This policy covers how we use your personal information. We take your privacy seriously and will take all measures to protect your personal information. Any personal information received will only be used to fulfill your order, and for internal analytical purposes.
We will NEVER sell your personal information to any entity or source. Period.
The long version:
- When we say ‘we’, ‘us’ or ‘Gecko’ it’s because that’s who we are and we own and run the Sites.
The type of personal information we collect
- We collect certain personal information about visitors and users of our Sites.
- The most common types of information we collect include things like: usernames, email addresses, IP addresses, personal contact details, survey responses, blogs, photos, payment information such as payment agent details, transactional details, tax information, support queries, blog comments, content you direct us to make available on our Sites (such as support tickets) and web analytics data. We will also collect personal information from job applications (such as, your CV, the application form itself, cover letter and interview notes).
How we collect personal information
- We collect personal information directly when you provide it to us, automatically as you navigate through the Sites, or through other people when you use services associated with the Sites.
- We collect your personal information when you provide it to us when you complete membership registration and buy e items or services on our Sites, subscribe to a newsletter, email list, submit feedback, enter a contest, fill out a survey, or send us a communication.
Personal information we collect about you from others
- Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
- financial and/or transaction details from payment providers located in the US, UK, Australia and New Zealand in order to process a transaction;
- other third party sources/ and or partners from New Zealand, Australia, US or UK, whereby we receive additional information about you (to the extent permitted by applicable law), such as demographic data or fraud detection information, and combine it with information we have about you. For example, fraud warnings from service providers like identity verification service. We also receive information about you and your activities on and off the Gecko platform through partnerships, or about your experiences and interactions from our partner ad networks.
How we use personal information
- Typically, your information is not accessed, however when required, we use your personal information:
- To fulfil a contract, or take steps linked to a contract: in particular, in facilitating and processing transactions that take place on the Sites, like where you purchase an item from our Sites.
- Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
- operating the Sites;
- providing you with services described on the Sites;
- verifying your identity when you sign in to any of our Sites;
- responding to support tickets, and helping facilitate the resolution of any disputes;
- updating you with operational news and information about our Sites and services e.g. to notify you about changes to our Sites, website disruptions or security updates;
- carrying out technical analysis to determine how to improve the Sites and services we provide;
- monitoring activity on the Sites, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the Sites;
- managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey;
- managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
- training Gecko staff about how to best serve our user community;
- improving our products and services.
- providing general administrative and performance functions and activities; and
- processing your job application to Gecko.
- Where you give us consent:
- providing you with marketing information about products and services which we feel may interest you; and
- For purposes which are required by law.
- For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
Other ways we may use your personal information
We use emails to communicate with you, to confirm your placed orders, and to send information that you have requested. There are two types of email communications that we provide, as outlined above. One type of e-mail is legally required. Legally required emails cover ICANN mandated verification emails, renewal notices and any other policy or procedure created by ICANN which governs the purchase of domains. Additionally, we may be required by law to serve notices to you such as DMCA Takedown Notices, UDRP notices, etc. Or, we may deem a change to one of our policies to be material and, therefore, determine a duty (though not a legal requirement) to inform you of this change. These types of communications do not fall under any of our opt-out procedures.
We do our best to limit promotional types of emails to communications that we believe will be useful to you. These cover special offers, new products and services and other benefits that we try to ensure would be beneficial to you. As mentioned earlier, you have the ability to opt-out of these communications.
- Legally Required Disclosure
We will never give out your information without your permission or in ways other than as outlined in this policy. The only exceptions to this are when we are required by law, in the good faith belief that such action is necessary in order to conform to the edicts of the law, or when we must comply with a legal process served on our website.
If we change our information-handling practices or other privacy aspects, we will post those changes on this privacy statement. If we make any material changes we will notify you by means of a notice on this site prior to the change becoming effective, and we may also try to notify you through email of the privacy changes, if necessary.
From time to time through our support channels, we require access to your personal information that we have stored on our system to ensure we are indeed speaking to the correct customer. This is done to verify you as a customer, while ensuring we are not giving out sensitive information to anyone other than yourself. For example, if you request support through live chat, you’ll be asked to verify yourself by answering some security questions
Further, to prevent fraud, some products we offer require further identification. This may include a passport photo or proof of residence. This information is stored securely on your customer file and will never be sold or transferred to any person or entity.
