Last updated: June 12, 2026 · Data Controller: Renovarix Ltd.
1. Who we are
Renovarix Ltd. ("Renovarix", "we") is the data controller for personal data collected through renovarix.cloud. Registered address: 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom. Contact: privacy@renovarix.cloud
2. Data we collect
We collect the following categories of personal data:
- Account data: Name, email address, phone number, billing address
- Payment data: Card last four digits, billing country (full card data is processed by our PCI-compliant payment provider and never stored by us)
- Domain data: Domain names searched or renewed, WHOIS information, DNS records
- Technical data: IP address, browser type, device information, pages visited
- Communication data: Support tickets, chat transcripts, email correspondence
3. How we use your data
We process your data for the following purposes and legal bases:
- Contract performance: Processing renewals, managing your account, providing DNS services
- Legal obligation: Maintaining accurate WHOIS records per ICANN policy, responding to legal requests
- Legitimate interests: Fraud prevention, service improvement, security monitoring
- Consent: Marketing communications (opt-in only), non-essential cookies
4. Data sharing
We share data only when necessary:
- Domain registries: WHOIS/RDAP data submitted per ICANN requirements
- Payment processors: To process transactions securely
- Service providers: Hosting, email delivery, analytics (under data processing agreements)
- Law enforcement: When required by valid legal process
We do not sell your personal data to third parties.
5. International transfers
Data may be processed in the UK and EU. Where data is transferred outside the UK/EEA, we use Standard Contractual Clauses (SCCs) approved by the UK ICO and European Commission to ensure adequate protection.
6. Data retention
Account data is retained for the duration of your account plus 6 years for legal and tax purposes. WHOIS data is retained per ICANN policy. Support communications are retained for 3 years. Analytics data is anonymized after 26 months.
7. Your rights (GDPR)
If you are in the UK or EEA, you have the right to:
- Access your personal data (Subject Access Request)
- Rectify inaccurate data
- Erase your data ("right to be forgotten") where legally applicable
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with the ICO (UK) or your local supervisory authority
To exercise your rights: privacy@renovarix.cloud
8. Cookies
We use cookies for essential functionality, analytics, and preferences. See our Cookie Policy for full details and how to manage your preferences.
9. Security
We implement TLS encryption, access controls, regular security audits, and PCI-DSS compliant payment processing. No method of transmission over the internet is 100% secure; we encourage strong passwords and two-factor authentication.
10. Children's privacy
Our services are not directed at individuals under 18. We do not knowingly collect data from minors.
11. Changes
We will notify you of material changes to this policy via email or prominent website notice at least 30 days before they take effect.