Hello. We are Toasted Digital
Websites, Microsites & Games #❤
0 / 100
Updated 24th May 2018
If you have any questions about your personal data, privacy or security, please contact [email protected] - You may also contact us at:
Toasted Digital Ltd
Unit 606 Cannon Wharf
London SE8 5EN
The data we collect
We may collect the following data.
What we do with the data
We only use this data in the legitimate interest of the day to day running of our business. This includes:
We use third-party processors to process some data on our behalf. We only use processors with clear GDPR commitments, and only in the legitimate interest of running our business and delivering your projects.
We may use:
A note on GoCardless
Internal Data Proccessing
We process some data internally in the legitimate interest of running our business and delivering your projects.
We may use
Toasted Digital takes security seriously. We:
At this time, we don't use your data for anything other than delivering your projects (including communicating with you about them) and administering our business in accordance with local (English) law. If this were ever to change (for example if we started a mailing list), we would require consent from you to use your data in this way.
Request of data or deletion
You can request a copy of, or request deletion of the data we hold on you at any time. Please see:
Please see our data breach policy for what happens in the event of a data breach.
Toasted Digital is still in the process of reviewing its legacy data in relation to our data retention schedule. We hope to have this process completed by the end of 2018.
If your website is hosted with Toasted Digital, you and we both have responsibilities with regards GDPR and any personal data that you choose to upload to our servers.
Hosting clients are responsible for the security of their code and processing of any personal data uploaded to their server space.
By default, we do not access client hosted data unless we are asked to undertake specific tasks by a client. Clients maintain the position of primary administrator for their websites and data. Toasted Digital only provides hosting space for clients, and ultimately clients control what data processing will occur in this space.
As a hosting client, you are required to obtain and handle all personal data in accordance with GDPR. If you do not, we will suspend your account until you can resolve this.
If Toasted Digital becomes aware of any issue that arises from code uploaded to your server space by you or on your behalf that could threaten the security of your server space or our extended servers as a whole, we will suspend your account until you can resolve it.
We will also suspend any accounts found to be:
We'll always reach out to you to see if we can help and assist in any way in making sure you adhere to our terms of service.
What we do
We may store login credentials for your hosting space and content management systems so that we can perform ad hoc and agreed regular maintenance tasks for you. These are encrypted in our password manager using AES256 bit encryption with PBKDF2 SHA256, 4096 iterations. They are shared internally on a need to know basis only and subject to our password policy.
We take security on our servers very seriously, so our third-party suppliers and we take regular actions to maintain the security of our servers. Please find their GDPR commitments:
If you are a maintenance client, we may also perform other security tasks. Such as:
Addtional key information