hosting for websites and applications that we build. In most cases our customers are acting as Data Controllers, using our services to store personal details on whatever lawful basis they have asserted. Storage of these personal details are  outsourced to one of our GDPR-compliant sub-processors listed below. Information that is held within these sites is processed within the terms of our Data Processing Addendum and managed under our GDPR-compliant processes for the purposes of the services that we are contracted to provide, which include storing, analysing, backing-up and transmitting data.

Website & application development, maintenance & testing – KLOC holds customer’s data for the purposes of fulfilling our role as software developer, tester and support provider of their systems. Information that is held with these system and processed within the terms of our Data Processing Addendum and managed under our GDPR-compliant processes. This includes converting data from one system format to another, importing data into a system, investigating faults, and testing solutions.

We act as data processors under the terms of our Data Processing Addendum.

KLOC has implemented robust policies to ensure the security of all personal data that falls under its stewardship as a data processor, including encryption, anonymisation, redaction and timely destruction, which will be used wherever appropriate.

Any requests made by data subjects regarding data that we hold in our capacity as data processor will be referred to the relevant data controller for action.

Data Retention

As a data processor, we will only retain data for as long as we are required to do so and by default will destroy all customer data with 90 days of termination of our contract to provide hosting, development or support services.

We will also delete or retain any specific data upon request by the relevant data controller.

Disclosure to 3rd parties

KLOC does not provide personal details to any 3rd party other than:

  • to sub-processors (as defined by GDPR) for the purposes of carrying on KLOC’s business in pursuit of the lawful basis set out below,
  • when reasonably required to do so to comply with any law,
  • to a 3rd party in the event that the business or part of the business is purchased. In this event your details may be transferred to the purchaser as an asset forming part of the sale.


All data that KLOC stores is held in GDPR-compliant, EU-based datacentres.

Following is a list of sub-processors that KLOC uses in the execution of its business:

  • WPEngine
  • Digital Ocean
  • Memset
  • ZOHO (CRM & Support system)
  • Mailchimp
  • HR Software
  • Quickbooks
  • Microsoft (Office 365)
  • Google (Analytics)

KLOC Digital Solutions Ltd may update this list from time to time as our systems and operations evolve and inform you accordingly.


We have put in place appropriate security procedures for implementing the policies described above and for safeguarding the personal data we collect. However, we cannot guarantee that personal data we collect will never be disclosed in a manner inconsistent with this Privacy Policy.

We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received.

Data Protection Officer

The Managing Director of KLOC holds responsibility for data protection compliance.


From time to time we may update this policy by publishing a new version on our website.

You should check this page occasionally to ensure you are happy with any changes to this policy.

We may notify you of changes to this policy by email.