Privacy Policy | Sapling Servers
Get 20% off your first 3-months with discount code STAYATHOME at checkout



Privacy Policy

Sapling Servers is a trading name associated with Sapling Servers Limited. By ordering a service from Sapling Servers you hereby agree to the privacy policy below;
Information we collect about you

Any information we collect about you during the ordering and signup process is the only data we store. However, an IP address, and hostname is automatically stored for security purposes every time you login.

When using our control panel, actions are logged and stored along with a date and time stamp and the IP address used.

How your information is used

The information you provide is solely used for billing and notification purposes (so we can contact you with invoices, support etc). Your name, address and email are passed to our third-party payment processors - Stripe and PayPal to verify credit/debit card ownership and provide ourselves with fraud protection.

We do not store any personal financial information provided to us while making a payment, nor do we share this information with 3rd parties. Should this change at any point you will of course be contacted in advance.

GDPR Specifics

These terms are specific to privacy and handling of your personal data intrusted to us as set out within the general data protection regulation.

The right to be informed

We provide all our terms and privacy policy documents on this very page. An account and order cannot be placed without first agreeing to our terms of service.

The right of access

We provide an all in one self-service client area that gives you access to login, view and update all personal information we store. This includes your name, email address, postal address, phone number, security question(s) and your password.

The right to be forgotten

If you wish to have your data removed as part of the GDPR "right to be forgotten" you can request this, if the following criteria is met:

  • You have no active services with us
  • You must not have made any payments to us within the last 7 years
  • You are the original account owner

If you meet the above criteria, then please submit a support ticket to our account control department and request for your account to be deleted.

Formal data request (the right to data portability)

As part of this new right introduced by GDPR you’re able to request a report from us containing all information we have on your account.

To receive a copy of this simply submit a ticket to our account control department requesting a report of your personal data. One of our staff will then facilitate this request ASAP.

Your consent

Also introduced within GDPR are changes surrounding how we’re allowed to contact you or update you on certain activities. This includes but is not limited to promotional offers, newsletters etc.

By default, you will not receive any marketing emails of any kind from us. Should you wish to change this you’re able to opt-in to receive these kinds of emails from within your billing (client) area.

Formal data request (the right to data portability)

The data listed below is stored for the mandatory 7 years (84 months) required by HMRC in the event they perform an audit.

  • First and last name
  • Company name (if applicable)
  • Full address including postal / zip code
  • Email address
  • Phone number
  • Country
  • Order records
  • Invoices
  • Any payment transactions
  • Support tickets (including replies)

The timer starts as soon as your account is marked as inactive (this happens when there are no active services, or transactions being added to your account). The timer will reset back to 0 anytime there is account activity detected.

Information listed below which was created more than 12 months ago will be deleted on the 1st of January every year.

  • Client activity logs
  • Sent email logs
  • Ticket attachments
How & where do we store data?

All data is stored in replicated databases for both backup and faster access at two locations within the Europe and three states within the United States. These are as follows:

  • Bristol, United Kingdom
  • New York, United States of America
  • Singapore, Asia

All sensitive password data is securely encrypted, and every system is behind a strict firewall.

Data breach policy

In the event of a detected data breach the ICO shall be informed as well as our customers.

Data protection officer

You’re able to contact our data protection officer directly via email or post:

  • Email – [email protected]
  • Post – FAO Data Protection Officer,
    Sapling Servers Limited,
    270A St. John’s Lane,
    Bedminster,
    Bristol,
    BS3 5AU,
    United Kingdom.