This policy explains how Cloud PA collects, uses, shares and protects your personal data, and the rights you have over it. We are committed to handling your information lawfully and transparently in line with UK data protection law.
1.Who we are
Cloud PA is a trading name of Jara Technologies Limited, a company registered in England & Wales (Company Number 17048384), with its registered office in Watford, United Kingdom. In this policy, "we", "us" and "our" refer to Jara Technologies Limited.
We are the data controller responsible for your personal data when you visit our website, make an enquiry, or use our services. You can contact us about this policy or your data at support@cloudpa.io.
This policy is governed by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2.Information we collect
Information you give us
When you complete our enquiry or "Get your website" forms, contact us, or become a customer, we collect information such as:
- Identity & contact details — your name, business name, email address, phone number and the town or city you operate in.
- Enquiry content — your industry and any message or details you send us about your business and what you need.
- Customer & build details — information needed to build and run your website, including content, images and preferences you provide, and your chosen domain name.
- Payment information — when you pay a build fee or subscribe to a hosting plan. Payments are processed by Stripe; we do not store your full card details.
Information we collect automatically
- Technical data — your IP address, browser type, and the date/time of form submissions, collected for security, fraud prevention and to operate our forms.
- We do not use advertising or tracking cookies on this website. See our Cookie Policy.
Information from other sources
For business-to-business marketing, we may collect limited business contact information from publicly available sources such as Companies House, business directories and public web pages (for example a business email address, trading name and registration status).
3.How and why we use your information
We only use your personal data where the law allows us to. The lawful bases we rely on under UK GDPR are set out below.
| What we do | Lawful basis |
|---|---|
| Respond to your enquiry and provide information you request | Our legitimate interests (to answer enquiries) / steps prior to a contract |
| Build, deliver, host and maintain your website | Performance of a contract with you |
| Take payment and manage your account | Performance of a contract; legal obligation (accounting) |
| Register and transfer a domain in your name | Performance of a contract |
| Send business-to-business marketing emails | Our legitimate interests (see section 4) and, where required, your consent |
| Keep our services secure and prevent fraud or abuse | Our legitimate interests; legal obligation |
| Comply with our legal and regulatory obligations | Legal obligation |
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms. You can object to such processing at any time (see section 8).
4.Business-to-business outreach
We may send marketing emails to businesses (limited companies, LLPs and PLCs) about our website services, relying on our legitimate interests and the "corporate subscriber" rules under the Privacy and Electronic Communications Regulations 2003 (PECR). Every marketing email tells you who we are and gives you a simple way to opt out. If you ask us to stop, we will, and we will add you to our suppression list so you are not contacted again.
5.Who we share your information with
We do not sell your personal data. We share it only with trusted service providers ("processors") who help us run our business, and only as needed. These providers act on our instructions and are bound by contracts requiring them to protect your data. They include:
| Provider | Purpose |
|---|---|
| Amazon Web Services (AWS) | Email delivery and cloud infrastructure (London region where available) |
| Cloudflare | Website hosting, file storage, content delivery and security |
| DigitalOcean | Application servers and database hosting |
| Stripe | Secure payment processing |
| Anthropic | AI services used to help generate website content |
| Business listings data, web fonts, and (for customer sites) analytics/search tools | |
| Professional advisers | Accountants, lawyers and auditors where required |
We may also disclose your information if required to do so by law, to enforce our terms, or to protect our rights, property or safety, or those of others.
6.International data transfers
We aim to keep your data within the UK and European Economic Area (EEA) where possible. Some of our providers are based outside the UK (for example in the United States). Where your data is transferred outside the UK, we ensure an appropriate safeguard is in place, such as an adequacy decision, the UK International Data Transfer Agreement, or Standard Contractual Clauses, so your data receives an equivalent level of protection.
7.How long we keep your information
We keep personal data only for as long as necessary for the purposes we collected it for, including to satisfy legal, accounting or reporting requirements. In general:
- Enquiries that don't become customers — kept for up to 24 months, then deleted or anonymised.
- Customer records — kept for the duration of our relationship and for up to 6 years afterwards to meet legal and tax obligations.
- Suppression / opt-out records — kept indefinitely so we can honour your request not to be contacted.
8.Your rights
Under UK data protection law you have the right to:
- Be informed about how we use your data (this policy).
- Access a copy of the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data ("right to be forgotten"), in certain circumstances.
- Restrict or object to our processing, including direct marketing.
- Data portability — receive your data in a portable format.
- Withdraw consent at any time, where we rely on consent.
To exercise any of these rights, email us at support@cloudpa.io. We will respond within one month. There is usually no charge, and we may need to verify your identity first.
9.How we protect your information
We use appropriate technical and organisational measures to keep your data secure, including encryption in transit (HTTPS), access controls, secure cloud infrastructure and continuous monitoring. No method of transmission over the internet is completely secure, but we work hard to protect your data and have procedures in place to deal with any suspected breach.
10.Cookies
Our website does not use advertising or third-party tracking cookies. For full details of the limited, essential technologies we use, please see our Cookie Policy.
11.Children
Our services are intended for businesses and are not directed at children. We do not knowingly collect personal data relating to anyone under 18.
12.Changes to this policy
We may update this policy from time to time. When we do, we will revise the "last updated" date above. If we make significant changes, we will take reasonable steps to let affected customers know.
13.Contact us & complaints
If you have any questions about this policy or how we handle your data, please contact us:
Jara Technologies Limited (trading as Cloud PA)
Watford, United Kingdom
Email: support@cloudpa.io