top of page

Privacy Policy for Xgeneration Ltd

At Xgeneration, accessible from www.xgeneration.co.uk, one of our main priorities is the privacy of our visitors and customers. This Privacy Policy document contains types of information that is collected and recorded by Xgeneration and how we use it. If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

1.0 General Data Protection Regulation (GDPR)

We are a Data Controller of your information. Xgeneration Ltd legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect the information:

  • Xgeneration Ltd needs to perform a contract with you

  • You have given Xgeneration Ltd permission to do so

  • Processing your personal information is in Xgeneration Ltd legitimate interests

  • Xgeneration Ltd needs to comply with the law

Xgeneration Ltd will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information, we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:

  • The right to access, update or delete the information we have on you.

  • The right of rectification.

  • The right to object.

  • The right of restriction.

  • The right to data portability

  • The right to withdraw consent

2.0 Log Files

Xgeneration follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and are a part of hosting services' analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

3.0 Data Security Measures

Without prejudice to Data Controller’s security risk assessment obligations under Section 3.2 (Security Risk Assessment) above, Data Processor shall maintain appropriate technical and organizational safeguards to protect the security, confidentiality and integrity of Customer Data, including any Personal Data contained therein, as described in Section 2 (Physical, Technical and Administrative Security Measures) of the Data Security Guide. Such measures are designed to protect Customer Data from loss, alteration, unauthorized access, acquisition, use, disclosure, or accidental or unlawful destruction, and include:

3.0.1. Service Access Control. The Subscription Service provides user and role-based access controls. Data Controller is responsible for configuring such access controls within its instance.

3.0.2. Logging and Monitoring. The production infrastructure log activities are centrally collected and are secured in an effort to prevent tampering and are monitored for anomalies by a trained security team.

3.0.3. Data Separation. Customer Data shall be maintained within a logical single-tenant architecture on multi-tenant cloud infrastructure that is logically and physically separate from Xgeneration’s corporate infrastructure.

3.0.4. Service Continuity. The production database servers are replicated in near real-time to a mirrored data centre in a different geographic region.

3.0.5. Testing. Data Processor regularly tests, assesses and evaluates the effectiveness of their information security program and may periodically review and update such program to address new and evolving security technologies, changes to industry standard practices, and changing security threats.

3.1 Deletion of Personal Data

Upon termination or expiration of the Agreement, Data Processor shall return and delete Customer Data, including Personal Data contained therein, as described in the Agreement.

 

3.2 Data centres

Data Processor will host Data Controller’s instances of the Subscription Service in data centres located in the geographic regions specified on the Order Form.

3.3 Data Protection Act Impact Assessment (DPIA).

Data Processor will, on request, provide Data Controller with reasonable information required to fulfil Data Controller’s obligations under GDPR to carry out data protection impact assessments, if any, for the Processing of Personal Data within the Subscription Service.

3.4 Prior Consultation

Data Processor shall provide reasonable assistance (at Data Controller's expense) in connection with any prior consultation Data Controller is required to undertake with a supervisory authority under Data Protection Laws with respect to the Processing of Personal Data in the Subscription Service.

3.5 Data Processor Assistant

Data Processor will assist Data Controller in ensuring compliance with the Data Controller’s obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of Processing by providing the Data Controller with reasonable information requested pursuant to the terms of this DPA, including information required to conduct Data Controller’s security risk assessment and respond to Data Subject Requests (defined below). For clarity, Data Controller is solely responsible for carrying out its obligations under GDPR and this DPA. Data Processor shall not undertake any task that can be performed by Data Controller.

3.6 Data Protection Contract

Xgeneration and its Sub-Processor Affiliates (defined below) will maintain a dedicated data protection team to respond to data protection inquiries throughout the duration of this DPA and can be contacted at service@xgeneration.co.uk

 

3.6.1 Use of Sub Processors Data Controller authorizes Data Processor to engage Sub-Processors appointed in accordance with this policy to support the provision of the Subscription Service and to deliver Professional Services as described in the Agreement.

4.0 Cookies and Web Beacons

Like any other website, Xgeneration uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors browser type and/or other information.

4.1 Privacy Policies

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Xgeneration, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit. Note that Xgeneration has no access to or control over these cookies that are used by third-party advertisers.

4.2 Third-Party Privacy Policies

Xgeneration's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt out of certain options.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.

4.3 Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Xgeneration does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

4.4 Online Privacy Policy Only

Our Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Xgeneration. This policy is not applicable to any information collected offline or via channels other than this website.

5.0 Consent

By using our website and signing a contract with Xgeneration for therein defined service you hereby consent to our Privacy Policy and agree to its terms.

bottom of page