- Domain WhoIs Contact Information
We are required by ICANN guidelines, and/or the Registries who issue domains, to collect and retain certain personally identifiable information. This information is required to be kept current and may be accessed for changes through your customer Account Panel. This information is further required by law to be made publically available unless you choose to use a privacy service to anonymize the information, such as WhoisGuard. Finally, ICANN requires that registrars must retain the Whois information, whether or not protected by a privacy service, for two (2) years after the domain expires or you are no longer the registrant.
Because domain name registration information is available to the public, anyone can access it through “Whois” searches. At times, our customers may be included within these searches. However, the spam they receive does not in any way come from GeckoHost and please note that we have no control over this information once it is available to the public.
- Personal Information Following Termination of Account
When your GeckoHost account is cancelled (either voluntarily or involuntarily) all of your personally identifiable information is placed in “deactivated” status within our corresponding databases. However, you should that deactivation of your account does not mean your personally identifiable information has been deleted from our database entirely. We will retain and use your personally identifiable information, if necessary, in order to resolve know disputes, enforce our agreements and/or as required by laws or regulations.
We post customer testimonials on our website which may contain personally identifiable information. These testimonials are pulled from public environments such as (but not limited to) Facebook. As they are in the public domain already, we may not ask for permission to post them on our website. If you would like a testimonial removed, please get in touch with our support team.
When we disclose your personal information
- We will disclose personal information to the following recipients:
- subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above), in particular: datacenters, reseller opportunities and parent hosting companies which are located in New Zealand, Australia, US and UK; security and fraud prevention services which are located in the US; payment processing services which are located in the US, UK and Australia; identification verification services located in the US; and operational tooling services which are located in the US. Noting that our subcontractors and services providers may also transfer and access such information from other countries in which they have operations.
- our professional advisers (lawyers, accountants, financial advisers etc.) which are located in New Zealand.
- regulators and government authorities in connection with our compliance procedures and obligations;
- a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;
- a third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity;
- a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
- a rights holder in relation to an allegation of intellectual property infringement or any other infringement; and
- other recipients where we are authorised or required by law to do so.
Where we transfer and/or store your personal information
- We are based in New Zealand so your data will be processed in New Zealand, United Kingdom and the United States. Information is only transferred internally between the organization and its parent hosting partners.
How we keep your personal information secure
- We store personal information on secure servers that are managed by us and our service providers, and occasionally hard copy files that are kept in a secure location in the United Kingdom and New Zealand. Personal information that we store or transmit is protected by security, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How you can access your personal information
- You can access some of the personal information that we collect about you by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close the account you have with us for any of our Sites at any time. To make an access or correction request, contact our privacy champion by emailing email@example.com
Marketing Choices regarding your personal information
- Where we have your consent to do so (e.g. if you have become a myGecko client or registered to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
- You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our Sites may not work properly in your case.
Cookies (not the type you eat!) and web analytics
- When you visit our Sites, there’s certain information that’s recorded which is generally anonymous information and does not reveal your identity. If you’re logged into your account some of this information could be associated with your account. We’re talking about the following kinds of details:
- your IP address or proxy server IP address’;
- the domain name you requested;
- the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
- the date and time of your visit to the website;
- the length of your session;
- the pages which you have accessed;
- the number of times you access our site within any month;
- the file URL you look at and information relating to it;
- the website which referred you to our Sites; and
- the operating system which your computer uses.
- Occasionally, we will use third party advertising companies to serve ads based on prior visits to our Sites. For example, if you visit our Sites, you may later see an add for our products and services when you visit a different Site.
Information about children
- Our Sites are not optimised for children under the age of 16 years, so if you are under 16 we ask that you do not use our Sites or give us your personal information (if you are a young tech wiz, please direct your nearest responsible adult to use the Sites for you!). If you are from 16 to 18 years, you can browse the Sites but you’ll need the supervision of a parent or guardian to become a registered user. It’s the responsibility of parents or guardians to monitor their children’s use of our Sites.
Information you make public or give to others
- If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that data. There are lots of ways that you can find yourself providing information to other people, like when you post a public message on a blog thread, share information via social media. Before making your information publicly available or giving your information to anyone else, think carefully.
How long we keep your personal information
When we need to update this policy
- We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
- When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
How you can contact us
- If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy champion by emailing firstname.lastname@example.org
If you’re a user or visitor in the European Economic Area these rights also apply to you:
- For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.
How you can access your personal information
- You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
- These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
- Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
- If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.